Solved

Junos pulse when connected does not allow to access internet

Posted on 2014-04-04
5
22,397 Views
2 Endorsements
Last Modified: 2016-06-18
Junos pulse when connected does not allow to access internet
When i connect via the Junos Pulse VPN client and take a session then internet on my local system does not.

I have a broadbard connected and only when my VPN is connected my browser fails to open any pages.

Any tweeks?
2
Comment
Question by:mtthompsons
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 39979640
i was suspecting split tunnel is disabled. All network traffic from the endpoint goes through the VPN tunnel. Local networks are not available. There is an explanation on the various granular limit when it is disabled too. Note: Split tunneling resource policies are not in effect with split tunneling disabled.

All network traffic from the endpoint goes through the VPN tunnel. Local networks are not available. Pulse client users may choose to suspend the Pulse connection to allow local access if the Pulse connection set has the property Allow users to override connection policy enabled. VPN tunneling access control resource policies in effect for the user’s role determine which IP resources the user can access. Split tunneling resource policies are not in effect with split tunneling disabled.

This configuration provides the best security. However, the user has no access to local network resources.

If split tunnel is enabled, then you can further go into  defining the split tunnel resource policy, you can map to the user assigned role.


There is even a more interesting to manipulate with route metric even if split tunnel is disabled. But it will not be scalable as the patch for the vpn client will need to reverse back to old patch version...
0
 
LVL 37

Expert Comment

by:bbao
ID: 39980047
the common cause of the symptom is the option 'use the remote server as the default gateway' is checked in VPN configuration and the remote site does not allow internet access for VPN client.

make sure the above option is unchecked and see what happens.
0
 
LVL 63

Expert Comment

by:btan
ID: 39980845
also good to note Juniper Networks VPN Tunneling adapter (Network Connect or Junos Pulse) default gateway is blank or 0.0.0.0 on Windows client, see the kb details here

When you have disabled Split Tunneling, the Default Gateway is set to your VPN Tunneling IP since all network traffic from the client should go through the tunnel. In Windows XP, VPN Tunneling routes are added with a lower metric (the route with the lowest metric is the one which will be used), but in Vista/7 the local routes are removed completely to ensure all traffic is routed through the VPN tunnel.  (See KB17354 for more information.) The Default Gateway is also set to your VPN Tunneling IP when you have chosen Allow access to local subnet, but SA will preserve the route on the client retaining access to local resources such as printers.
0
 

Author Comment

by:mtthompsons
ID: 39981341
Thank you all. Is there a direct solution for this?
Like a proven reason the internet does not work and steps to have it enabled even when connected via VPN
0
 
LVL 63

Expert Comment

by:btan
ID: 39981909
http://kb.juniper.net/InfoCenter/index?page=content&id=KB9306

Pls see above for troubleshooting guide from Juniper. You will need to share any error code or troubleshooting else it will be difficult to isolate. The a/m are common configuratiin thta may lead this symptoms.
0

Featured Post

Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco EAP TLS, ACS and changing Root CA 4 74
CertificateAuthority and Firefox 4 37
Problem to setting 16 39
Developers / Staff Setup 10 37
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
A hard and fast method for reducing Active Directory Administrators members.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question