?
Solved

Junos pulse when connected does not allow to access internet

Posted on 2014-04-04
5
Medium Priority
?
23,856 Views
2 Endorsements
Last Modified: 2016-06-18
Junos pulse when connected does not allow to access internet
When i connect via the Junos Pulse VPN client and take a session then internet on my local system does not.

I have a broadbard connected and only when my VPN is connected my browser fails to open any pages.

Any tweeks?
2
Comment
Question by:mtthompsons
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 64

Accepted Solution

by:
btan earned 2000 total points
ID: 39979640
i was suspecting split tunnel is disabled. All network traffic from the endpoint goes through the VPN tunnel. Local networks are not available. There is an explanation on the various granular limit when it is disabled too. Note: Split tunneling resource policies are not in effect with split tunneling disabled.

All network traffic from the endpoint goes through the VPN tunnel. Local networks are not available. Pulse client users may choose to suspend the Pulse connection to allow local access if the Pulse connection set has the property Allow users to override connection policy enabled. VPN tunneling access control resource policies in effect for the user’s role determine which IP resources the user can access. Split tunneling resource policies are not in effect with split tunneling disabled.

This configuration provides the best security. However, the user has no access to local network resources.

If split tunnel is enabled, then you can further go into  defining the split tunnel resource policy, you can map to the user assigned role.


There is even a more interesting to manipulate with route metric even if split tunnel is disabled. But it will not be scalable as the patch for the vpn client will need to reverse back to old patch version...
0
 
LVL 37

Expert Comment

by:bbao
ID: 39980047
the common cause of the symptom is the option 'use the remote server as the default gateway' is checked in VPN configuration and the remote site does not allow internet access for VPN client.

make sure the above option is unchecked and see what happens.
0
 
LVL 64

Expert Comment

by:btan
ID: 39980845
also good to note Juniper Networks VPN Tunneling adapter (Network Connect or Junos Pulse) default gateway is blank or 0.0.0.0 on Windows client, see the kb details here

When you have disabled Split Tunneling, the Default Gateway is set to your VPN Tunneling IP since all network traffic from the client should go through the tunnel. In Windows XP, VPN Tunneling routes are added with a lower metric (the route with the lowest metric is the one which will be used), but in Vista/7 the local routes are removed completely to ensure all traffic is routed through the VPN tunnel.  (See KB17354 for more information.) The Default Gateway is also set to your VPN Tunneling IP when you have chosen Allow access to local subnet, but SA will preserve the route on the client retaining access to local resources such as printers.
0
 

Author Comment

by:mtthompsons
ID: 39981341
Thank you all. Is there a direct solution for this?
Like a proven reason the internet does not work and steps to have it enabled even when connected via VPN
0
 
LVL 64

Expert Comment

by:btan
ID: 39981909
http://kb.juniper.net/InfoCenter/index?page=content&id=KB9306

Pls see above for troubleshooting guide from Juniper. You will need to share any error code or troubleshooting else it will be difficult to isolate. The a/m are common configuratiin thta may lead this symptoms.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question