03-20-2011 11:24 AM
since i upgraded to R7.1R1 the Pulseclient in our environment always loses connection and reconnects right away. Userlog shows the users always lose their Network ACL just to get them again afterwards.
Anyone encountered that before?
03-01-2012 12:02 AM
I encountered the same issue. Its weird because my users can connect via dongle without issue. However, once connected to the home wireless network, this problem creeps in. The connection basically connects and disconnect immediately and repeats. Same ACL 0 message shown right before the disconnection.
Does pulse require network discovery to be turned on for its connection to stay alive?
Anyone knows which log file will show the reason pulse disconnected from? Some help in interpreting the logs will be appreciated too.
03-01-2012 12:40 AM
Hello, i sadly have no solution for you, just wanted to let you know that we downgraded to 7.0R5 because we needed to launch the new VPN solution and did not encouter the problem anymore.
Just to let you now how we handled this. Im not sure if newer versions of 7.1 might fix that problem. I will schedule extensive testing though if and when we upgrade to 7.1
03-01-2012 01:22 AM
Hey warror, thanks.
Troubleshooting VPN has/will always been a challenging affair...
Forgot to add that we are on 7.1R5 and pulse v2.1. (So you probably can start budgeting for your extensive test..)
It would be great if some SSL VPN expect here can educate the rest of us on how to see critical portions of the log to at least identify what triggered pulse to disconnect repeatedly. Else, the troubleshooting process would basically involve trial and error which, for the administrators, is really inefficient.
03-01-2012 10:47 AM
I am not familiar with the ACL 0 message. Does this appear in the debuglog.log? If so, please provide the a little portion of the log.
The usual steps to trouble shoot the issue would be reviewing the debuglog.log on the client machine and the access log on the SA.
03-01-2012 11:06 AM
The ACL=0 count for the user _should_ be just informative and not be an issue (you should see ACL counts each time a user launches the VPN client).
When looking at the client-side log, you would want to search for "disconnect[ed] from[host] for reason: [number]"
Do you see any other messages around the failure time (e.g. access denied, Host Checker failure, IP changed)?