This causes a certificate prompt when Pulse connection is being established on end device.
Possible cause: CA certificate that issued the PCS device certificate is not imported in all the required sections on PCS. Possible solution: Make the VPN hostname publicly resolvable or configure host entry in internal DNS Server. Possible cause: VPN hostname is not resolvable from user device. Possible solution: Edit the configured application on Pulse Workspace policy and enable it to use Per-App VPN. Possible cause: Desired application is not configured with Per-App VPN network access method on Pulse Workspace policy. When user accesses any managed cloud application, VPN symbol does not appear on the top of the mobile screen. Scenario: Per-App VPN tunnel did not get established automatically on accessing managed cloud application. This configuration is on Service Provider and varies accordingly. Possible solution: Make sure that the user created in the Service Provider has the Required SSO privileges. Possible cause: User created in the Service Provider do not have required privileges. If Identity Provider default configuration is overridden for the specific Service Provider, check if the details under User Identity section for that specific Service Provider are valid. Possible Solution: On Pulse Connect Secure admin console, navigate to Authentication > Signing In > Sign-in SAML > Identity Provider and check if Subject Name Format and Subject Name details configured under User Identity section are valid and should match the user configured in the Service Provider for cloud service access. Possible cause: SAML Response sent by Pulse Connect Secure does not have a viable user identity. Check the signing certificate configured on Service Provider. Possible Solution: On Pulse Connect Secure admin console, navigate to Authentication > Signing In > Sign-in SAML > Identity Provider and check if proper signing certificate is configured. 
Possible cause: Private key used by Pulse Connect Secure to sign the SAML Response does not match the public key certificate that is configured on Service Provider. Possible solution: Re-sync Pulse Connect Secure server clock by configuring reliable NTP Server. Possible cause: Time on Pulse Connect Secure and Service Provider is out of sync. Check User Access Logs on Pulse Connect Secure to verify these SAML messages. Pulse Connect Secure received SAML AuthnRequest from Service Provider and successfully sent SAML Response. Scenario: Pulse Connect Secure successfully sent SAML Response to Service Provider but user did not get access to the cloud service. Possible solution: Configure SAM/VPN Tunneling Access Control Lists on Pulse Connect Secure to allow access to the resource accessed. Possible cause: Access Control Lists are not configured to allow the accessed resource. PULSE DESKTOP CLIENT WINDOWS INTERNAL ERROR FULL
Possible solution: Make the end user device compliant to get assigned to user role with full access. User receives compliance failure notification. Possible cause: Compliance check failed for the end user. Possible solution: On Pulse Connect Secure admin console, navigate to Authentication-> Signing In-> Sign-in SAML-> Identity Provider and configure specific Service Provider to allow access to the user role assigned to the end user. User is not authorized to access the cloud service due to the role assigned. 
Possible cause: Role Based Access Control to the Service Provider failed. Details: You have limited connectivity because your device does not meet compliance policies.” error message on the application and did not get access to the Cloud Service. Details: You are not authorized to access the requested resource." or “ Compliance Check Failed. User either received " Authorization Failed. Pulse Connect Secure received SAML AuthnRequest from Service Provider but did not send SAML Response. Scenario: Pulse Connect Secure failed to send SAML Response to Service Provider. This section outlines common error messages or problems encountered during the integration of Cloud Secure Solution with multiple Service Providers and provides probable solutions to resolve them.
0 kommentar(er)
