Sunday, 16 December 2018

Pulse Secure VPN connections to SRX devices may experience traffic loss to remote-protected resources

Alert Type:

PSN - Product Support Notification
Product Affected:
Pulse Secure Desktop Client 5.1Rx
Windows 10 April 2018 update (Redstone 4, version 1803)
Windows 10 October 2018 update (Redstone 5, version 1809)
Alert Description:
Pulse Secure Desktop clients on Windows 10 running April or October 2018 updates, may encounter traffic loss issues when attempting to reach remote-protected resources behind SRX.

Traffic loss will exhibit the following characteristics:
  • Client traffic will arrive at SRX via VPN tunnel as ESP packets
  • SRX will decrypt traffic and pass to remote-protected resource
  • Remote-protected resource will reply sending traffic back towards SRX
  • SRX will encrypt traffic and send to client via VPN tunnel as ESP packets
  • ESP VPN packets will be received by client LAN adapter
  • Decrypted packets will not be reported on VPN virtual adapter
  • Client application will not report receiving packet from remote-protected resource
Solution:
Pulse Secure continues to investigate solution options related to the traffic processing in the client virtual adapter.

At this time, there are no known work-arounds while using SRX Dynamic-VPN while using Pulse Secure Desktop clients on Windows 10.

This article will be updated monthly or upon any new progress updates.
Implementation:
Windows 10's update version in use can be located as follows:
  •    Right click on Start/Windows bar
  •    Select System
  •    Scroll to Windows Specifications section
  •    Locate Version Number
 
Version #   Release Date  Marketing Name
  • 1509        Jul 2015       (Threshold 1)
  • 1511        Nov 2015      (Threshold 2 / November Update)
  • 1607        Aug 2016      (Redstone 1 / Anniversary Update)
  • 1703        Apr 2017       (Redstone 2 / Creators Update)
  • 1709        Oct 2017       (Redstone 3 / Fall Creators Update)
  • 1803        Apr 2018       (Redstone 4 / April 2018 Update)
  • 1809        Oct 2018       (Redstone 5 / October 2018 Update)
Note:  Windows 10 default behavior is to auto update Microsoft cumulative updates including the April and October 2018 updates
loading...