Reset Search
 

 

Article

KB40673 - Pulse Mobile for iOS are unable to connect to Pulse Connect Secure and prompted with the error message "The Server is not responding"

« Go Back

Information

 
Last Modified Date10/23/2017 9:38 PM
Synopsis
This article describes an issue where Pulse Mobile for iOS are unable to connect to Pulse Connect Secure (PCS) and prompted with the error message "The Server is not responding".
Problem or Goal
When Pulse Mobile for iOS users attempts to connect to the Pulse Connect Secure (PCS) device, the following error message will appear:
The Server is not responding

In the PulseSecurePluginApp.log (from the Pulse logs, the following message will appear:
Pulse Mobile[p1399.t1027] error Session connection for 
https://XXXXXX/dana/home/mobile_params.cgi failed with error: 
Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and 
it is impossible to establish a secure connection with the server." 
Cause
This issue occurs when one of the following conditions are true:
  • Server certificate trust enforcement is enabled on the Pulse Connect Secure (PCS) device.  If this option is enabled, the endpoint must be able to validate and trusted the device certificate from the PCS device or the connection will fail.
  • Pulse Mobile client is receiving a response not from a Pulse Connect Secure (PCS) device.  This is a rare issue due to a dns propagation issue pointing to incorrect IP address.

Most common reason the device certificate is untrusted is due to utilizing the self-signed certificate or certificate issued from a private certificate authority.
Solution
To resolve this issue, Pulse Secure recommends to install a device certificate issued from a public certificate authority (CA).  This will avoid the need to manually install or push root certificates to all applicable endpoints.  If alternative methods are needed, please perform one of the following methods:

Method 1: Self-signed certificate

If a self-signed certificate is used, it is not recommended to enable the server certificate trust enforcement option.  Pulse Secure recommends to install a device certificate that is issued from a public or private ca.  However, if this is a non-production device, please perform the following steps to disable this option:
  1. ​Login to admin console
  2. Navigate to Configuration > Mobile
  3. Under Server certificate trust enforcement, select the radio button for disabled

User-added image

Note:  By default, this option is disabled.

 


Method 2:  Private Certificate Authority (CA)

If the device certificate is issued from a private ca, please utilize an third party MDM solution to push the private ca to all applicable endpoints.  This will allow to endpoints to properly trusted the device certificate.

Related Links
Attachment 1 
Created ByLokesh T K

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255