Client firewalls, Anti-Malware, Anti-Spyware and Anti-Virus can prevent the installation and upgrade of Pulse components. The following guidelines should be followed to allow access to these processes.
(Note: The following list is based on 8.3 releases and only includes rebranded Pulse Secure executables. For 8.1 releases and older, go to the Technical Support Documentation for Pulse Connect Secure, select the appropriate version and refer to the Client Side Changes Guide. (See KB9085 for more information.)
- Check GPO policies for managed endpoints to verify that Pulse Secure components are permitted. (See list below).
- Ensure the following ports are open for Network Connect/Pulse to install/launch.
- UDP port 4242 on local loopback address (for Network Connect only)
- TCP port 443
- UDP port 4500 for ESP mode with VPN tunneling
- If firewall filters are based on Application Name, use the following table to determine the process to permit.
Pulse Desktop Client
Legacy VPN client (Network Connect/NC)
If software restrictions on the client PC are applied to folder directories, the following file paths should be allowed:
%PROGRAMFILES(X86)%\Common Files\Pulse Secure (64-bit system)
%PROGRAMFILES%\Common Files\Pulse Secure (32-bit system)
- It may be necessary to stop the service that is associated with a Firewall, AV or Anti-Malware service so that a user can test installing the Pulse Secure application without any restrictions. If the user is able to install Pulse Secure components with one of these services stops then this can narrow down the program applying the restriction. Refer to third party vendor documentation for instructions on doing this.