In PCS version 5.0R4 and above VPN Tunneling client started adding the following entry to the beginning of the hosts file to ensure that the PCS hostname resolves to the same IP which it resolved to before the tunnel was launched; this has carried over into the Pulse Secure Desktop client.
#For NC, no new entry above, between this and next comments
#end of NC entry
- Hosts Entry for PCS is added in the hosts file (for Network Connect and Pulse Secure Desktop client) on the local computer.
- The Hosts Entry is modified by “dsNcService” or “dsAcccessService” which runs in system context. No other permissions are needed. At a graceful termination (sign-out or timeout) of the VPN client connection, the Hosts file is restored. If the Hosts file was not restored in a prior case due to an ungraceful termination, the Hosts file will be restored at the next time when the user launches Network Connect or Pulse Secure Desktop client.
Furthermore, if your environment requires end users not to have Administrator Privileges the scenarios listed above will support the PCS Hosts file modification. Modification of the Hosts file is not necessary for Network Connect or Pulse Secure Desktop client to launch.
Please note: If there are changes made to the hosts file while the VPN session is open, these will be removed when the session is ended as the original file is restored