Reset Search



KB28273 - Host Checker is looping when evaluating policy

« Go Back


Last Modified Date1/17/2017 4:57 PM
This article describes an issue where Host Checker continues to evaluate policies, but never completes.
Problem or Goal
When the end user attempts to login to the Pulse Connect Secure (PCS) device, the Host Checker evaluation may continue to evaluate policies and never complete.

Host Checker Loading
This issue will occur when there are a large number of Host Checker (HC) policies are configured for evaluation on Realm/Role.  Since the HC policies information is stored in the session cookie, this will inadvertently increase the size of the cookie.
Currently, the session cookie size limitation cannot be increased as the max cookie size will depend on the client's browser settings as well as the Pulse Connect Secure device.

Potential workarounds:

  1. Reduce HC policy count by deleting unnecessary policies or summarizing duplicate policies using a wildcard.
  2. Use Pulse Secure Desktop Client.

In general, most browser vendors have a limitation of 4 Kb per cookie.  For more information about browser cookie size limitation by vendor, refer to

Logs to collect:

To help root cause the following issue, please gather the following logs:
  • Enable debug logging (Maintenance > TroubleShooting > Monitoring > Debug Log) on the PCS device with the following event codes: TNCS,Auth,Welcome,HC (Level 20 / Size 50)
  • After debug logging is enabled, please replicate the issue and take a system snapshot (Maintenance > TroubleShooting > System Snapshot) and ensure the checkbox for Include system config and Include debug log are enabled.
  • Obtain the client side debug logs and system snapshot and attach this to the support case
Related Links
Attachment 1 
Created ByData Deployment



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255