Reset Search
 

 

Article

KB40496 - Internet Key Exchange (IKEv2) connection drops after 180 seconds when using LDAP as a Directory/Attribute server in the realm

« Go Back

Information

 
Last Modified Date3/17/2017 11:00 PM
Synopsis
This article describes an issue when all IKEv2 tunnels drop after 180 seconds on the Pulse Connect Secure appliance when using LDAP as a directory/attribute server in the realm configuration.
Problem or Goal
When configuring LDAP as a user directory/attribute on the realm for an IKEv2 connection, all active IKEv2 tunnels will be disconnected after 180 seconds from initial login. Although the IKEv2 tunnel is dropped on the PCS side, user sessions will remain active.
User-added image

The following PCS releases are affected by this issue: 

  • 8.0R7+
  • 8.1R1+
  • 8.2R1+
Cause

This issue occurs due to a code change in 8.0R7, 8.1R1, and 8.2R1. For the following issue to occur, all conditions should be met:
  • Users are connecting using IKEv2
  • LDAP Authorization is selected under User Directory/Attribute for the realm that the IKEv2 connection are being made for
Solution
This issue is resolved in the following releases, 8.1R12 and 8.2R8 and up.

Workaround

If an upgrade is not possible, use one of the following options below:
  • Migrate users from using IKEv2 to Pulse Client
  • Disable or remove LDAP from the User Directory/Attribute for the IKEv2 realm
Related Links
Attachment 1 
Created ByDarryl Wong

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255