Reset Search
 

 

Article

KB43665 - Lock down mode exception rules feature

« Go Back

Information

 
Last Modified Date12/19/2018 4:28 AM
Synopsis
This article provides details about the lock down mode exception rules.
Problem or Goal
Cause
Solution
  • Starting in Pulse Connect Secure 8.3R3 and Pulse Secure Desktop client 5.3R3 (Windows), lock down mode exception rules feature was added to allow exception rules for traffic to be allowed when lock down mode is enabled.
  • Starting in Pulse Connect Secure 9.0R2 and Pulse Secure Desktop client 9.0R2, lock down mode exception rules feature was added to include macOS support.

This feature applies only when:
  • Pulse Connect Secure 8.3R3 and Pulse Secure Desktop client (Windows) 5.3R3
  • Pulse Connect Secure 9.0R2 and Pulse Secure Desktop client (macOS) 9.0R2
  • Always-On Pulse client or VPN Only access is enabled
When lock down mode is enabled, the feature is designed to allow only the following traffic:

Windows:

  • UDP/TCP port 88 (Kerberos)
  • UDP/TCP port 389 (LDAP)
  • TCP port 636 (LDAPS)
  • TCP port 445 (NETBIOS)
  • UDP port 67,68,547,546, (DHCP)
  • TCP port 135 (RPC)
  • TCP port 3268 (Global Catalog)
  • UDP/TCP port 53 (DNS)
  • UDP port 5353 (Multicast DNS)

macOS:

  • UDP/TCP port 53 and 5353 (mDNSResponder)
  • UDP/TCP port 123 (sntp)
  • UDP/TCP port 137-139 (NetAuthAgent)
  • UDP/TCP port 111 (kernel_task)
  • UDP/TCP port 88 (kcm)
  • UDP/TCP port 389, 464, 636, 3268, 3269 (opendirectoryd)
If additional applications require network connectivity to other ports (i.e. Anti-virus, malware, etc) prior to the creation of the VPN tunnel, Pulse Secure recommends to configure lock down exceptions rules.  Lock down mode exceptions rules have three configurable options:
  1. Program
  2. Ports
  3. Custom
For more information on configuration steps, please refer to the Pulse Secure Desktop Client Administrator Guide.
Related Links
Attachment 1 
Created ByK. Kitajima

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255