To resolve this problem, please upgrade to Pulse Desktop Client 9.0R3 and above.
In the Pulse Desktop Client 9.0R3 and above, the logic was changed to stop evaluating location awareness rules for any connections with the same server-id attribute after a VPN tunnel is created. When deploying lock down mode with multiple connections, the recommendation are the following:
- All connections must be created from one Pulse Connect Secure device to ensure the same server-id attribute is populated. If there are multiple PCS devices, export the connection using XML export (from the master) and import to all other devices.
- Configure the same location awareness rule for all connections.
- Enable lock down mode for all connections. (To disable lock down mode during a connection attempt, the feature must be enabled on the connection)
- Recommended deployment method is all connections should be manual. If an automatic connection is required, only one connection can be automatic to avoid multiple connections starting at the same time.