For customers not using Always-on, VPN only access, Lockdown mode or Traffic enforcement features
To resolve this issue, please upgrade to Pulse Desktop Client 9.0.3.923 (9.0R3.2) and above. The fix involves not loading the Kernel Extension (KEXT) by default when the Pulse Secure Desktop Client is installed.
For customer using Always-on, VPN only access, Lockdown mode or Traffic enforcement features
Pulse Secure is currently investigating further and will keep this KB updated when we have further updates.
Recommended Steps:
Scenario | Short Term | Long Term |
Customers not using Traffic Enforcement or Lock down mode | Option 1: Run the unload kernel extension command: sudo kextunload /Library/Extensions/PulseSecureFirewall.kext Note: The unload command must be run after every reboot / restart of macOS as kernel extension is loaded by default during boot. Option 2:
- Uninstall Pulse Desktop Client 9.0Rx
- Install Pulse Desktop Client 5.3R7 & below. Kernel extension is only supported starting with Pulse Desktop Client 9.0R1 to 9.0R3.1.
| Upgrade to Pulse Desktop Client 9.0R3.2 and above |
Customer using Traffic Enforcement or Lock Down Mode |
- Uninstall 9.0Rx Pulse Desktop client
- Deploy Pulse Desktop Client 5.3R7 & below. Kernel extension is only supported starting with Pulse Desktop Client 9.0R1 to 9.0R3.1.
| TBA |
Note: Pulse Secure officially qualified Pulse Desktop client 5.3R7 for Mojave (
KB43768)