Reset Search
 

 
Article

KB9216 - What executable(s) must be allowed to run in order for Pulse Desktop client or Ivanti Secure access client to install/launch/connect/upgrade?

Printable View
« Go Back

Information

 
Last Modified Date1/9/2018 7:48 PM
Synopsis

This articles provides guidelines in managing restrictions on Windows 10/11 client PC's to allow the Pulse Desktop client or the Ivanti Secure access client to install, launch, connect, and upgrade.
 

Problem or Goal
Users are unable to install, run, and/or upgrade the Pulse/Ivanti desktop client software on Windows systems. 
Cause
Client-side firewall settings, anti-virus restrictions and/or anti-malware software along with GPO settings are most often found to cause restrictions installing, running, or upgrading Pulse Secure client applications.  
Solution

Client firewalls, anti-malware, anti-spyware and anti-virus can prevent the installation and upgrade of the Pulse/Ivanti software components.  The following guidelines should be followed to allow access to these processes.

  • Check GPO policies for managed endpoints to verify that the Pulse Secure/Ivanti components are permitted.  (See list below). 
  • Ensure the following ports are open for the Ivanti Secure access client/Pulse to install/launch.  
    • TCP port 443
    • UDP port 4500 for ESP mode with VPN tunneling
  • If firewall filters are based on application name, use the following table to determine the process to permit. 
(Note: The following list is based on 9.1 releases and only includes rebranded Pulse Secure executables.  For 9.1 releases and older, go to the Client side changes Guide for Pulse Connect Secure, select the appropriate version. (See KB9085 for more information.) 
Component
Process Name
All
PulseSetupClient.cab
install.log
PulseExt.exe
PulseExt64.exe
PulseSetupClient.inf
PulseSetupClient.ocx
PulseSetupClient64.inf
PulseSetupClient64.ocx
PulseSetupClientCtrlUninstaller.exe
PulseSetupClientCtrlUninstaller64.exe

 

Pulse Desktop Client
PulseUninstall.exe
uninstall.exe
jamCommand.exe
pdv.exe
Pulse.exe
PulseSecureSetupClientOCX.exe
PulseSecureSetupClientOCX64.exe
pulselauncher.exe
PulseApplicationLauncher.exe
nsstatsdump.exe
uninst.exe
Ivanti Secure Access Client Service
(PulseSecureService.exe)
64bitProxy.exe
PulseCompMgr.exe
PulseHelper.exe
Installer Service
AccessServiceComponent.exe
PulseInstallerService.exe
If software restrictions on the client PC are applied to folder directories, the following file paths should be allowed:

%PROGRAMFILES(X86)%\Common Files\Pulse Secure (64-bit system)
%PROGRAMFILES%\Common Files\Pulse Secure (32-bit system)
%APPDATA%\Pulse Secure\
%PUBLIC%\Pulse Secure\
%ALLUSERSPROFILE%\Pulse Secure
 
  • It may be necessary to stop the service that is associated with a Firewall, AV or Anti-Malware service so that a user can test installing the Pulse Secure application without any restrictions.  If the user is able to install Pulse Secure components with one of these services stops then this can narrow down the program applying the restriction.  Refer to third party vendor documentation for instructions on doing this.
  • Try to install new client using Administrator account or install with administrator privilege to avoid rolling-back issues.
 
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255