Reset Search
 

 
Article

KB9216 - What executable(s) must be allowed to run in order for Pulse Desktop client or Network Connect client to install/launch/connect/upgrade?

Printable View
« Go Back

Information

 
Last Modified Date1/9/2018 7:48 PM
Synopsis

This articles provides guidelines in managing restrictions on Windows 7/8/10 client PC's to allow Pulse Desktop client or Network Connect to install, launch, connect and upgrade.
 

Problem or Goal
Users are unable to install, run, and/or upgrade Pulse Secure client software on Windows systems. 
Cause
Client-side firewall settings, Anti-Virus restrictions and/or Anti-Malware software along with GPO settings are most often found to cause restrictions installing, running, or upgrading Pulse Secure client applications.  
Solution

Client firewalls, Anti-Malware, Anti-Spyware and Anti-Virus can prevent the installation and upgrade of Pulse components.  The following guidelines should be followed to allow access to these processes.

  • Check GPO policies for managed endpoints to verify that Pulse Secure components are permitted.  (See list below). 
  • Ensure the following ports are open for Network Connect/Pulse to install/launch.  
    • UDP port 4242 on local loopback address (for Network Connect only)
    • TCP port 443
    • UDP port 4500 for ESP mode with VPN tunneling
  • If firewall filters are based on Application Name, use the following table to determine the process to permit. 
(Note: The following list is based on 8.3 releases and only includes rebranded Pulse Secure executables.  For 8.1 releases and older, go to the Technical Support Documentation for Pulse Connect Secure, select the appropriate version and refer to the Client Side Changes Guide. (See KB9085 for more information.) 
Component
Process Name
All
PulseSetupClientInstaller.exe
PulseSetupClient.cab
PulseSetupClient.exe
PulseSetupClientOCX.exe
PulseSetupClientOCX64.exe
PulseSetupXP.exe
PulseSecureService.exe
PulseExt.exe
uninstall.exe
uninst.exe
PulseSetupClientCtrlUninstaller.exe
Pulse Desktop Client
PulseUninstall.exe
uninstall.exe
jamCommand.exe
pdv.exe
Pulse.exe
PulseSecureSetupClientOCX.exe
PulseSecureSetupClientOCX64.exe
pulselauncher.exe
PulseApplicationLauncher.exe
nsstatsdump.exe
uninst.exe
dsAccessService.exe
64bitProxy.exe
PulseCompMgr.exe
Legacy VPN client (Network Connect/NC)
neoNCsetup.exe(.cab)
neoFIPSSetup_<version_information>.exe
dsNetworkConnect.exe
JuniperSetupClientOCX.exe
uninstall.exe
nclauncher.exe
dsNcService.exe
Installer Service
AccessServiceComponent.exe
PulseInstallerService.exe
If software restrictions on the client PC are applied to folder directories, the following file paths should be allowed:

%PROGRAMFILES(X86)%\Common Files\Pulse Secure (64-bit system)
%PROGRAMFILES%\Common Files\Pulse Secure (32-bit system)
%APPDATA%\Pulse Secure\
%PUBLIC%\Pulse Secure\
%ALLUSERSPROFILE%\Pulse Secure
 
  • It may be necessary to stop the service that is associated with a Firewall, AV or Anti-Malware service so that a user can test installing the Pulse Secure application without any restrictions.  If the user is able to install Pulse Secure components with one of these services stops then this can narrow down the program applying the restriction.  Refer to third party vendor documentation for instructions on doing this.
 
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255