Troubleshoot PulseSecure VPN Not Getting the Correct IP when ZIA Tunnel 2.0 On

Modified on Mon, 15 Aug, 2022 at 2:58 PM

For PulseSecure VPN to obtain the correct IP based on GeoLocation when ZIA Tunnel 2.0 is ON. Specific Configuration require


 1) Both App Profile and Forwarding Profile on PAC require to bypass via FQDN


App Profile PAC

/* PulseSecure VPN Bypass*/


    if(shExpMatch(host, "Customer Global Gateway VPN FQDN"));

    return "DIRECT";


Forwarding Profile PAC 


/* PulseSecure VPN Bypass */

    if(shExpMatch(host, "Customer Global Gateway VPN FQDN "));

        return "PROXY ${ZAPP_TUNNEL2_BYPASS}";


2) The User App Profile require to bypass the IP of the VPN Node 

    Must define it in the VPN Bypass and also include the FQDN of the VPN Global Gateway

   Must define it in the Destination Exclusions



Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article