Remote-protected-resource 0.0.0.0/0″ does not work

When allow all IP as remote protected resource is configured, “remote-protected-resource 0.0.0.0/0”, then the Dynamic VPN does not work. Any traffic to the remote-protected-resource is not encrypted.

Client Software (Access Manager/Junos Pulse) injects and changes route information on a routing table of the client OS, along with Dynamic VPN configuration when the VPN is established.
The following output is the routing table when the VPN is established.

If 0.0.0.0/0 is configured as a remote-protected resource, the client software tries to inject the route “0.0.0.0/0” with the address of the virtual adapter as the gateway.
However, client software installs 0.0.0.0/32, and all traffic matches the original default gateway and not pointing to the virtual adapter. Then all traffic is not encrypted and dropped.

Both the Access Manager client and Junos Pulse client have this problem:
Access Manager: All releases
Junos Pulse: Any release before 1.0R2

The problem is fixed on Junos Pulse 1.0R2.
If you run into this issue on Junos Pulse, upgrade to 1.0R2 or later.
In case of Access Manager, migrate to Junos Pulse 1.0R2 or later.

About the author

James Palmer

Leave a Comment