All Topics » Pulse Connect Secure



Terminal Services error when connecting from a Mac to a Windows PC


mparkinson
Contributor (0)
Dec 12, 2016 12:58pm
Hi All,

I get the below error through the Apple Hob RDP client when trying to use Terminal Services from a Mac web browser. Seems to be security authentication issues with SSL etc. I can connect fine with normal MS RDP or HTML 5. Has anyone else come across this issue and know the fix?

Error: HLJWT2001E
Reason: java.lang.Error: security layer negotiation failed (permitted rdp+tls+credssp / supported rdp / tried rdp)

Thanks in advance.



zanyterp
Pulse Secure Contributor (40)
Dec 13, 2016 3:14pm
Which version of JRE are you using?
Are you using the on-board HOB client or the applet from HOB?
    mparkinson
    Contributor (0)
    Dec 14, 2016 1:29am
    We installed the latest java for Mac from the java website.

    I assume it's the applet, what is the onboard HOB?

    Thanks,
    Mats.
    zanyterp
    Pulse Secure Contributor (40)
    Dec 14, 2016 8:21pm
    The on-board HOB applet is the premiere java RDP applet (OEM from HOB).
    Does the system you are connecting against have NLA enabled?
    Does the system you are connecting against expect certificate authentication?
    qvthelp
    Contributor (0)
    Apr 17, 2017 10:02pm
    Has anyone been able to resolve this issue?
hellokitty
Contributor (0)
Jan 6, 2017 9:25pm
We are experiencing the same issue with hoblink aka Premier RDP. This is only an issue when connecting from a Mac to a Windows 10 PC. We have also tried disabling NLA on the Windows 10 PC. We are running the latest JRE. We have also tried disabling every JRE security option! The remote PC is not expecting SSL cert for authentication.

We experience the issue with the latest release of 8.1 and 8.2 on the PSA device.
    kita
    Moderator (16)
    Apr 20, 2017 5:59pm
    We have bee able to identify a potential issue under the following conditions:

    - macOS is the source endpoint
    - HOB Applet is utilized
    - Windows 10 is the target endpoint
    - NLA is enabled

    As a workaround, we have found that disabling NLA on Windows 10 works. We have not been able to replicate any issues where disabling NLA does not work. Once a fix is confirmed, we will update the following thread.
zanyterp
Pulse Secure Contributor (40)
Jan 7, 2017 2:32am
Unfortunately, it looks like you may have found a new item
The only reason we have seen that occur is when anything other than standard authentication is enabled or there is certificate verification enabled on the RDP target (in this case the Win10 machine)
I would recommend opening a case with support
Do RDP connections to other systems succeed?
What is the SSL setting for the PCS gateway?
kita
Moderator (16)
Aug 24, 2017 3:53pm
To close this thread, this issue is resolved in 8.3R2.1 which was released today. The issue is specific to macOS endpoints attempting to using the Premier Java RDP applet when the target endpoint has NLA enabled.

http://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB40464