Sorry, here's the forgotten Gist: https://gist.github.com/dlenski/33bfa3a8691686d02ddaf7a51843a89a On Tue, Sep 4, 2018 at 2:42 AM, Brandon Liles <brandon.liles at gmail.com> wrote: > Client Version: > > Pulse Secure 5.3.4 (1183) > > I did install the root Fiddler MITM cert and Fiddler automatically > creates certs on the fly for the sites you visit for HTTPS decryption > if you've enabled that feature. > > Right now I get stuck just after the following two requests to the > Pulse endpoint, which look like this: > > 1. Results in a 200 > CONNECT xxxxx:443 HTTP/1.1 > User-Agent: Mozilla/4.0 > Host: xxxxx > > 2. Never completes > GET https://xxxxx/ HTTP/1.1 > Host: xxxxx > Connection: keep-alive > User-Agent: odJPAService > Content-type: EAP > Upgrade: IF-T/TLS 1.0 > Content-length: 0 > This first CONNECT is just the interaction with the proxy itself, I think. Probably this second GET is a fake GET-that-should-really-be-a-CONNECT which the proxy doesn't know how to handle. Though I can't say I recognize it from my MITM'ing of Juniper clients past? Dan
