Reset Search
 

 

Article

KB40257 - Configuring Pulse Connect Secure and Pulse Workspace through the Pulse One Console

« Go Back

Information

 
Last Modified Date9/27/2016 4:55 PM
Synopsis
This article describes step by step instructions how to configure Pulse Connect Secure (PCS) and Pulse Workspace through the Pulse One Console.
Problem or Goal
Cause
Solution

Prerequisites

Before performing any configuration on the PCS device, the Pulse One administrator will need to obtain the VPN Certificate from the Pulse One Console.

 

Step 1:  Trusted Client CAs Configuration

  1. Login to the PCS admin console.
  2. From the left pane, navigate to Configuration > Certificates > Trusted Client CAs > Import CA Certificate.
  3. Click Choose File and select the VPN certificate downloaded from the Pulse One Console.
  4. Click Import Certificate.
Optional: Recommendation is to enable Use OCSP.  This will ensure all Workspace client certificates are valid and not revoked.


Step 2:  Configure Certificate Authentication

  1. From the left pane, navigate to Authentication > Auth. Servers.
  2. From the New drop-down menu, select Certificate Server, then click New Server.
  3. In the name field, enter a friendly name for the Certificate Auth Server.
  4. Click Save Changes.


Step 3:  Create a New User Role

  1. From the left pane, navigate Users > User Roles > New User Roles.
  2. In the Name field, enter a friendly name for the Workspace role.
  3. Under Access Features, select the checkbox for Secure Application Manager and the radio button for Windows version.
  4. Click Save Changes.


Step 4:  Create Secure Application Manager policy

Since Workspace will utilize Secure Application Manager (SAM) through the PCS device, the administrator will need to configure a SAM Access Policy.
  1. From the left pane, navigate to Users > Resource Policies > SAM > Access Control.
  2. Click New Policy.
  3. For the Name field, enter a friendly name for the policy (i.e. Workspace Policy).
  4. For the Resources field, enter the list of resources that workspace will need access to.
  5. Under Roles, select Policy applies to SELECTED roles.
  6. From the Available roles list, select the role created for Workspace and click Add.
  7. Click Save Changes.
 

Step 5:  Configure a New User Realm and Role Mapping Rules

  1. From the left pane, navigate to Users > User Realms > New User Realms.
  2. For the Name field, enter a friendly name for the Realm (i.e. Workspace Realm)
  3. From the Authentication drop-down, select the certificate authentication server created in Step 2.
  4. Click Save Changes.
  5. From the Role Mapping tab, click New Rule.
  6. Leave Rule based on: as Username.
  7. For the Name field, enter a friendly name for the rule.
  8. Under Rule:If username is, enter " * ".
  9. From the Available Roles list, select the role created for Workspace, then click Add.
  10. Click Save Changes.
 

Step 6:  Create a Sign-In Policy

  1. From the left pane, navigate to Authentication > Signing In > Sign-In Policies.
  2. Click New URL.
  3. For User type, select the radio button for Users.
  4. For the Sign-in URL, enter URL that Workspace users will use to authentication to the PCS device.
  5. Under Authentication Realm, select User picks from a list of Authentication realms.
  6. From the Available Realms, select realm created for Workspace from Step 5.
  7. Click Add.
  8. Click Save Changes.

Configure VPN Policy for Pulse Workspace

  1. Login to Pulse One admin console.
  2. From the top menu, select Policies.
  3. From the left pane, select the Global policy or click Add to create a new Policy
  4. From the main window, click Properties tab.
  5. Under VPN, locate Vpn Host, Vpn Realm and Vpn Role.
    • For Vpn host, enter the Sign-In URL configured in Step 5.
    • For Vpn Realm, enter the Realm Name configured in Step 6.
    • For Vpn Role, enter the Role Name configured in Step 6.
  6. Click Save.

For more information about other VPN policies, refer to the Policy Properties in the Pulse One admin guide.


Additional configuration for Pulse WorkSpace:


The recommended application for initial configuration is corporate email.  For step-by-step instructions, please refer to the LDAP Auto Provisioning in the Pulse One Configuration guide.
Related Links
Attachment 1 
Created ByK. Kitajima

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255