Trustbuilder MFA by inWebo
Trustbuilder MFA by inWebo
Breadcrumbs

Pulse Connect Secure - RADIUS integration

Configuring the Connect Secure appliance

Open your Connect Secure administration console,

in the top menu, select Authentication > Auth. Servers

image2017-10-2_14-24-29.png

On the Authentication servers page, at the top of the page select : "RADIUS Server" in the drop down list and click on "New Server..."

image2017-10-2_14-26-31.png

On the New RADIUS Server page:

Fill the form with the following information:

image2017-10-2_15-22-44.png

(For RADIUS "Push" configuration you have to indicate a 60 seconds timeout with no (0) retries.)

Fill the indication for your first inWebo RADIUS authentication server ex:radius1.myinwebo.com

inWebo Radius server addresses :

(See RADIUS integration and redundancy for additional details and configuration)

It's highly recommended to fill the "Backup Server" information.

RADIUSUPDATE.png

Click on "Saves changes"

Creating a new user Realms

In the Users Menu at the top of the window, Select "User Realms" and "New User Realms..."

image2017-10-3_17-49-5.png

In the New Authentication Realm form:

image2017-10-3_17-52-19.png

Indicates the information and the Authentication name of the inWebo server 

Click "Saves changes"

The new Realm appear in the Realms list:

image2017-10-3_17-55-10.png

Creating the Private portal

image2017-10-10_18-20-8.png

Creating a New URL for your private portal

Select "New URL..."

image2017-10-10_18-26-32.png

  • Fill the path of your authentication portal

  • Check "User picks from a list of authentication realms"

  • Select the Realm of your users

image2017-11-2_10-47-56.png

Click on "Save Changes"

Configuring inWebo RADIUS connector

In the inWebo Administration Console.

  • Once connected, go to Secure Sites tab > CONNECTORS section.

  • Select “Add a connector of type…”, and choose “Radius” or “Radius Push” :

  • The popup below will appear. Enter the External URL of your Pulse appliance, along with the RADIUS secret you have defined earlier:

06.png

  • Click “Add/update”

About ‘Push’ RADIUS mode

If you are using the 'push' radius mode (notification sent to the user's smartphone), the global response time must be long enough to allow the user to authenticate with his smartphone. A "Radius Authentication time" of 60 seconds is recommended.

Additional PULSE SECURE Authentication parameters

Enabling Traffic Control

Select Authentication > Auth Servers

  • Select "Enable Auth Traffic Control"

  • Select "Auth Server level"

  • Indicates "External" or the port names that routes the external Auth Requests