¶ VPN Pulse Secure OTP
¶ OTP
One time password (OTP) authentication is one of the forms of the user's identity verification, based on providing a one-time password or code by the user logging into the network. OTP can function as a stand-alone form of verification, as well as in addition to the traditional forms.
The OTP configuration for Pulse Secure allows for an extremely well-secured connection to the network via VPN. The first stage of verification is checking the user's credentials in the local NACVIEW database or in an external database, e.g. Active Directory. After passing this stage, the next one takes place, consisting in sending the user a message with a verification code. To connect to the network, the user enters the received code into the Pulse Connect Secure application.
¶ How to configure OTP support for Pulse Secure?
1. In the Pulse Secure system open Authentication > Auth. Servers. From the drop-down menu select Radius Server and then click New Server…
2. In the form that appears enter NACVIEW as the name. Also complete these fields: Radius Server, Authentication Port, Shared Secret, providing data for the NACVIEW system.
3. Aply the checkbox: Users authenticate using tokens or one-passwords. Save the completed form by clicking Save Changes.
4. In the same window, under the Custom Radius Rules, click New Radius Rule…
5. In the form that appears, enter OTP as the name. In the section If received Radius Response Packet… there is a table of Attribute criteria. Fill in the Value field with: * and then click Add.
6. Next, in the Then take action… section, select Show Generic Login page.
7. Confirm that with Save Changes.
8. Go to: Users > User Realms and click on the unit for which you want to add additional authentication.
9. In the form that appears, from the Authentication drop-down list, select the previously created server named NACVIEW. And now click again: Save Changes.
10. o to the NACVIEW system. Open the menu and select Network Devices.
11. Click: Add New Item.
12. Complete the fields: IP address, Radius communication key (after clicking the Change/set password button), OTP options (drop-down list at the end of the form), entering the required data for the Pulse Secure system.
13. Save the set values.
For the OTP service to work properly, you should also configure the SMS Gateway in NACVIEW. To do this, use the SMS Gateway tutorial in the Instructions section of our website.
More detailed information about the sections and elements of the NACVIEW system can be found in the Administration Guide document.