twofactor-authentication-for-pulse-connect-secure-ssl-vpn-with-duo
p4byfkz002VPNGoupCom Herkes çevrimiçi güvenlik ve gizlilik konusunda endişe ve kişisel bilgilerini ve tarama alışkanlıkları ortaya istemiyoruz, VPN harika bir çözüm
(upbeat instrumental songs) – [Teacher] Hello, I'mMatt from Duo Protection.
In this particular online video I'm going to tell you about how to guard your PulseConnect Protected SSL VPN with Duo.
You'll want to reference the documentation for this configuration atduo.
com/docs/pulseconnect.
Before beginning the setup method, Make certain that Duo iscompatible together with your Pulse VPN.
Log on for your administrator World wide web interface and validate that yourfirmware is Variation 8.
two.
Also, you'll want to Have a very practical Principal authentication configuration on your SSL VPN consumers, such as LDAP authenticationto active directory.
(upbeat instrumental music) Log in to the Duo admin panel.
(upbeat instrumental songs) Inside the left side bar, simply click apps.
Simply click “Defend anapplication” and sort juniper from the look for bar.
Beneath the entry for Juniper SSL VPN, simply click shield this software.
Your integration critical, secretkey, and API host identify are furnished within the topof the Qualities page.
You will require these later all through setup.
Click on the url to downloadthe Duo Juniper 8.
x offer.
This file is tailored on your account and it has your Duo account IDappended to the file name.
Be aware that Duo's Juniper configuration is appropriate with Pulse Join Protected and you'll change the displayname of this software at the bottom of your Houses web site.
For simple reference, changethe title of this software to Pulse Link Safe VPN.
(upbeat instrumental music) Simply click save adjustments.
(upbeat instrumental songs) Now modify the register page.
Log in in your Pulse Join Safe administrator World wide web interface.
(upbeat instrumental new music) In the very best menu, navigateto authentication, signing in, register webpages.
(upbeat instrumental tunes) Simply click add tailor made internet pages.
(upbeat instrumental music) From the title area, sort Duo.
Set page kind to Obtain.
(upbeat instrumental songs) Close to templates file, click Browse and select the Duo Juniper zip file you downloaded through the admin panel.
Don't choose the “use tailor made website page for Pulse desktop customer logon” or “prompt the secondary qualifications on the second web page” possibilities, if they are current.
Check out the skip validationchecks in the course of upload box.
Simply click upload custom made internet pages.
Chances are you'll ignore any warnings that look.
Up coming insert the Duo LDAP server.
Open a brand new browser window and navigate to duo.
com/docs/pulseconnect.
(upbeat instrumental songs) Scroll all the way down to the “Incorporate theDuo LDAP Server” part of the documentation.
You'll find strings you cancopy from this part to make set up simpler.
(upbeat instrumental audio) In the top menu of youradministrator interface, navigate to authentication, auth servers.
(upbeat instrumental music) Within the auth https://vpngoup.com server typelist, select LDAP server.
Simply click new server.
(upbeat instrumental audio) From the name industry, sort Duo-LDAP.
From the LDAP server industry, enter your API hostname from your software’s Attributes webpage while in the Duo admin panel.
(upbeat instrumental new music) Set the LDAP port to 636.
(upbeat instrumental tunes) While in the LDAP server typedrop down, pick out generic.
Next to link, clickthe radio button for LDAPS.
During the authentication expected area, Examine the “authenticationrequired to look LDAP” box.
(upbeat instrumental new music) Copy the admin DN stringfrom the documentation site and paste it in the admin DN discipline in the Pulse Safe World wide web interface.
(upbeat instrumental tunes) Change the integrationunderscore key variable using your integration crucial.
(upbeat instrumental music) Then duplicate your mystery key and paste it inside the password industry.
Within the finding user entries segment, duplicate the string you utilised inthe admin DN portion previously mentioned and paste it in The bottom DN industry.
(upbeat instrumental music) Then copy the filter fromthe documentation site and paste it inside the filterfield in the world wide web interface.
(upbeat instrumental music) Simply click save.
(upbeat instrumental tunes) Once you click on preserve, youmight get a information indicating the LDAPserver is unreachable.
You can disregard this message.
Now you need to configure a consumer realm to the Duo LDAP server.
To perform this, you cancreate a different realm for testing, develop a realm to graduallymigrate users in The brand new process, or use the default users realm.
For this movie, We now have now designed a Duo people team that we will configure to make use of Duo for secondary authentication.
Inside your VPN interface, navigate to people, user realms, and click on the website link for your person realm you would like to insert secondary authentication to.
Under the additionalauthentication servers segment, decide on the “permit additionalauthentication server” checkbox.
(upbeat instrumental audio) From the authentication range two area, select Duo-LDAP.
Next to person name is, choose the radio button for predefined as and enter if it is not presently existing.
(upbeat instrumental new music) Next to password is, select the button for specified by consumer on sign in page.
(upbeat instrumental songs) Examine the box for “endsession if authentication versus this server fails”.
(upbeat instrumental new music) Click on preserve alterations.
(upbeat instrumental songs) Click on the authentication coverage tab at the very best on the pageand then click on password.
(upbeat instrumental audio) While in the choices for the additional authentication server portion, select “permit all end users”.
Click save changes.
(upbeat instrumental new music) To complete putting together your integration, configure a sign in policyfor secondary authentication.
In this example we will utilize the default asterisk slash URL coverage, however, you can set up a completely new sign in coverage in a customized URL like asteriskslash Duo-testing for tests.
In the highest menu, check out authentication, signing in, register procedures.
(upbeat instrumental new music) Click on the connection for the register policy that you would like to change.
From the check in page checklist, find Duo.
(upbeat instrumental music) From the authentication realm part, pick the radio button for “person picks from a summary of authentication realms”.
Pick the person realmyou configured before and click incorporate.
Ensure this is the only chosen realm for this check in site.
Click on help you save adjustments.
(upbeat instrumental tunes) With every thing configured, it is now time to test your set up.
In your browser, navigate to the URL that you outlined for your sign up coverage.
(upbeat instrumental tunes) When you comprehensive Principal authentication, the Duo Prompt seems.
Employing this prompt, customers can enroll in Duo or entire two-element authentication.
Considering that this user has alreadybeen enrolled in Duo, you could pick deliver me a thrust, contact me, or enter a passcode.
Pick “send out me a force” tosend a Duo drive notification on your smartphone.
On your own mobile phone, open up the notification, tap the inexperienced button toaccept, and you simply're logged in.
You've got properly set upDuo two-element authentication in your case Pulse Connect Safe VPN.
(upbeat instrumental new music).