cancel
Showing results for 
Search instead for 
Did you mean: 

Disable host checker for web sign in

CharlesP
Occasional Contributor

Disable host checker for web sign in

Hello,

In our setup, we use the same URL for both our Pulse Secure client VPN connections as we do for users who log into the web sign-in page to access their various bookmarks. Since we have the host checker assigned to the roles assigned to this realm, the host checker runs whether the user is using the VPN client or the web sign-in. Is there a way to change this, without creating two separate sign in pages, so that host checker only runs when the user VPNs in, but not when they log into the web page?

1 REPLY 1
r@yElr3y
Moderator

Re: Disable host checker for web sign in

@CharlesP

 

You need to have two user realms applied to the sign-in page

 

One realm should be having browser based restrictions set (realm >> authentication policy >> browser) to ALLOW Pulse Secure Client connections (I think the agent string would be Pulse-Secure* or Pulse Secure* with asterik at the end), hence rest of the agent access are denied implicitly.

 

Other realm would be DENYing the pulse client string + allowing all other agents i.e. allow * (wildcard) for the browsers to access - make sure the deny statements stay at the top and allow * at the bottom.

 

Apply all the host checker rules to the realm which allows Pulse Client and don't apply them in the realm that denies (that is your web access realm). You need to map the required roles to both realms and the behavior should be seamless.

 

Hope this helps.

PCS Expert
Pulse Connect Secure Certified Expert