We have enabled the TOTP to use Google Authenticator. I logged into the Pulse Secure URL once, successfully authenticated to Active Directory (AD), and was then prompted with the QR. I scanned the QR with the Google Authenticator app on my phone, and was presented with the 6 digit code to use on my phone's app.
I then deleted my profile from the Google Authenticator app on my phone. The next time that I tried logging into the Pulse Secure URL I was able to successfully authenticate using AD, but I am sent to a page asking for my my two factor authentication code, and it is not showing the QR code to scan. Since I deleted my profile on my iPhone, I do not have the codes to enter. So I cannot continue.
We have tried resetting the secondary authentication (TOTP) portion in Secure Pulse, have tried locking and unlocking my account in Secure, and uninstalling and reinstalling the application on my phone. Nothing changes. It is like my account is linked in Secure Pulse to Google Authenticator still. Has anybody else experienced this?
All I can think of, is that there is some counter set when you first scan the QR, and I have to wait for that counter to burn down. But if that is the case, how do you handle people who lose their phones, or accidentally delete the Google Authenticator app? Do you just have to wait for the counter to burn down?
Just in case anybody is reading this forum and has a similar problem. We figured out how to solve this by simply resetting the TOTP user under the Pulse Secure secondary authentication settings screen. After resetting the account, the QR code showed back up for affected users.
Have you tried deleting your login account from Users lists? you can find all the user accounts in Authentication -> Auth. Servers -> Google (TOTP server) -> Users. Select the user and delete the entry.