Network Level Authentication (NLA) Support

arnert · ‎06-28-2019

As the result of the lastest exploits. Some hardened and newer windows versions are requiring NLA to login with smartcards (PIV) or tokens for Remote Desktop Access. What is Pulse Secure official position on this? Other vendors are having similar issues with NLA not working for them. F5 - VMWare and others.

KB21244 - NLA (Network Level Authentication) is not supported via Terminal Services (Windows Server ...

Also when will HTML5 TS support smartcard logins? This is a huge issue in the goverment space?

zanyterp · ‎06-28-2019

Can you test with 9.1R1, please? There is a new option in the terminal service bookmark that allows smart cards with NLA.
I would recommend working with your account team to get an enhancement request in for HTML5 support of smart cards. This will allow the product management team to be aware of the customers that require this.

arnert · ‎05-21-2021

Ok - we are on release 9.1 R11.5 - We are using client certificates on a smartcard(s) to login and access IVE bookmarks now currently - This works currently just fine additionally on the backend we are using KCD with Microsoft Application(s) bookmarks (IIS/SPS) . It works -- Question - PulseSecure support natively HTML5 (Guac) RDP access using MS Kerberos? Can the web server proxy this as of 2021? Yes or No - and if not what is the limitation. Can do this with standalone apache and HTLM5 (Guac) ? Please advise.

[email protected] · ‎05-23-2021

@arnert If your ask is whether HTML5 RDP access works using AD authentication, then yes, it'll work. Try adding the <NTDOMAIN> variable or <static domain name value>\<USERNAME> as the template for username.

Pulse Connect Secure Certified Expert

Network Level Authentication (NLA) Support

Network Level Authentication (NLA) Support

Re: Network Level Authentication (NLA) Support

Re: Network Level Authentication (NLA) Support

Re: Network Level Authentication (NLA) Support