Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAML and Junos Pulse for Desktop on Mac

madansudhindra_
Occasional Contributor
‎07-25-2014 02:20:PM
‎07-25-2014 02:20:PM

SAML and Junos Pulse for Desktop on Mac

Hello,

 

Starting with the IVE OS 8.0, the Junos Pulse for Desktop now supports SAML based authentication

http://kb.pulsesecure.net/InfoCenter/index?page=content&id=KB23406

 

Has anyone had any luck getting this to work on a Mac ? It works like a charm on all our Windows platform devices (Win 7 and Win 8.x), but i have had no luck getting this to work successfully on a Mac (OS X Mavericks and Yosemite). 

 

The Way Juniper implemented the SAMl sign-in feature is to lauch a new browser window (IE on Windows and Safari on Mac), to get an authentication token from the SAML Identity Provider, and then transfer control back to the Junos Pulse client. 

 

The problem we are having is, on Mac OS machines, once a authentication token is received, the browser window never transfers control back to the Junos Pulse Desktop application. 

 

Just wondering if there is anyone out there who has gotten this to work successfully. 

 

Thanks in advance. 

 

Madan Sudhindra

0 Kudos
6 REPLIES 6
Kita_
Valued Contributor
‎07-25-2014 02:23:PM
‎07-25-2014 02:23:PM

Re: SAML and Junos Pulse for Desktop on Mac

I've seen a similiar issue when authentication is past back to Pulse, but it is unable to find a matching pulse connection.  Can you review the Pulse logs to see if you have any message stating 'no matching connection'?

 

Also, what version of Pulse are you using?

0 Kudos
madansudhindra_
Occasional Contributor
‎07-25-2014 02:29:PM
‎07-25-2014 02:29:PM

Re: SAML and Junos Pulse for Desktop on Mac

We are using IVE OS 8.0R5 with Pulse 5.0.5

 

I'll look into the Pulse logs for info on matching connections. How did you fix the "No Matching Connection" issue ?

 

*** Update *** I have not found any occurances of no matching connection in the log. 

I am attaching the Junos Pulse client debug log file for reference

0 Kudos
zanyterp_
Respected Contributor
‎07-27-2014 08:36:AM
‎07-27-2014 08:36:AM

Re: SAML and Junos Pulse for Desktop on Mac

It looks like at least one connection is using Host Checker; if it's the SAML one, does it work once removed?
0 Kudos
madansudhindra_
Occasional Contributor
‎07-28-2014 10:02:AM
‎07-28-2014 10:02:AM

Re: SAML and Junos Pulse for Desktop on Mac

I havent configured any Host Checker policies. 

 

All our policies are disabled. Here is a screenshot

 

 

0 Kudos
Kita_
Valued Contributor
‎07-29-2014 02:38:PM
‎07-29-2014 02:38:PM

Re: SAML and Junos Pulse for Desktop on Mac

According to the logs, it looks like Pulse disconnect but make no attempt to reconnect as it should.  Can you please clarify if you try launching Pulse via the browser does or does not work?  If you haven't already done so, I would open a case and provide the LogAndDiagnostic.zip from the Pulse client for further review.

0 Kudos
madansudhindra_
Occasional Contributor
‎07-31-2014 01:48:PM
‎07-31-2014 01:48:PM

Re: SAML and Junos Pulse for Desktop on Mac

I have already opened up a case on this topic. 

 

It seems like a general issue with Pulse on Mac OS. 

Even if we switch to just plain username / password authentication, the Pulse client does not seem to want to transfer the session back from a browser instance. 

 

For example, on switching just just plain AD authentication, if a user logs into the web page, and then hits Start for Junos Pulse, the Pulse client launches, but then does not create a Pulse session. The user is forced to click the Connect button, against the corresponding Pulse entry to get the session to start. 

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.