Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
since ‎12-09-2021
‎01-06-2022
cwoelkers
Occasional Visitor

Linux, OpenConnect, and Host Checker

by in Pulse Connect Secure
‎12-09-2021 01:19:PM
‎12-09-2021 01:19:PM
Our Linux users have been using OpenConnect to connect to Pulse with PKCS#11 smart card authentication. As the official Linux client does not support smart cards this has been our workaround for a while now to allow smart card authentication. Recently it was been decided that host checker is needed for machine verification before a realm can be selected. Hence all realms that are in use have had the necessary host checker policies added. Note that host checker is not being used in the roles, just the realms. The addition of host checker broke OpenConnect and a "temporary" LDAP based username and password authentication was set up for our Linux users with the official client. Of course now word has come down that smart card authentication is more important than host checker, though it would be nice to have both. So in an attempt to make both work for most users I created a new realm just for our Linux users with no host checker policies selected at all. Unfortunately testing with this new realm in OpenConnect still gives the error "Pulse server requested Host Checker; not yet supported". Anyone know a way around this issue? Possibly by forcing that one realm to not even consider Host Checker?  ... View more
Latest Tags
No tags yet
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.