Junos Pulse: Certificate check, restriction, and authentication on mobile devices

Configuring Junos Pulse (Mobile) for certificate restriction (iOS) and certificate authentication (iOS and Android).

SERVER-SIDE CONFIGURATION

Certificate Restriction (Junos Pulse for iOS only)

1.Go to Realm > Authentication policy > Certificate and select the Only allow users with a client-side certificate signed by Trusted Client CAs to sign in button.

Certificate check, restriction, and authentication on mobile devices-1

2.Go to Role > General > Restrictions > Certificate.

3.Select the Only allow users with a client-side certificate signed by Certification Authority to sign in button.

Certificate check, restriction, and authentication on mobile devices-2

Note: Certificate restriction is not supported on Junos Pulse for Android. If certificate is configured, Junos Pulse for Android users receive this message: Missing certificate. Check that your certificate is valid and up-to-date, and try again.

Certificate Authentication

1.Go to Authentication > Auth. Servers.

2.From the New drop down menu, select Certificate Server.

3.Click New Server.

4.For Name, type a unique identifier for the Certificate Server instance.

5.For User Name Template, type the variable that the Junos Pulse Secure Access server will use for the user name. By default, Junos Pulse Secure Access server uses the common name attribute.

Certificate check, restriction, and authentication on mobile devices-3

6.Under Users > User Realms, create a new realm or select a realm to which to associate the certificate server. From the Authentication drop-down, select the name of the certificate server entered in step 4.

Certificate check, restriction, and authentication on mobile devices-4

CLIENT-SIDE CONFIGURATION

1.Select Configuration on the Junos Pulse Mobile App.

Certificate check, restriction, and authentication on mobile devices-5

2.Select the Authentication.

Certificate check, restriction, and authentication on mobile devices-6

3.Select the Certificate Option.

Certificate check, restriction, and authentication on mobile devices-7

About the author

Prasanna

Leave a Comment