Configure Pulse Connect Secure
Configure Pulse Connect Secure to use the Okta RADIUS Server Agent in conjunction with the Okta Integration Network (OIN) Pulse Secure (RADIUS) app.
Before you begin
Meet the following network connectivity requirements before you install the Okta RADIUS agent:
Source | Destination | Port/Protocol | Description |
---|---|---|---|
Okta RADIUS Agent | Okta Identity Cloud | TCP/443 HTTP |
Configuration and authentication traffic. |
Client Gateway | Okta RADIUS Agent | UDP/1812 RADIUS (Default, you can change this when you install and configure the RADIUS app) | RADIUS traffic between the gateway (client) and the RADIUS agent (server). |
Limitations
Enroll only a single Okta Verify device. Adding more Okta Verify devices can cause undefined or unexpected behavior.
If you've migrated a RADIUS-configured org from Classic Engine and you configure the Okta Verify authenticator with the number challenge, the challenge may be presented to RADIUS users even though it's not supported. To prevent this, enable the Early Access feature Disable number matching challenge for RADIUS. See Enable self-service features.
Supported factors
See Pulse Connect Secure supported versions and factors for a complete list of supported version, factor and related information.
Typical workflow
Task |
Description |
---|---|
Download the RADIUS agent | In the Admin Console, go to . Download the appropriate Okta RADIUS Agent for your environment. For throughput, availability, and other considerations, see Okta RADIUS Server Agent Deployment Best Practices. |
Install the Okta RADIUS Agent. | Install Okta RADIUS server agent on Windows |
Configure application | Configure the Pulse Secure (RADIUS) application. |
Configure gateway | Use the Pulse Connect Secure Administrator tool to configure the Pulse Connect Secure gateway. |
Configure optional settings | Optional. see Pulse Secure optional settings. |
Test | Test the Pulse Connect Secure integration |