Duo Two-Factor Authentication with LDAPS for Pulse Connect Secure Access SSL VPN (Deprecated)

The end-of-life date for Pulse Connect Secure SSL VPN is February 20, 2025. Users logging into these applications will no longer be able to authenticate as of this date.

Direct LDAP connectivity to Duo for Pulse Connect Secure SSL VPN reached the end of support on March 30, 2024. Customers may not create new Juniper SSL VPN (used with Pulse VPN) applications after September 2023.

We recommend you deploy Duo Single Sign-On for Ivanti Connect Secure to protect Pulse Connect Secure SSL VPN with Duo Single Sign-On, our cloud-hosted identity provider featuring Duo Central and the Duo Universal Prompt.

Another alternative to direct LDAPS connections is adding Duo authentication to Pulse Connect Secure SSL VPN using RADIUS and the Duo Authentication Proxy, for example, RADIUS with Automatic Push for Pulse Connect Secure SSL VPN. See the "Related" links to the left to explore more RADIUS configurations.

Please visit the article Guide to end of support for the Duo LDAP cloud service (LDAPS) used to provide 2FA for Cisco ASA, Juniper Networks Secure Access, and Pulse Secure Connect Secure SSL VPN for further details, and review the Duo End of Sale, Last Date of Support, and End of Life Policy.

The instructions for this solution were removed on November 21, 2024. Customers who had this configuration deployed before then and need to refer to the original instructions may contact Duo Support.