Part 1 – Configuration on LastPass Dashboard

You can add PulseSecure as a web app.

  • Open the LastPass Admin Dashboard. Select “Applications” from the left side menu and then select “Web App” from the submenu.

LastPass Web Applications

 

  • Click on “+ Add SSO App” button from the upper right corner.

Add SSO application

 

  • A pop-up window will appear. Under the section: “Select your app”, click on “Search…” and type PulseSecure to search the LastPass Catalog. Select PulseSecure from the drop-down menu.

SSO App Catalog

 

  • Under the section: “Identity Provider”, you will find the required information such as “Entity ID”, “SSO End Point”, and “Logout URL”. Also, you can download the LastPass Metadata xml or Certificate file to your computer by clicking on the download arrow button next to “Metadata” or “Certificate”.

SSO Identity Provider

 

Part 2 – Configuration on PulseSecure
  • Open a new tab on your browser and log into your PulseSecure admin account.
  • Click on ”Auth. Servers” on the left- side of the menu.
  • Click on “New Server“ to create a new “SAML server”.

PulseSecure Integration

 

  • If “SA Entity Id” is empty, click on “SAML Setting“.

PulseSecure Integration SAML setting

 

  • Enter your domain in “Host FQQN For SAML” and “Save Changes”.

PulseSecure Integration SAML setting

 

  • Enter a new “Server Name“.
  • Paste the “Entity ID” and “SSO End Point” info that you copied from LastPass admin dashboard into the  “Identity Provider Entity Id “Identity Provider Single Sign-On Service URL”.

Pulse Secure add SAML

 

  • Upload the certificate you downloaded from LastPass by clicking on “Choose File” and save the setting.

Pulse Secure SAML Upload Certificate

 

  • Fill the “Allowed Clock Skew” and “Metadata Validity” section and save changes.

Pulse Secure SAML Integration Validity

 

  • Copy the “SA Entity Id”.

Pulse Secure SAML Entity ID

 

  • Click “Save“. 
  • Go back to the PulseSecure Directory page.  Add “LP SSO” into the “Authentication” field and “save changes“.

Pulse Secure SAML Authentication

 

  • Open the “Role Mapping” tab and make sure that there is at least one defined role.

 

  • Add a role if needed and “Save changes”.

 

Part 3 – Finalizing SSO Configuration
  • Go back to the browser tab where you have the LastPass Admin Dashboard open.
  • Expand the “Service Provider” section and paste the Entity ID” you copied from the PulseSecure website.
  • Paste the following URL into the “ACS URL” text box:
    https://(Your Domain or IP Address)/dana-na/auth/saml-consumer.cgi

SSO app Service Provider

 

The PulseSecure app is now configured! You can assign users to the PulseSecure.