All Topics » Pulse Connect Secure

Pulse Connect Secure 2 site Cluster, 2nd device can't use DUO to login

Contributor (0)
Aug 29, 2017 5:38pm

I have two pulse connect secure devices,

These are clustered together and share the same configuration at two different geographic locations.

I have inegrated MFA with DUO -

The first device comes up fine, when I test the API connection I get:

info: For server at port XXX
LDAP server is reachable.

The 2nd device didn't do so well, even though the walkthrough says to ignore errors:

error: For server at port XXX
LDAP Server is unreachable. Check the server address, port, and connection type.

Here is the logs from the 2nd device:

Info AUT24327 2017-08-29 12:26:29 -XX-XX-PULSE - [172.17.X.X]XXXX/XXXX/XXXX[] - Secondary authentication failed for XXXXX/DUO-LDAP from 172.17.X.X

Minor AUT23391 2017-08-29 12:26:29 - XX-XX-PULSE - [172.17.X.X] XXXX/XXXX/XXXX[] - Could not connect to LDAP server 'DUO-LDAP': Failed binding to admin DN: [81] Can't contact LDAP server:

Info AUT23278 2017-08-29 12:26:29 - XX-XX-PULSE - [172.17.X.X] XXXX/XXXX/XXXX[] - Password realm restrictions successfully passed for XXXX/XXXX/XXXX

Info AUT24326 2017-08-29 12:26:29 - XX-XX-PULSE - [172.17.X.X] XXXX/XXXX/XXXX[] - Primary authentication successful for XXXX/XXXX/XXXX from 172.17.X.X

The first device FW shows constant SSL traffic while the 2nd one isn't talking to DUO.

Is this a pulse limitation, a duo limitation, or something else?

Contributor (0)
Correct Answer
Aug 29, 2017 5:46pm
It was the firewall..... Fixed