SyferLock Help Center

Pulse Secure and SyferLock GridGuard Integration

Follow standard GridGuard Install, Setup & Initial Configuration


On the SyferLock GridGuard Server (Virtual Appliance) Administration & Configuration Console:

Create new ServiceProvider Definition called "PulseSecure" 

  • Pulse Connect Secure requires an RSA IDP signing certificate. Make sure to use one when selecting the Signing Certificate.
  • On "Reference URLs", make note of the Metadata URL link
  • On SAML Configuration page, export the RSA IDP signing certificate you used above as SigningCert.pem

Navigate to the Pulse Connect Secure admin console.

Under System->Configuration->SAML

  • Click on Settings and verify data, especially Host FQDN.  Use the Fully Qualified Domain Name (FQDN). Do not use the Internet Protocol Address (IP Address).   For example, instead of

Create a new Metadata Provider

  • Enter a Name
  • Location is "Remote"
  • Download URL is the Metadata URL from the GridGuard Server (Virtual Appliance)
  • Select "Accept Untrusted Server Certificate" and "Accept Unsigned Metadata" (GridGuard Metadata is unsigned)
  • Upload the Signing Certificate saved above (SigningCert.pem)
  • Check "Identify Provider" under Roles
  • Save Changes
  • This will return to SAML Configuration page, verify new Metadata Provider is listed
  • Select the Provider check box, and click Refresh - Status should update to "Success"

Under Authentication->Auth. Servers

  • Select ServerType is SAML Server, Click New Server
  • Enter a Name
  • Configuration Mode is Metadata
  • Select Identity Provider Entity Id that matches the GridGuard Signing Certificate name
  • Verify Identity Provider Single Sign On Service URL is set
  • Make sure a certificate has been selected under "Select Device Certificate for Signing"
  • Ensure Metadata Validity is set
  • Save Changes
  • Download Metadata file. You will use this later.

Under Users->User Realms create a new Authentication Realm (or use default)

  • Authentication is set to SAML Authentication Server created above
  • Save Changes

This completes the Pulse Connect Secure side of the integration. 

Next, we will finalize the SyferLock GridGuard side of the integration.

 Navigate back to the SyferLock GridGuard Administration & Configuration Console.

Go to the SAML configuration you created in the first steps. 

  • Import saved Metadata file and verify Entity ID, Certificate, and ACS URL have values.
  • Select the Signing Certificate
  • Select the Realm and Name Identifier
  • Apply Changes

This completes the SyferLock GridGuard configuration. 

Test the new integration by attempting to log-in using SAML authentication to Pulse Connect Secure.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Powered by Zendesk