Secure Remote Access: Connect with the Pulse Secure Client
The Secure Remote Access service provides students, faculty, and staff with the ability to connect to restricted University resources while off campus or using Wireless PittNet. The service encrypts traffic between a user's computer and the University's network.
These instructions explain how to use the Pulse Secure Client with the Secure Remote Access service. When you are off campus, Pulse Secure is the recommended method for establishing a remote desktop connection to your office computer or for accessing departmental databases and servers that reside behind network firewalls.
In order to use Pulse Secure to access these resources, your Responsibility Center Account Administrator must have already created a Secure Remote Access role for you. A Secure Remote Access role (sometimes referred to as a "Network Connect" role) is a special set of permissions that grant you access to specific network resources. You will need to select your Secure Remote Access role when using Pulse Secure.
If you use the University’s Secure Remote Access service, either through the recommended Pulse client or via the IPSec client, you will need to use multifactor authentication for your secure remote connections. This requirement affects all students, faculty, and staff who use the Secure Remote Access service.
Downloading the Pulse Secure Client
If you are a staff or faculty member with a machine built by a dedicated IT staff member, you may want to check your system to see if the Pulse client isn't already installed. For Windows PC users, look in the system tray in the lower right corner of the desktop display for the Pulse Secure client logo.
Macintosh users should look for the Pulse icon in the upper right corner of the desktop environment (the Finder).
The Pulse Secure client used to be marketed as "Junos Pulse" and featured a different logo. If your system has an older version of Pulse installed that uses this logo, you should be able to set up a remote connection. But you should eventually look to replace this older client with a current version of the Pulse Secure client
Downloading the Pulse Client for Windows or Macintosh PC Users
Affiliates of the University of Pittsburgh (registered students, faculty or staff) can download a copy of the Pulse Secure client from the Software Download Service. Log onto the My Pitt Portal and enter "software" into the Ask Cathy search field. Click on the link for the Software Download Service.
The Pulse Secure client software for Windows and Macintosh PCs is listed under the vendor Pulse Secure as "Pulse VPN Desktop Client."
Holders of sponsored accounts set up for third-party (non-affiliate) access will not be able to download the Pulse client from the Software Download Service as the account credentials will not enable access to the service. Sponsored account holders that do not have a primary University Computing Account should download a copy of the Pulse Secure client via the Sponsored Account Pulse Client Installers web page.
Downloading the Pulse Client for Mobile or Tablet Systems
The Pulse Secure client is available for download on the Apple App Store (iOS), the Google Play store (Android) and the Microsoft app store (Windows Phone).
Install the Pulse Secure Client and Set Up a Profile
The instructions below explain how to install Pulse Secure on a laptop or desktop computer running Windows or Mac OS X. For instructions on using Pulse with your mobile device, please refer to our mobile instructions.
- Open Pulse Secure. For Windows systems, the application should be listed in the Start menu under Pulse Secure.
- Click the plus-sign icon to create a profile. Note: On older versions of Junos Pulse, the plus sign is located in the lower left-hand corner of the Connections window.
- In the Server URL field, enter sremote.pitt.edu. Leave the Type field at its default setting.
- In the Name field, enter a name for your Profile (for example, Pitt VPN Connection). Click Add to save the profile.
Establish a Secure Remote Session
Note: You must already have registered a device for multifactor authentication before you can complete the steps below.
In the secondary password field, type either PUSH, a passcode you will generate, PHONE, or SMS. Here is how each option works:
- Click the Connect button next to your profile.
Note: In steps 2 through 4, you can save your settings with the “Save settings” checkbox. Saving your settings (which includes saving your password in step 3) will save you time when connecting in the future, but it also presents a security risk if someone other than you also has access to the computer.
- Select the Secure Remote Access role you would like to use. Click Connect.
- A new pre-sign in notification will display similar to the one shown below. This page explains your options for using multifactor authentication. Click Proceed.
- Enter your username and password as you normally would and click Connect.
- A new screen will display with a Secondary Password field for multifactor authentication.
- A. Type Push and click Connect. Accept the Push notification on your smartphone or tablet. Note that you must have the Duo Mobile app installed on your smartphone or tablet (if you haven't already installed the app, you can download it from your device's app store). B. Generate a passcode by tapping the key icon within the Duo Mobile app on your smartphone or tablet or by using your hardware token. Enter the passcode into the Secondary Password field and click Connect.
C. Type phone in the Secondary Password field and click Connect. This will call the default phone number you registered for multifactor authentication. Answer the call and press 1. D. Type sms in the Secondary Password field and click Connect. Your authentication attempt will fail, but you will receive a passcode on your registered device. Enter that passcode into the Secondary Password field on the Pulse screen with the "Credentials were invalid" message and click Connect again.
Note: You can also add a number to the end of these factor names if you have more than one device registered. For example, PUSH2 will send a login request to your second phone, PHONE3 will call your third phone, and so forth.
- Your connection will be established. The Pulse Secure tray icon will display with a green arrow pointing up when you have made a successful connection.
- When you are finished, click Disconnect next to your profile in the Pulse Secure client. You can also click the Pulse icon in the system tray, select your profile, and click Disconnect.
- Tip: You can quickly open future Pulse Secure connections by clicking the Pulse icon in your system tray, selecting your Profile, and clicking Connect.
Advanced Tips: Creating Separate Pulse Profiles for Multiple Secure Remote Access Roles
Some individuals may use multiple roles with the Secure Remote Access service. For example, you may have one role that you use to connect to your office computer from home, and a second role that you use to connect to a departmental database from home.
You can create individual Pulse Secure profiles for each of your roles. You may find this to be a faster and easier method of connecting. To create a profile for a specific role, complete the steps:
- Click the plus-sign icon to create a profile.
- In the Server URL field, enter sremote.pitt.edu. Leave the Type field at its default setting. In the Name field, select a name similar to the Secure Remote Access role you will be using. Click Add.
- Click the Connect button next to your profile.
- Select Network Connect and select the Save Settings box. Click Connect.
- Enter your username and password. Do not select Save settings if you are using a computer that others share. Click Connect.
- Select the Secure Remote Access role you would like to use and select the Save Settings box. Click Connect.
- You will be connected. The next time you open Pulse, you can quickly connect directly to this role.