As a user I would like to install it with just an apt install pulseclient but no …
Making Pulse Client working under Ubuntu 20.04 was a nice challenge, but I am a little surprised that a company like Pulse Secure don’t have a better support for Ubuntu.
The package Ubuntu/Debian 64 Bit Installer from their mail was not working. After some searchs I have found the nice gist from eugenetriguba (copy/paste below). After that I still had some other problems (specific to my connection but due to a crappy client), details with solution below.
Install instruction (from someone else please check the source)
Source : eugenetriguba/Install Pulse Secure on Ubuntu 20.04.md
To install Pulse Secure for Ubuntu 20.04, it is a bit complicated since the support isn’t great.
TO GET THE LATEST PACKAGE I HAVE SUBSCRIBED AND GET THE URL FROM THE MAIL AND IT WAS DIFFERENT FROM THE ONE IN THE GIST FROM EUGENETRIGUBA
First, we’ll want to download the deb file at http://go.pulsesecure.net/x0S000043Re0NqN0pfpZlEJ and
then install it using dpkg from your downloads folder.
cd ~/Downloads
sudo dpkg -i ps-pulse-linux-9.1r5.0-b151-ubuntu-debian-64-bit-installer.deb
Now, we’ll want to go into the pulse directory and install the dependencies. We update the shell script file first to recognize Ubuntu 20.
cd /usr/local/pulse/
sudo sed -i "s/UBUNTU_VER\ \=\ 18\ \]/& \|\|\ [\ \$UBUNTU_VER\ \=\ 20 \]/" PulseClient_x86_64.sh
./PulseClient_x86_64.sh install_dependency_packages
sudo apt install libenchant1c2a
Next, we’ll want to create an extras and debs folder inside the pulse folder.
mkdir /usr/local/pulse/extra
mkdir /usr/local/pulse/debs
Then we’ll want to download the following debs into /usr/local/pulse/debs/.
cd /usr/local/pulse/debs
sudo wget http://archive.ubuntu.com/ubuntu/pool/main/i/icu/libicu60_60.2-3ubuntu3_amd64.deb
sudo wget http://archive.ubuntu.com/ubuntu/pool/universe/w/webkitgtk/libjavascriptcoregtk-1.0-0_2.4.11-3ubuntu3_amd64.deb
sudo wget http://archive.ubuntu.com/ubuntu/pool/universe/w/webkitgtk/libwebkitgtk-1.0-0_2.4.11-3ubuntu3_amd64.deb
Next we will extract the debs into the extras folder.
cd /usr/local/pulse/extra
sudo dpkg -x /usr/local/pulse/debs/libicu60_60.2-3ubuntu3_amd64.deb .
sudo dpkg -x /usr/local/pulse/debs/libjavascriptcoregtk-1.0-0_2.4.11-3ubuntu3_amd64.deb .
sudo dpkg -x /usr/local/pulse/debs/libwebkitgtk-1.0-0_2.4.11-3ubuntu3_amd64.deb .
Then we’ll want to add the library path to our shell startup file and for convience, we can alias the pulse secure command in your shell startup file. Likely .bashrc if you’re using bash or .zshrc if zsh.
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/pulse/extra/usr/lib/x86_64-linux-gnu/
alias vpn=/usr/local/pulse/pulseUi
Lastly, we want to make sure to source that same shell startup file e.g. source ~/.bashrc
so the changes are loaded. We can then startup the client.
vpn
Resources
- https://askubuntu.com/questions/1135065/cant-run-pulse-secure-on-ubuntu-19-04-because-libwebkitgtk-1-0-so-0-is-missing
- https://community.pulsesecure.net/t5/Pulse-Desktop-Clients/pulseUi-doesn-t-work-in-ubuntu-20-04/td-p/42721
Error when login with a “Security policies not met”
The error came from a compliance test, this is a config specic to my employee.
To debug you can set the log level to detailed in the Pulse UI (File / Logs / Log Level). The log file can be found in your home directory at :
~/.pulse_secure/pulse/pulsesvc.log
20201007062734.700245 pulsesvc[p11363.t11363] pulsesvc.info HC policy evaluation response String:
policy:vc0|977|policy_4|3|XXXXXXX
status:NOTOK
error:Required process not found
policy:vc0|977|policy_4|3|XXXXXXX-1
status:NOTOK
error:Required process not found
At least now you know which policies are the culprits.
I tried to launch a process with the same name of the policy and it worked ^_^ but it was not clean, so I contacted the administrator and they made a fix directly in the policies.
Error (or not) with the Host Checker
After the custom login page I landed on a page with a nice logo and this message :
Loading Components...
Please wait. This may take several minutes.
• Host Checker
If an error prevents a component from loading properly, you can **click here** to continue. Not all functionality may be available.
I don’t know what it does, but you can wait … and wait … and wait … and die :) or just click on the link click here to close the window. I think that the GtkWidget used by the PulseUI don’t play well with this custom page.
After the notification windows with a welcome message, I am now connected and the compliance is “Meets security policies.” \o/
Error with the DNS
When trying to connect on an another computer with RDP and Remmina I get the error Could not find the address for the RDP server "XYZ".
With the Pulse Client under Windows, the hostname is enough but not here, to work I had to use a full dns name (or the ip).