/docker-pulse-secure

Containerized Pulse Secure Client

Primary LanguageDockerfileMIT LicenseMIT

docker-pulse-secure CI Docker Image Version (latest by date)

Make a Pulse Secure VPN available as SSH jumphost and SOCKS5 proxy.

Note: This is merely a last resort if openconncet and openconnect-sso don't work for you.

Usage

Create a Pulse Secure connections file.

~/.config/pulse-secure/connections.txt:

{"connName": "Example Inc.", "baseUrl": "https://vpn.example.com", "preferredCert": ""}
{"connName": "My Organization", "baseUrl": "https://gateway.example.org", "preferredCert": ""}

Start both containers.

docker run --name pulse-client --detach --device /dev/net/tun --cap-add net_admin --cap-add sys_admin --ip 172.31.255.2 --volume ~/.config/pulse-secure/connections.txt:/data/.pulse_secure/pulse/.pulse_Connections.txt --volume /tmp/.X11-unix:/tmp/.X11-unix --env DISPLAY --env "USER_ID=$(id -u)" --env "GROUP_ID=$(id -g)" dadevel/pulse-secure-client:latest
docker run --name pulse-proxy --detach --network container:pulse-client dadevel/openssh-proxy:latest

Adapt your SSH configuration.

~/.ssh/config:

Host pulse-proxy
  Hostname 172.31.255.2
  User proxy
  DynamicForward 6789
  ForwardAgent yes
  AddKeysToAgent yes

Host gitlab.example.com
  User git
  ProxyJump pulse-proxy

Git LFS can make use of the proxy established by SSH.

git config http.proxy socks5://127.0.0.1:6789
git config https.proxy socks5://127.0.0.1:6789

I recommend Firefox with FoxyProxy to view websites trough the proxy.

If your experiencing connection problems check the logs.

docker logs -f pulse-client
docker logs -f pulse-proxy

Build

Pulse Secure mails you a download link to their Debian/Ubuntu package after you filled out this form with some random data. Once downloaded move the *.deb file to ./pulse-secure-client/pulse.deb.

docker build -t dadevel/pulse-secure-client ./pulse-secure-client/
docker build -t dadevel/openssh-proxy ./openssh-proxy/