[j-nsp] Dynamic VPN with Pulse, AD Integration and more

Skeeve Stevens skeeve+junipernsp at eintellegonetworks.com
Mon Mar 24 21:22:52 EDT 2014


Have you tried with the built-in client?


...Skeeve

*Skeeve Stevens - *eintellego Networks Pty Ltd
skeeve at eintellegonetworks.com ; www.eintellegonetworks.com

Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve

facebook.com/eintellegonetworks ;  <http://twitter.com/networkceoau>
linkedin.com/in/skeeve

twitter.com/theispguy ; blog: www.theispguy.com


The Experts Who The Experts Call
Juniper - Cisco - Cloud - Consulting - IPv4 Brokering


On Tue, Mar 25, 2014 at 12:18 PM, Louis Kowolowski <louisk at cryptomonkeys.org
> wrote:

> I have osx connecting to an srx over ipsec using vpntracker. It works
> quite well.
> junos 12.1X46-D10.2
> osx 10.9.x
> vpntracker 7
>
>
> On Mar 24, 2014, at 3:57 PM, Skeeve Stevens <
> skeeve+junipernsp at eintellegonetworks.com> wrote:
>
> Any other way to get OSX/mobile devices, etc to connect to an SRX VPN?
> PPTP? IPSEC?
>
>
> ...Skeeve
>
> *Skeeve Stevens - *eintellego Networks Pty Ltd
> skeeve at eintellegonetworks.com ; www.eintellegonetworks.com
>
> Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve
>
> facebook.com/eintellegonetworks ;  <http://twitter.com/networkceoau>
> linkedin.com/in/skeeve
>
> twitter.com/theispguy ; blog: www.theispguy.com
>
>
> The Experts Who The Experts Call
> Juniper - Cisco - Cloud - Consulting - IPv4 Brokering
>
>
> On Tue, Mar 25, 2014 at 9:54 AM, Andrew Jones <aj at jonesy.com.au> wrote:
>
> I've been told that they have no plans to support OSX on Dynamic VPN. I
> got the impression that Juniper weren't investing in the Dynamic VPN
> product and were pushing people toward MAG etc.
>
> From http://kb.juniper.net/InfoCenter/index?page=content&id=KB17436
>
> The Dynamic VPN feature (Pulse or Juniper Access Manager) is not supported
> on the following Operating Systems:
> * Linux
> * Macintosh Desktop Systems including Pulse 3.0 (for more information,
> refer to KB23960 - [SRX] Junos Pulse 3.0 installed on a Mac OS X system
> fails to connect to a SRX device with the dynamic VPN feature).
> * Windows Server
> * iPad/iPhone
> * Android OS
>
>
> On 25.03.2014 09:46, Skeeve Stevens wrote:
>
> What THE HELL?!
>
> Documentation on this?
>
> Thanks Chris.
>
>
> ...Skeeve
>
> *Skeeve Stevens - *eintellego Networks Pty Ltd
> skeeve at eintellegonetworks.com ; www.eintellegonetworks.com
>
> Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve
>
> facebook.com/eintellegonetworks ;  <http://twitter.com/networkceoau>
> linkedin.com/in/skeeve
>
> twitter.com/theispguy ; blog: www.theispguy.com
>
>
> The Experts Who The Experts Call
> Juniper - Cisco - Cloud - Consulting - IPv4 Brokering
>
>
> On Tue, Mar 25, 2014 at 5:36 AM, Chris Jones <ipv6freely at gmail.com>
> wrote:
>
> I don't know if this matters to you, but Pulse does not work in OSX or
>
> iOS/Android when connecting to a SRX with Dynamic VPN. It only works in
> Windows. Just a caveat if you weren't already aware.
>
>
> On Mon, Mar 24, 2014 at 12:21 AM, Skeeve Stevens <
> skeeve+junipernsp at eintellegonetworks.com> wrote:
>
> Hey all,
>
>
> I am setting up an SRX with Dynamic VPN with Pulse clients..... I know
> some
> don't like it, but it is what we're doing (customer choice).
>
> One thing I am looking for is if anyone has seen any docs on how to
> integrate the Dynamic VPN auth with Active Directory.
>
> Also, does anyone know what flexibility we have with the VPN on a per
> use
> basis... such as different IP ranges, different VRF's, firewall filters,
> etc etc based against those AD groups.
>
> While this is for a specific rollout, it would be nice to know these
> capabilities across the board for other solutions.
>
> Any pointers to any docs would be fantastic.  I've tried googling, but
> came
> up blah.
>
> ...Skeeve
>
> *Skeeve Stevens - *eintellego Networks Pty Ltd
> skeeve at eintellegonetworks.com ; www.eintellegonetworks.com
>
> Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve
>
> facebook.com/eintellegonetworks ;  <http://twitter.com/networkceoau>
> linkedin.com/in/skeeve
>
> twitter.com/theispguy ; blog: www.theispguy.com
>
>
> The Experts Who The Experts Call
> Juniper - Cisco - Cloud - Consulting - IPv4 Brokering
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
>
>
> --
> Chris Jones
> JNCIE-ENT #272
> CCIE# 25655 (R&S)
>
> _______________________________________________
>
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
>
> --
> Louis Kowolowski                                louisk at cryptomonkeys.org
> Cryptomonkeys:
> http://www.cryptomonkeys.com/
>
> Making life more interesting for people since 1977
>
>


More information about the juniper-nsp mailing list