[j-nsp] SRX dynamic vpn with Pulse Secure client - MacOS Apple laptop not working
Gert Doering
gert at greenie.muc.de
Wed Aug 14 11:22:33 EDT 2019
Hi,
On Wed, Aug 14, 2019 at 08:52:28AM -0500, Aaron Gould wrote:
> Perhaps I should just look at better remote access vpn solutions.
>
> I've heard Palo Alto are good.
When testing, give some extra attention to double-stack behaviour.
While we're generally quite happy with Fortigate's SSL-VPN thingie,
their "double-stack" sucks big time - basically, it's two single-stack
VPN solutions bolted together. You connect over v4, you can only
reach v4 resources. You connect over v6, you can only reach v6
resources. Their support says "well, it is what is is, but you can
open a feature request" and our AM says "we do not see the business
case"...
So: test this before buying. You'll need v6 and v4/v6 interop one day.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany gert at greenie.muc.de
More information about the juniper-nsp
mailing list