cancel
Showing results for 
Search instead for 
Did you mean: 

6.5x Setup Control - Warning

Highlighted
Contributor

6.5x Setup Control - Warning

Just upgraded to the latest 6.5x version and noticed a new "Feature" Pop-up Setup Control - Warning. Anytime a Juniper executable gets loaded the user gets a popup warning with Always, yes and no. Although its nice to warn users, is there anyway to disable this feature? Aside from preloading the Trusted Server List to users.(KB15208)

http://kb.pulsesecure.net/index?page=content&id=KB15208&actp=search&searchid=1271180033492

7 REPLIES 7
Highlighted
Regular Contributor

Re: 6.5x Setup Control - Warning

No, there is not an option to disable the whitelist security feature, besides loading a file on the client before hand (as you have mentioned). This is a security feature that was added to protect users.

Highlighted
Regular Contributor

Re: 6.5x Setup Control - Warning

everytime the user logs in? i thought that would only pop up when the user initially installs the applications but that happens everytime the software (NC/HC) gets loaded? hell...

Highlighted
Frequent Contributor

Re: 6.5x Setup Control - Warning

If the user clicks 'Always' the server gets added to the user whitelist and they will not receive the pop-up in the future for that server.

Highlighted
Contributor

Re: 6.5x Setup Control - Warning

Yea. The pop-up appears for Each of the Modules too. HostChecker, Juniper Installer, NC, etc... One warning for all should be enough. We usually prefer to minimize the user intervention. Especially with Windows 7, it has enough popup warnings itself.

Highlighted
Super Contributor

Re: 6.5x Setup Control - Warning

You can predeploy the whitelist.txt. We did this and it worked well. Only problem is it needs to go in the users app data folder. We automated this by using a wise script.

The script goes to the registry and pulls the APPData value:

Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\AppData

Then you write the whitelist.txt file to:

%APPDATAVALUE%\Juniper Networks\whitelist.txt

This should eliminate the messages. If you're willing to give me the hostnames of your IVE's I can customize a install for you.

Highlighted
Regular Contributor

Re: 6.5x Setup Control - Warning

You can predeploy a whitelist file to the %ProgramFiles%\Juniper Networks\ folder

Check out the Trusted Server List section in the admin guide.

Highlighted
Contributor

Re: 6.5x Setup Control - Warning

Thank for the suggestions in populating the whitelist for each client. My problem with that is that my users are mostly non-employees, so its's not as easy to deploy mods to their pcs. The other problem is that the user needs to really attempt to connect to the ssl vpn first in order for all the Juniper Directories to get created under the Users profile.

I think all of this effort really defeats the purpose of the SSL VPN process being "clientless" and not having to preload/maintain anything on the client pc.

Thanks,

Tony