Just got SSG 20 and the firewall is working fine. I have DMZ and Intranet configured.
Question: I want to allow some of my employees to access Intranet via web based VPN. Can I do this with SSG-20?
One of our clients is using it and I know they are using Juniper since banner screen has Juniper logo all over.
Basically the way it would work is:
(1) I go to a publicly accessible IP
(2) I log in with a predefined account via SSL
(3) Once I log in, I get a "network connect" icon in my system tray, and get assigned an IP. The IP is attached to a local "Juniper Connect Virtual Network Adapter".
(4) I can them access the client's intranet using remote desktop, ssh etc.
I don't have to install any VPN client, but I am sure the initial setup loads some Active X or Java Plugin to my browser.
Any help is much appreciated.
You can do everything you wish if you have a Juniper SSL-VPN box. These are the SA700, SA2500, 4500, 6500. SSG20 is a great firewall - IP Sec VPN solution but does not provide the Network Connect functionality you desire / describe. Wrong box.
The products muttbarker was referring to are different appliances:
If you just need plain connectivity you could use client-to-site VPN with the netscreen. In theory i think the cisco client shoudl work. It is also safenet based i believe... But i wouldn't put my money on it and just buy a license for the netscreen remote vpn client if you want to go for a tarditional IPSec VPN client.
I think you should make the decission based on the applications you want to provide and to whom you like to provide it (employees, external parties etc). The SSL-VPN (SA Series) give you more options and flexibility in my opinion.
Hey Dennis - thanks for clarifying my post - In my Juniper centric world, everything revolves around my SA boxes
PS - totally agree - the SSL-VPN gives you far more options and flexibility!