Good afternoon all,
This is my first post to this community and I hope this is the place to get help. I'm the information security engineer for my company and I'm trying to find instructions for how to conduct vulnerability scans of host computers connected over VPN and we are using the SA4500 series devices. The current issue is this, my scan engican "see" the computers that are connected, but cannot\do not get an authenticated or credentialed scan.
So my question is how do I get the 4500's to allow these hosts to be scanned? If I had this information\documentation I could pass it on to the admin for these systems so that we can get this fixed. I don't like telling someone to fix something without at least trying to find a remedey for the problem.
Any assistance will be appreciated, thanks in advance!
I think you need to provide some more details in order to get an answer. What type of VPN client is being used? What do you mean by "you can see the device"? Can you ping a users device that is connected by vpn? What protocol is being used between the scan engine and the users PC? etc..
Thank you for your response. When I said that I can see the hosts, I mean that when I go to review the scan results I can see every host that was logged in and scanned. I can see the hostname of the computer and the IP obtained for the LAN segment that it connected to. I can determine the date\time all of this took place, the only problem is that something is preventing my scan engines from authenticating to the hosts on VPN LAN segments.
As for the client information:
Junos Pulse ver 3.1
Junos Pulse 18.104.22.168097
Junos Pulse 802.1X Connection Method 22.214.171.124097
Junos Pulse Connection Manager 126.96.36.199097
Junos Pulse Connection Store Service 188.8.131.52097
Junos Pulse EAP Service 184.108.40.206097
Junos Pulse EES Service 220.127.116.11097
Junos Pulse Integration Service 18.104.22.168097
Junos Pulse Gateway Connection Method 22.214.171.124097
Junos Pulse User Interface 126.96.36.199097
Juniper Network Agent 188.8.131.52839
Juniper Networks TDI Filter Driver 184.108.40.206921
Junos Pulse Core Service 220.127.116.11097
Junos Pulse TNC Client 18.104.22.168097
Junos Pulse Tunnel Manager 22.214.171.124097
Junos Pulse VPN Connection Method 126.96.36.199097
Application Acceleration 188.8.131.5220
Thanks again for you response.