I work in an environment where I am a delegated Admin on a Juniper SA Device. I am not sure which model, but the System Software Package Version is 7.1R9 (build 20893).
I know the SA device is at EOL and can not be upgraded to any version later than 7.1R9 (build 20893).
As I am only a delegated admin, I do not have many rights to the system itself, just to my partition.
Here is the problem:
A couple of days ago the Admin of the SA installed the latest version of the ESAP (2.7.6). This resulted in all the workstations downloading an updated UnifiedSDK.zip file (normal behavior, been done a hundred times in the past) and all our machines promptly broke.
Looking at the connection logs, we could see the session get intiated and the primary and secondary passwords being accepted. At this point we usually see the results of the host checker being parsed and then roles being applied based on the results of the parsing. After the upgrade the log files never got parsed by the SA device. It's as if the Client machine never delivered the Host Checker results to the SA device.
On the client side what would happen is that the Host Checker would launch, the hard drive lights would start flickering, indicationg that the host checker was working, then after a minute or so the machine would go quiet, indicating that the Host Checker had completed. All this is normal behavior. But instead of connectig to the SA device, the host checker would relaunch and the process would start again. This happened about 4 or 5 times and then we got returned to the login page with an "Invalid username or password" message (even though the SA connection logs showed that the passwords were already confirmed).
This happend on everyone of our corporate machines and a large number of privately owned machines which our employees use to access our network remotely.
On our corporate machines we user McAfee Enterprise 8.8 AV, but our employees can be using many different AV products on their personal machines.
Once we rolled back to the previous version of the UnifiedSDK.zip file, everthing returned to normal. The culprit was definitely the update zip file or its components.
I can find nothing in the client side logs indicating what might have happened.
The logs I have been checking are the debuglog.log files on the client machines. I have turned the logging to maximum and am capturing tons of info, but I am still not seeing anything that looks like it is an error (not that I would necessarily be able to spot the errors anyway).
Has anyone ever see similar behavior?
Any idea of other logs I could check or Windows events I should be looking for?
All I know now is I am stumped and I have been looking through logs for days now as I'd like to be able to keep up to date on the ESAP packages, and I need to figure this out beofre we can move to the latest ESAp packages.
Hi, same issue here... Juniper MAG with 8.0r7 and ESAP 2.7.6...randomic "logout" after Hostchecker (authentication is OK); case opened three weeks ago and no answer yet. Nothing in the logs.... we'll try to reverse to previous ESAP, better to have some complain about AV not supported than continuous re-authentication.