Reply to myself

re-visited the section:

Configuring Apple iOS Device Access on SA Series Gateways

Once netconnect profile setup to allow my Juniper IPHONE role the JunosPulse application connected fine including VPN ICON and allowing use of Safari and other apps.

I tried the custom page today but it loads with errors and now appears to be out of date. Do you have an update. This was on 2/2/2011.

Thanks

---

@bullyrag wrote:

I tried the custom page today but it loads with errors and now appears to be out of date. Do you have an update. This was on 2/2/2011.

Thanks

---

Not sure. I know when I uploaded the iOS custom page it said it was outdated, but it still works with the iPad and iPhone.

However I am now getting reports that my users are getting lots of timeout errors and can't connect at remote locations. When they are here at HQ on the wifi (separated conference room network) it works fine, but that's still physically in the same location as the SA. It's becoming annoying with the calls, especially since they are testers. But you know how VP's are...

Having same issue as DeaconZ - anybody have more info on creating working Intranet links thru the Junos Pulse? AND know how to have the SA delete the session properly when the user disconnects the VPN, which BTW, we have to do thru the iPads Settings as it is not an option within the Pulse connection once you leave the Pulse app and come back we just have a Connect button instead of Disconnect.

@District: Which version of Pulse are you using? I just tested and it worked successfully for me (I logged in, closed the app, launched it again, and saw the disconnect button).

What you are seeing when disconnecting from settings.app is correct: you are NOT logging out of anything, you are only terminating the VPN connection. This is the same as exiting Network Connect on the desktop and not clicking on "sign out" as the session details are still present on the IVE because you *only* closed the VPN connection and nothing else.

What type of links are you not seeing working? The links on the bookmark page should show up in the "intranet" button on the Pulse app once you are logged in. Is this part not working OR is it a display failure that you are seeing?

Forgive me for bringing up an old thread but I think my question is best asked here. I have an Sa2500 running the JTAC recommended v7.0R6 and I am trying to use the junos pulse client to provide extranet functionality to iphone devices (all running 4.3.2/4.3.3). I have followed the admin guide mentioned in previous threads and am now at the situation where the iPhone will connect without issue with the custom webpages also referenced in the guide, but I cannot get traffic to flow over the link.

I have tried split tunneling on and off and cannot make it work. From the SA I can ping the DHCP IP that the unit gets and I can see from the status page of the junos pulse app on the iphone that the data is being sent back, but anything else within the network, the counters do not move.

FWIW, the DHCP range is in the same class C (full /24) that the internal interface of the SA is, but I can only ping it from the SA itself.

I suspect I have done / not done something configuration wise.

Has anyone had this issue before? Where is the best place to look? I have maintenance on the unit so I can log a case if need be, but I thought I would ask here first

What happens when you tracert from a server internally to the IP?

Is your Network Connect ACL allowing inbound & outbound traffic (maybe starting with *:*)?

thank-you for your quick reply

If I traceroute from an internal IP it gets to the SSL then stops. I have checked the arp table and the arp address for the SA and the DCHP issued IP is the same, so i can confirm on 2 counts that the traffic is reaching the box.

That is interesting, I saw the ACL section you referred to but didnt see anything in the admin guide in setting that up so assumed it was not required (as some of the functionality does not extend to iOS devices). Once i assigned the generic *:* acl to my iOS role it worked like a charm.

Thank-you for your assistance. I will go back through the guide to see if i missed it. If i didnt miss it, might be worth juniper just putting a foot note in there somewhere, as in our organisation we use the web/sam functionality quite a bit, but nothing of the netconnect so its easily missed.

thanks once again, your time is greatly appreciated!!!

You are welcome; glad to assist.

I know the section on Network Connect references the need for an ACL; however, I am not sure how much was moved between the two sections.