cancel
Showing results for 
Search instead for 
Did you mean: 

MAG6611

New Contributor

MAG6611

My company purcahesd MAG6611 and ask me to configure it, i am working well with Juniper SRX Series but i have no idea how to start emplement MAG6611, can any body guide me how to start emplement it step by step?

7 REPLIES 7
Moderator

Re: MAG6611

You can use the admin guide here for specific questions: https://www.pulsesecure.net/techpubs/pulse-connect-secure/pcs/8.3rx

There is a service offered that allows a dedicated support representative for 4 hours to help with initial deployment; I would also suggest reaching out to your account team for pricing
New Contributor

Re: MAG6611

v good can you guide me how to get dedecated support?

 

New Contributor

Re: MAG6611

Do you want to configure this box as SSL VPN Gateway or UAC/NAC Controller?
Super Contributor

Re: MAG6611

since you are posting in the "Connect Secure" forum I assume you will be using SSL VPN.  If you are looking to deploy this as  a NAC solution the "Policy Secure" is the forum to use.  The type of appliance you have is dictated by your license and the installed softeware.

 

I would recommend the following basic steps.

 

1-Get up to date.  Register and link an account to your contract on the support site and upgrade to the current version on the appliance.  This might take a support ticket to get older versions of the code depending on where your appliance currently is.  Note there are specific version support for upgrades when back multiple versions as seen in the release notes.

 

2-Decide on dual DMZ or single DMZ design.  Most go with a single ethernet interface in the DMZ.  This will both terminate the outside session and generate the internal network session from the same port.  There is also an option to use two ports on the device where one is in your external DMZ for the inbound connection and the inside port is used for reaching the resources.  Once you pick the single or dual interfaces you can assign the necessary ip addresses and design your needed firewall port forwarding and internal access rules.  

 

You also need to choose if the appliance will provide a pool of ip addresses for the client connections or if you will use dhcp forwarding to your internal dhcp server.

 

Also note if you need internal DNS for connected clients and be ready for those inputs and selections to override the connecting client DNS servers.

 

Now you can configure the interfaces and connect to the network for basic setups.  And setup firewall rules.

 

3-Setup remote access: 

You will need to configure authentication to your internal AD or use local auth on the applicance.

https://www.pulsesecure.net/download/techpubs/current/424/pulse-connect-secure/pcs/8.3rx/How_To_Crea...

 

Once auth is setup, you then have to have resources and group mappings that can use the resources.  This can get complicated as it is very flexible in restrictions.  The admin guide has all the gory details.  Read the first two chapters to get the overview of all the options.  For simple layer3 connection setups go right to chapter 30 - VPN Tunneling.

 

https://www.pulsesecure.net/download/techpubs/current/1040/pulse-connect-secure/pcs/8.3rx/ps-pcs-sa-...

Steve Puluka BSEET - IP Architect - DQE Communications Pittsburgh, PA (Metro-Ethernet & ISP) - http://puluka.com/home
Moderator

Re: MAG6611

There is the "remote installation support" service that you purchase 4-hour blocks to have for the installation project
There is the "deployment service account manager" service that you purchase for assisting with planning the deployment and configuration
There is the service account manager that is a dedicated support contact who assists with making sure all questions and cases are answered
See also:
https://www.pulsesecure.net/services/compare-service-offerings/
https://www.pulsesecure.net/services/remote-installation-consulting-service/
New Contributor

Re: MAG6611

Great, i want to go with gold support but i don't know from where i can get price and quotation while it is old appliance?

Moderator

Re: MAG6611

You should be able to reach out to your reseller or local Pulse Secure contact
If you are not sure who that is, if you PM me where you are located, I can try to find out who you can reach out to on our side or have them reach out to you