cancel
Showing results for 
Search instead for 
Did you mean: 

Machine Authentication for Junos Pulse Connections

MrSprinkles_
New Contributor

Re: Machine Authentication for Junos Pulse Connections

I opened a ticket with Juniper and just received information that Machine Auth is not supported in W2K8 R2 (that's what I am running per your question) because it requires a Sambe update to the Juniper SA and this is planned but not until *after* 7.4. It is supported on W2K8 R1 and Windows 2003.... Mr. Sprinkles is not happy.

jspanitz_
Frequent Contributor

Re: Machine Authentication for Junos Pulse Connections

Neither is mr. spanitz. Not to post just to bash, but how is an OS from 2008, still not fully supported (RDP using network level auth anyone)?
Raveen_
Regular Contributor

Re: Machine Authentication for Junos Pulse Connections

Microsoft has enhanced its cryptographic modules for Windows 2008 server, hence password based authentication does not work well with older samba.

Windows 2008 R1 also will not work by default for machine authentication, you will have to configure GPOs in AD to allow NTLMv2 responses and NT4 compatible cryptos.

Reference:

1. For invalid certificate: http://kb.pulsesecure.net/InfoCenter/index?page=content&id=KB23871

2. For Machine Authentication failure: http://support.microsoft.com/kb/942564

Certificate based authentication should work for machines, and can be used as workaround, as password is not required/validated.

Hope this helps!

Regards,

Raveen

zanyterp_
Respected Contributor

Re: Machine Authentication for Junos Pulse Connections

Thanks, Raveen!