Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Netconnect Always On

Les_G_
Occasional Contributor
‎04-08-2013 05:44:AM
‎04-08-2013 05:44:AM

Netconnect Always On

We would like have users auito logon to VPN and I was wondering if there is a way to enable always on/auto logon with netconnect client like other IPSec/SSL clients?

Thanks.

0 Kudos
Reply
7 REPLIES 7
zanyterp_
Respected Contributor
‎11-19-2007 08:04:PM
‎11-19-2007 08:04:PM

Re: Netconnect Always On

as kita said, not with network connect, but this can be achieved with pulse.

0 Kudos
Reply
Kita_
Valued Contributor
‎12-23-2010 06:37:PM
‎12-23-2010 06:37:PM

Re: Netconnect Always On

Network connect has the GINA plug-in that integrates with windows credential provider.  This allows you to log-on via your cache credentials and create a tunnel during the log-in process.  Pulse has additional features for machine authentication that allow you to create a tunnel when the machine boots before winlogon or after winlogon.

0 Kudos
Reply
RadiusWorldwide_
Occasional Contributor
‎08-04-2014 02:48:AM
‎08-04-2014 02:48:AM

Re: Netconnect Always On

Sorry for dragging this out, but I'm having trouble configureing exactly that using the Pulse client. I want to pass on the cached Windows credentials. However, Pulse should not try to connect when the laptop has no internet connection or is on the corporate LAN. Ticked the "At user logon" and at least the client steps in after I provided my Windows credentials but it says "No log on sevrer available" when I have no internet connection, well duh.. of course not, hehe. When I'm on the LAN it asks me for proxy credentials.

 

So how can I configure this Always-On? I'd be happy if someone could point me to a knowledgebase article or something like that since I cannot find anything useful unfortunately.

 

Edit: Got the Always-on function working based on endpoint IP. Still Pulse won't take over the AD Windows cached credentials. Arg. Any common pitfalls?

0 Kudos
Reply
Kita_
Valued Contributor
‎08-04-2014 04:10:PM
‎08-04-2014 04:10:PM

Re: Netconnect Always On

At the user logon (Credential provider) will attempt to create the tunnel first, then connect to the domain controller. If you have no internet connectivity, then this scenario will not work. If you will be using cached credentials, then you can configure Pulse to start the connection manually or use the always option once the end user has logged into the desktop.
0 Kudos
Reply
RadiusWorldwide_
Occasional Contributor
‎08-05-2014 05:30:AM
‎08-05-2014 05:30:AM

Re: Netconnect Always On

I got it almost working now. If I'm connected to the company LAN or have no connection the Junos Pulse starts but does nothing. As soon as I have an internet connection the tunnel is built. So the always-on works. 

So do I get it right, that if I'm not able to connect via VPN directly at the log on but later instead, that I'm then not able to pass on the user credentials of the currently logged on user? I think I get at least the user account name right, since I see it when Pulse pops up in the domain synthax DOMAIN\username. But the password is missing. I wonder if there's a workaround to get the password filled out as well. Is it maybe stored somewhere in encrypted form?

0 Kudos
Reply
lyndidon_
Contributor
‎08-05-2014 07:29:PM
‎08-05-2014 07:29:PM

Re: Netconnect Always On

Do't know why Juniper thought centering the comments was a great job but the again...allowpwd.png

This may be what you are looking for. Or do you want the Secure Access Service to cash the password?

 

http://kb.pulsesecure.net/InfoCenter/index?page=content&id=KB25846&actp=search&viewlocale=en_US&sear...

0 Kudos
Reply
Kita_
Valued Contributor
‎08-06-2014 09:37:AM
‎08-06-2014 09:37:AM

Re: Netconnect Always On

If you are simply looking to start the vpn tunnel automatically when the end user reaches the desktop, you can use the "Automatically after user signs into the desktop". You can use the "allow save credentials" so the end user can cache the credential within the Pulse client. Once this is completed, the end user will have a vpn tunnel created every time they reach the desktop.
0 Kudos
Reply
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.