I am getting ready to roll new code. I have the 7.4 code installed on my test and Sage VPN for the last month. Works great with NC and fixed OWA 2010 menu issue as well as Win 8 IE10 support. I have had the 7.4r41 code for 18 months.

Is there any reason why I shoud not roll this current code version/

---

@VVJ wrote:

Please post your thoughts and queries for features you are using or would like to use. Our senior technical engineers will be answering your technical queries, and will try to resolve each of them.

---

Hi,

- First of all, for troubleshooting reasons it would be great if the user gets the DHCP Junos Pulse address displayed in the client! Proxy and DNS Settings (including the search domain) would be great.

All optional configurable on the server side.

- Find a way to cluster the license server (active passive would be just good enough...)

There is a way to re-register a cold standby device, but this is not a great way to deal with it.

- Please forward the error messages from the pulse client automatically to the user access log. That should be possible as long as there is a connection to the MAG. In case the is a problem with the virtual adapter, SSL VPN would know that there is probably a client side problem.

- Improve Archive schedule ... it is annoying to click on EACH entry, to click on EACH day, enter EACH time...

- Display in the header line somewhere the device name (hostname or anything self configurable)

Because: when accessing the device over an ip address with nat, it's annoying to search always for the certificate and / or sign-in policy and check there if you are on the right device.

- Junos Components: Why are they not customizable on the box? IF you already present the possiblity to choose between minimal / no / all components and DOWNLOAD then the installer..

Why don't you let us configure the complete individual package and download the package in one?

The reference to the admin guide is time consuming.

- Please improve the communication about the compatibility between junos pulse client and different firmware versions. It is not clear to me how this will work, if a user is using different MAGs with different firmware.

What will work? What will not work. f.e. is 7.1R3 useable when you have already visited a box with 7.4R1.

Users may use many ssl vpn gateways...

- Please provide also a better password policy for internal user

- Please include groups for internal user -  internal groups should be then useable for role-mapping

(I know internal users are not state of the art, but some customers prefer a self service on the box.)

I hope that I understood your comment correctly. That this was a invitation to tell you what our needs or wishes are.

Greetings,

Ate

We suggest that you go through the release notes for 7.4 to check for any known issues that may affect your environment before you perform the upgrade. 

As long as you dont see any there, I believe it should be ok to upgrade. 

We have allot of Macintosh users and would like to use HTML 5 RDP for these users, is this free to setup, any tutorials on how to do this? We would like to know as presently we cannot afford hob's jwt client and need an alternative instead of full tunnel. Is it true f5 and vmware (HTML ACCESS) is years ahead of Juniper when it comes to harnessing html 5?

Thanks!

Hi VVJ,

am I completly wrong with my post here?

Any feedback on my post would be nice.

Ignoring it  is not

When this is the wrong place to put it here - please tell me.

But my experience is - when telling our senior system engineer contact:

- he will write some lines as a feature request

- those feature requests will put somewhere

- I will never hear anything about it in the next years

Best regards,

Ate

Hi Ate, 

Thank you so much for your detailed feedback and sorry that I missed your earlier post. Most of the mentioned options are really good to have. Below are a few of my thoughts 

- Please forward the error messages from the pulse client automatically to the user access log. That should be possible as long as there is a connection to the MAG.

==> We currently do print messages in the User Access logs for any SA side errors that come up during bringing up the tunnel. Examples are when there are no IPs configured/DHCP server not reachable, ACL counts exceeded etc. Other than this, we also log entries for sesssion timeouts on Pulse as well. The rest of the scenarios are mostly due to issues at the client side which the SA is not really aware of and hence is only printed in the Pulse client side logs. 

- Display in the header line somewhere the device name (hostname or anything self configurable)

Because: when accessing the device over an ip address with nat, it's annoying to search always for the certificate and / or sign-in policy and check there if you are on the right device.

==> We currently print the member names on top in case you are logging into the Admin UI of a cluster. Are you looking for something similar for stand alone devices as well?

The rest of the pointers provided have been forwarded to the relevant departments. You could follow up on the same with your Juniper Sales Teams. 

Hi Kalluga, 

Thank you for showing interest in the HTML5 features. There are no additional licenses from an SA perspective that you would need to have for this feature to work. This is at par with the current Rewrite Access mechanism in the SA. 

Unfortunately, there are no tutorial links that I can share at this point but shall let you know as soon as I have one. I am very sure the Juniper solution with HTML5 is pretty competitive too :-) 

Hello VVJ,

- Please forward the error messages from the pulse client automatically to the user access log. That should be possible as long as there is a connection to the MAG.

==> We currently do print messages in the User Access logs for any SA side errors that come up during bringing up the tunnel. Examples are when there are no IPs configured/DHCP server not reachable, ACL counts exceeded etc. Other than this, we also log entries for sesssion timeouts on Pulse as well. The rest of the scenarios are mostly due to issues at the client side which the SA is not really aware of and hence is only printed in the Pulse client side logs. 

->> understood and the server side errors are listed there, I know. But if just the reason string on the client side would be written also in user access log (just in case the user logs in through the web-interface, before launching the pulse client) that would also help a lot.

- Display in the header line somewhere the device name (hostname or anything self configurable)

Because: when accessing the device over an ip address with nat, it's annoying to search always for the certificate and / or sign-in policy and check there if you are on the right device.

==> We currently print the member names on top in case you are logging into the Admin UI of a cluster. Are you looking for something similar for stand alone devices as well?

->> Exactly! I need that also for virtual appliances (VA-SPE) they come out usually default like with

"localhost2" that is somehow not changeable...

Managing many of them becomes really irritating...

Thanks for replying! And also thanks for forwarding.

Ate