cancel
Showing results for 
Search instead for 
Did you mean: 

Pulse Secure Access Gateway 7.4 Features at a glance.

Contributor

Pulse Secure Access Gateway 7.4 Features at a glance.

Welcome to SA 7.4 Features at a Glance

As part of our commitment to improving technical support, experts from Juniper Networks are here to assist you in understanding the features in SA 7.4. As a focused effort towards technical understanding, better support, and faster updates, we have started the J-Net threads linked below. Each thread explains the basics of an individual feature and is open for discussion. Please post your thoughts and queries for features you are using or would like to use. Our senior technical engineers will be answering your technical queries, and will try to resolve each of them.

Please note that this forum is not suitable for sales-related queries or in-depth log analysis. We look forward to the dialog, and will answer all the technical queries we can; if there is anything we cannot cover in this forum, we will direct you to the appropriate team.

Please refer the below links and use the thread most closely related to your query:

 

Archiving options for debug logs and system snaps
Support password options for User Admin

FIPS in Software for MAG -SA and VA devices
SNMPv3 Support in Pulse Secure Access Service 7.4
IPv6 support for Layer 3 VPN access method in Junos Pulse 4.0 and Pulse Secure Access Service 7.4
Support to machine certificate store for user authentication
Pulse event system
Support for NTPv4
Support for SAML Attribute Statements

 

HTML5 support through Rewriter in 7.4 version of SA OS

 

 

13 REPLIES 13
Respected Contributor

Re: Pulse Secure Access Gateway 7.4 Features at a glance.

@tech_dude: please follow up with your account team to put in an enhancement request for this/add your company to any existing request for this. I am not sure if it can be done from a Windows permissions perspective

@Era: please follow up with your account team to know if an ETA is available
Frequent Contributor

Re: Pulse Secure Access Gateway 7.4 Features at a glance.

I am getting ready to roll new code. I have the 7.4 code installed on my test and Sage VPN for the last month. Works great with NC and fixed OWA 2010 menu issue as well as Win 8 IE10 support. I have had the 7.4r41 code for 18 months.

 

Is there any reason why I shoud not roll this current code version/

Contributor

Re: Pulse Secure Access Gateway 7.4 Features at a glance.


@VVJ wrote:

Please post your thoughts and queries for features you are using or would like to use. Our senior technical engineers will be answering your technical queries, and will try to resolve each of them.


Hi,

 

- First of all, for troubleshooting reasons it would be great if the user gets the DHCP Junos Pulse address displayed in the client! Proxy and DNS Settings (including the search domain) would be great.

All optional configurable on the server side.

 

- Find a way to cluster the license server (active passive would be just good enough...)

There is a way to re-register a cold standby device, but this is not a great way to deal with it.

 

- Please forward the error messages from the pulse client automatically to the user access log. That should be possible as long as there is a connection to the MAG. In case the is a problem with the virtual adapter, SSL VPN would know that there is probably a client side problem.

 

- Improve Archive schedule ... it is annoying to click on EACH entry, to click on EACH day, enter EACH time...

 

- Display in the header line somewhere the device name (hostname or anything self configurable)

Because: when accessing the device over an ip address with nat, it's annoying to search always for the certificate and / or sign-in policy and check there if you are on the right device.

 

- Junos Components: Why are they not customizable on the box? IF you already present the possiblity to choose between minimal / no / all components and DOWNLOAD then the installer..

Why don't you let us configure the complete individual package and download the package in one?

The reference to the admin guide is time consuming.

 

- Please improve the communication about the compatibility between junos pulse client and different firmware versions. It is not clear to me how this will work, if a user is using different MAGs with different firmware.

What will work? What will not work. f.e. is 7.1R3 useable when you have already visited a box with 7.4R1.


Users may use many ssl vpn gateways...

 

- Please provide also a better password policy for internal user

 

- Please include groups for internal user -  internal groups should be then useable for role-mapping


(I know internal users are not state of the art, but some customers prefer a self service on the box.)

 

 

I hope that I understood your comment correctly. That this was a invitation to tell you what our needs or wishes are.

 

Greetings,

Ate

Contributor

Re: Pulse Secure Access Gateway 7.4 Features at a glance.

We suggest that you go through the release notes for 7.4 to check for any known issues that may affect your environment before you perform the upgrade. 

 

As long as you dont see any there, I believe it should be ok to upgrade. 

 

 

Occasional Contributor

Re: Pulse Secure Access Gateway 7.4 Features at a glance.

We have allot of Macintosh users and would like to use HTML 5 RDP for these users, is this free to setup, any tutorials on how to do this? We would like to know as presently we cannot afford hob's jwt client and need an alternative instead of full tunnel. Is it true f5 and vmware (HTML ACCESS) is years ahead of Juniper when it comes to harnessing html 5?

 

Thanks!

Contributor

Re: Pulse Secure Access Gateway 7.4 Features at a glance.

Hi VVJ,

 

am I completly wrong with my post here?

Any feedback on my post would be nice.

 

Ignoring it  is not Smiley Happy

When this is the wrong place to put it here - please tell me.

 

But my experience is - when telling our senior system engineer contact:

 

- he will write some lines as a feature request

- those feature requests will put somewhere

- I will never hear anything about it in the next years

 

Best regards,

Ate

Contributor

Re: Pulse Secure Access Gateway 7.4 Features at a glance.

Hi Ate, 

 

Thank you so much for your detailed feedback and sorry that I missed your earlier post. Most of the mentioned options are really good to have. Below are a few of my thoughts 

 

- Please forward the error messages from the pulse client automatically to the user access log. That should be possible as long as there is a connection to the MAG.

==> We currently do print messages in the User Access logs for any SA side errors that come up during bringing up the tunnel. Examples are when there are no IPs configured/DHCP server not reachable, ACL counts exceeded etc. Other than this, we also log entries for sesssion timeouts on Pulse as well. The rest of the scenarios are mostly due to issues at the client side which the SA is not really aware of and hence is only printed in the Pulse client side logs. 

 

- Display in the header line somewhere the device name (hostname or anything self configurable)

Because: when accessing the device over an ip address with nat, it's annoying to search always for the certificate and / or sign-in policy and check there if you are on the right device.

==> We currently print the member names on top in case you are logging into the Admin UI of a cluster. Are you looking for something similar for stand alone devices as well?

 

The rest of the pointers provided have been forwarded to the relevant departments. You could follow up on the same with your Juniper Sales Teams. 

 

 

 

 

 

Contributor

Re: Pulse Secure Access Gateway 7.4 Features at a glance.

Hi Kalluga, 

 

Thank you for showing interest in the HTML5 features. There are no additional licenses from an SA perspective that you would need to have for this feature to work. This is at par with the current Rewrite Access mechanism in the SA. 

 

Unfortunately, there are no tutorial links that I can share at this point but shall let you know as soon as I have one. I am very sure the Juniper solution with HTML5 is pretty competitive too :-) 

Highlighted
Contributor

Re: Pulse Secure Access Gateway 7.4 Features at a glance.

Hello VVJ,

- Please forward the error messages from the pulse client automatically to the user access log. That should be possible as long as there is a connection to the MAG.

==> We currently do print messages in the User Access logs for any SA side errors that come up during bringing up the tunnel. Examples are when there are no IPs configured/DHCP server not reachable, ACL counts exceeded etc. Other than this, we also log entries for sesssion timeouts on Pulse as well. The rest of the scenarios are mostly due to issues at the client side which the SA is not really aware of and hence is only printed in the Pulse client side logs. 

 

->> understood and the server side errors are listed there, I know. But if just the reason string on the client side would be written also in user access log (just in case the user logs in through the web-interface, before launching the pulse client) that would also help a lot.

 

- Display in the header line somewhere the device name (hostname or anything self configurable)

Because: when accessing the device over an ip address with nat, it's annoying to search always for the certificate and / or sign-in policy and check there if you are on the right device.

==> We currently print the member names on top in case you are logging into the Admin UI of a cluster. Are you looking for something similar for stand alone devices as well?

 

->> Exactly! I need that also for virtual appliances (VA-SPE) they come out usually default like with

"localhost2" that is somehow not changeable...

 

Managing many of them becomes really irritating...

 

Thanks for replying! And also thanks for forwarding.

 

Ate