Does anyone know if the Pulse and Network Connect client support TLS. I've made the recomended change and the logs still show "connected with SSL transport mode".
NC and Pulse should support TLS. We are doing further testing to ensure there is no compatibilty issues with any Juniper components. In regards to the message, NC and Pulse should connect via SSL as this is used as the control channel. However, the control channel should using TLS protocol only after the change has been made.
I have been running this way for at least 3 months with no issue. We have folks accessing our portal with everything from IE9-IE11 as well as Google chrome for windows and mac, Firefox for windows and mac, and Safari on mac and no one has encountered any issues.
@Antioch wrote: I have been running this way for at least 3 months with no issue. We have folks accessing our portal with everything from IE9-IE11 as well as Google chrome for windows and mac, Firefox for windows and mac, and Safari on mac and no one has encountered any issues.
Thanks for the info.
Couple of follow-up questions for you Antioch. when switching to TLS only, did you also uncheck the SSL Legacy Renegotiation Support option -
Also do you have Network Connect or Junos Pulse users connecting to your box? Anything on that side since you've switched?
I've done the tests on my side and it seems to be working fine like you said on the major browsers as far as I can see. The only concern I got are people still using older browsers like IE6 that might not be working...
NC and Pulse should support TLS. We are doing further testing to ensure there is no compatibilty issues with any Juniper components. In regards to the message, NC and Pulse should connect via SSL as this is used as the control channel. However, the control channel should using TLS protocol only after the change has been made.
