cancel
Showing results for 
Search instead for 
Did you mean: 

Terminal services & FIPS

Highlighted
New Contributor

Terminal services & FIPS

Hi all, I hope someone can help.

Scenario IVE sa 6000 running 7.0
terminal server user access policy

end users where happily able to connect to the inside terminal services server with no issue. Now FIPS & TLS & certificate have been enabled on the inside TS, users are no longer able to connect.

My understanding is that the IVE proxies the Terminal server connection, so from the TS client perspective it is connecting to the IVE, & from the TS server perspective its client is the IVE.

I'm still trying to understand how the TLS, certificate & FIPS works but I assume there is no way for the real client to verify the real TS server & I'm not sure if the IVE is able to connect to a TS server using TLS certificate & FIPS complaint (I'm yet to find any documentation on that).

If any one has come across this or has some knowledge they could share on this I would greatly appreciate it.

Regards

Chris

2 REPLIES 2
Highlighted
New Contributor

Re: Terminal services & FIPS

word from Juniper:

The issue with the FIPS requirement on the terminal server includes mutual authentication/certificate verification on the client. Which is not supported on the SA.

There is no ETA for this feature as of now.

You can try using other access mechanisms like Network Connect to access the termninal service with FIPS enabled.

Smiley Happy

Respected Contributor

Re: Terminal services & FIPS

Hi Chris-p,

Thank you for the update & confirmation that it is not supported.