cancel
Showing results for 
Search instead for 
Did you mean: 

Using Network Connect with 2 separate sslvpn boxes

porod_
New Contributor

Using Network Connect with 2 separate sslvpn boxes

We have 2 sslvpn boxes, one a sa2500 6.3r1 and the other a sa2000 6.5r3.1

I'd like to upgrade the sa2500 to 6.5r3.1 but there is a concern if the Network Connect application (6.5) on the client machines will be able to operate with the 2 boxes. It seems to me that this would not be an issue. Right now I can use the 6.5.0 client to access bont the 6.5r3.1 and 6.3r1 boxes. On the client there is a "Sign-in Page:" pull down with the url to the 6.5r3.1 box, would the other box show up in the pull down after i upgrade it?

5 REPLIES 5
Jickfoo_
Super Contributor

Re: Using Network Connect with 2 separate sslvpn boxes

We have trouble moving between versions. The code upgrades/downgrades/upgrades/downgrades. Its annoying.

Mrkool_
Super Contributor

Re: Using Network Connect with 2 separate sslvpn boxes

i am not sure i understand the question completely. First thing is you should not be able to connect to a 6.5R3 SA with a 6.3Rx client. I do testing with diffrent code versions in the lab and production using the same computer and i usuallyu have multiple versions installed for the most part it is not an issue but if something starts to act up or things start hanging during login i do a complete wipe of all juniper components.

Toivo_
Contributor

Re: Using Network Connect with 2 separate sslvpn boxes

We have a similar problem. Outside consultants require the use of NC to get to our systems, and they're complaining that another one of their clients also has a similar requirement, but runs a different code release, so they have to constantly upgrade/downgrade their clients to be able to connect. I'm not aware of any way to get around it, but is there any sort of solution for people who do have to connect to multiple SA appliances that are running different code releases?

kenlars_
Super Contributor

Re: Using Network Connect with 2 separate sslvpn boxes

I don't believe there is any way to get around this with Network Connect. My understanding is that Pulse will support this; that is, a single version of Pulse will work with multiple different versions of the IVE software.

If you are switching back and forthe between SA's with different major code levels (e.g., 6.3 vs. 6.5), Network Connect will not be reinstalled each time. That is because both NC 6.3 and NC 6.5 can be installed on a single machine at the same time. However, if you are moving between releases of a major code level (e.g., 6.5r3.1 vs. 6.5r7), the NC client will be reinstalled each time.

I believe all other software is reinstalled each time a new release is encountered, whether major code level or release of a major code level. I know this to be true of Host Checker.

Ken

SonicBoom_
Regular Contributor

Re: Using Network Connect with 2 separate sslvpn boxes

if its an outside vendor, have you tried letting them connect with WSAM? I know WSAM has the option to disable auto upgrade but NC does not and if you plan on moving forward with latest version of softwares you might want to consider testing or moving to wsam/pulse, i know my company moved from NC to WSAM and now migrating to pulse on a needs basis and we couldnt be happier.

just a thought