Solved: Re: JUNOS PULSE and Juniper IC

aeroplane_ · ‎09-25-2011

Hi Experts

Can we make JUNOS PULSE as alternative to OAC software for L2 (using 802.1x authentication) and L3 (with Juniper firwall) enforcement?

Can any body provide me the high level configuration steps to configure JUNOS Pulse?

Thanks

Raveen_ · ‎09-27-2011

Yes you can use Pulse for dot1x and L3 authentication with IC.

Below are not possible with Pulse while I am writing this,

- Pulse can do only EAP-TTLS ( Other flavors like EAP-PEAP, EAP-FAST etc .. aren't supported)

- Machine authentication and GINA is not supported yet.

View solution in original post

Raveen_ · ‎09-27-2011

Yes you can use Pulse for dot1x and L3 authentication with IC.

Below are not possible with Pulse while I am writing this,

- Pulse can do only EAP-TTLS ( Other flavors like EAP-PEAP, EAP-FAST etc .. aren't supported)

- Machine authentication and GINA is not supported yet.

aeroplane_ · ‎09-30-2011

Hi

Thanks a lot for the reply. But I did not see any protocol configuration for 802.1x on JUNOS Pulse Connection component on IC4500. Where we set EAP-TTLS?

Raveen_ · ‎10-02-2011

All protocol configurations need to be configured under Autthentication protocol sets page( IC GUI --> Authentication --> Signing In --> Authentication Protocol Sets ).

aeroplane_ · ‎10-05-2011

Hi Raveen

I am asking about the 802.1x authentication configuration on JUNOS PULSE client.

Raveen_ · ‎10-05-2011

Unlike OAC, the Pulse client while operating at Layer 2 is more of a plugin than a full fledged standalone client .

It is a plugin that is coupled with windows native supplicant.

To configure Pulse dot1x you should do below:

- Start Wired AutoConfig service

- Navigate to Local Area connection Properties (NIC properties)

- Click 'Authentication' tab.

- Under 'Choose a network authentication method:' drop down box, you should see 'Juniper Networks: EAP-TTLS'

- Select EAP-TTLS to do dot1x using pulse.

aeroplane_ · ‎10-09-2011

Thanks for the reply. But for this plugin configuration on the IC, I did not see options in the Connection set configuration. It just asking 80.2.1x type and thats it. So its means it generates all these L2 configuration by it self. Whats the default configuration for this?

Other thing is that, what do you mean by Start Wired AutoConfig service_?

Raveen_ · ‎10-10-2011

How to start Wired AutoConfig service:

1. Go to Run prompt of Windows

2. Enter 'services.msc'

3. You should see all the services available in OS

4. By default, Wired AutoConfig is stopped.

5. Right click the required service (Wired AutoConfig and Wireless Zero Configuration) and start it.

Plugin is avilable after Pulse installation in client machine, there isn't much configuration on IC w.r.t dot1x plugin for pulse.

HTH!

Regards,

Raveen

aeroplane_ · ‎10-10-2011

Thanks for the reply. I really hepled. So my qustion is still what is the default configuration for 802.1x when you configured in the connection set on IC?

Thanks

apaul_ · ‎10-11-2011

Hi,

JunOS pulse connection type 802.1X in IC allows you to configure the following

Adapter Type [Wired/Wireless]
Outer Username
SCAN List for wireless user
Trusted Server List [Wireless connection]
Connection Establishment option_

Thanks