- Pulse Secure Community
- :
- About Jeroen Bismans_
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
since
10-29-2017
10-29-2017
Jeroen Bismans_
Occasional Contributor
14
Posts
0
Kudos
0
Solutions
04-29-2014
06:23:AM
Thank you both for your help and fast responses! I gave you both the kudos you deserve!
... View more
04-29-2014
06:13:AM
Wow! Thank you for that very detailed response! I indeed saw that document you are refering to but I misinterpreted the data. The WAN/LAN clustering I thought had something to do with the Wan / Lan interface being used. For example if you have a two armed setup, that the cluster communication can be done over the LAN interfaces but not over the WAN interfaces. So that has nothing to do with it? It means that the connectivity has to be LAN-like, like 100mbit+ full duplex 1-5 ms latency. So an MPLS like connection will probably be not sufficent. What is your estimate from what point it is doable?
... View more
04-29-2014
05:03:AM
Dear forum, We have two data centers in two different locations that are connected with a layer 2 link. Would it be possible to do active/active HA between one box in one datacenter and one box in another datacenter? What are the requirements to do this? Latency? Layer 2/Layer 3 link? Multicast traffic? Do the WAN/LAN IP ranges need to be in the same IP range? I'm not sure if each data center will have the same IP range. Without the same IP range failover will most likely be not possible? What exactly would be synced concerning configuration? I would have one sign-in URL pointing to one data center and one sign-in URL pointing to another data center. For example: dc1.company.com and dc2.company.com, each a different public IP. Or am I over complicating things and should I make each box stand-alone? All advice is welcome!
... View more
07-28-2011
08:26:AM
Thank you both for your answers. I will post in this topic if it solved it.
... View more
07-27-2011
06:15:AM
Hi everyone, A customer of ours configured Active Sync to run over their SA but they claim that their Exchange server complains that the timeout for push mail isn't configured high enough. I've searched on the Juniper KB and I couldn't find anything where I could change the timeout on the SA itself. So could this be an option on the Exchange? Has anyone seen this error and knows how to fix this? Thanks in advance
... View more
04-11-2011
06:30:AM
I feel so stupid now. :-) Thanks for the information. I configured the host checker policies now on the roles. But when I tried to disable the host checker policies on the realms. I got the notification that the host checker policies on the realms should be active in order for policies on the roles to work. I want to enforces the policies when they sign-in but I want them to be able to see the sign-in page and be able to select the proper realm. So should I select evaluate or enforce with the realm host checker policies?
... View more
04-04-2011
01:24:PM
Hi everyone, Today I implemented some hostchecker rules for the first time and I'm a bit surprised with the result. I configured the following: Sign-in page 1 Realm 1 Host checker policy 1 AV Check (Kasperky AV) Domain membership check Realm 2 Host checker policy 2 AV Check (Any AV) Sign-in page 2 Realm 3 Host checker policy 3 AV Check (Kasperky AV) Domain membership check Realm 4 Host checker policy 4 File check Sign-in page 3 Realm 5 This seemed to me pretty straightforward. I was also easy to configure. But I was surprised that as soon someone browsed to the IVE sign-in URL. The host checker became active and started to check the AV and domain membership. But why does he do that? The host checker policy is linked to the realm and depending on the realm you select on sing-in page 1. Different checks are done. So why does the IVE immediately started to check as soon as you browsed to the IVE? Instead of checking when a users sign-ins in a certain realm? Is this the normal behaviour and can I change this? I want the checks to happen when the user authenticates. Thanks for your help!
... View more
02-09-2011
03:21:AM
Hi everyone, Does anyone know if there is a limitiation on the maximum amount of (LDAP) authentication servers you can create on a SSL VPN? I'm going to do a pretty big setup and I just wanted to check here first to make sure I don't bump in to things in the future. Thanks for info. Kind regards, Jeroen
... View more
10-05-2010
06:00:AM
Hi everyone, I have questions regarding Remote App on an SSL VPN. Does anyone have a guide or a configuration sample for me on how they have configured? I would be most gratefull. Also, on my SSL VPN, I have firmware 7.0 and I have an extra field called "Applet". But on the device where I need to configure this, they have firmware 6.5r2, I don't have this field. But the release notes from the 6.x firmware say that their is support for the remote app. Should I recommend an upgrade? Can anyone please be so kind to assist on this?
... View more
10-04-2010
07:57:AM
I read something about the Enhanced Endpoint Security. To me this seems like an anti-virus product that get's deployed to your computer when you log in. Does this anti-virus solution always stay active or only during the session? Can this solution get in conflict with an already installed AV-software?
... View more
10-04-2010
07:14:AM
Hi, I was wondering if it's possible to conduct a virus scan on file's that are being uploaded through the SSL VPN. For example with the network connect or file share feature. I don't believe that the SSL VPN has an integrated AV engine, so maybe with ICAP or...? I am aware of the host checker feature's but I was just wondering.
... View more
08-04-2010
04:37:AM
Thank you for your reply. You were correct, I only created a nat rule for https and not for http, that's why the redirect didn't work. Thank you for pointing this out, this has been fixed now. I also created a case with Juniper for the custom sign-in page. A team is now going to pick up the case and maybe create the page. I will update on that. I just did it the quick and dirty way, backed up my config, gave the IVE a reset, configured the correct certificate and restored my backup config. The customer is planning to buy a real certificate soon so that will also resolve the security messages.
... View more
07-27-2010
12:11:AM
Thank for all the useful tips. I know now why the redirect doesn't work, I also need to forward the http port through the firewall. It does do it by default. Thank you for the tips for the realm parsing, I will discuss with the end-user if it is worth the trouble or not. I will also back-up the config, reset the device and create the proper certificates.
... View more
07-26-2010
02:13:AM
Hi, I'm pretty new to almost everything from Juniper and I did my first SSL VPN install at a customer. Everything works fine, the OWA, file shares, Citrix, network connect and so on. But I am having trouble with some requests from the customer. I will sum up their requests and hopefully I can get some help with this. Pretty basic, they wanted that when they enter the url of their SSL VPN in http that it redirects to https. I have searched the admin guide and the web interface for this but I haven't really found it. This one is a bit harder, they have 2 realms, let's say realm1 and realm2. They do not want their user to have to choose between the realms in the drop down box on the sign-in page. They would like to have the users sign in with [email protected] or [email protected] and then the SSL VPN parses it to the proper realm. Do you think this is possible? And how I can achieve this? When I installed the unit, I choose to create a device certificate from the console (sslvpn.domain.org) but the customer wants to use connect.domain.org. But I can't seem to create a new device certificate, I can only make pending certificates to create an official certificate. Is there a way to create a new certificate like you do with the initial install? Thank you for any help!
... View more
Latest Tags
No tags yet
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy.
Pulse Secure has updated its Privacy Policy effective June 28, 2017.
