Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
since ‎10-29-2017
‎10-29-2017
madbull_
New Contributor

Re: Using IC series with ScreenOS device for layer...

by in Pulse Policy Secure
‎10-05-2011 06:53:AM
‎10-05-2011 06:53:AM
Hi, If we have the following situation: Juniper SSG140 with "VFX" zone and a Trust zone. VFX and Trust networks privately addressed. "VFX" zone has an IPSEC VPN termination device (not Juniper) The IPSEC VPN termination device has an interface which connects into the VFX network and an interface which is connected directly onto the Internet for IPSEC clients to be able to connect. Trust zone has an application server that home users need to connect to. Users sitting at home VPN into the IPSEC termination device over the Internet. Users then make requests to connect to the application server sitting behind the Juniper on the Trust zone. The user traffic is decrypted and sent on by the VPN device. The juniper sees the traffic as originating from the VPN device on the VFX zone, regardless of how many users connect. If we use an IC controller to authenticate the traffic coming from the VPN device on the VFX zone and destined for the application server on the Trust zone, is it impossible to differentiate different user sessions as they all appear to come from one source IP? ... View more

Using IC series with ScreenOS device for layer 3 e...

by in Pulse Policy Secure
‎10-05-2011 02:12:AM
‎10-05-2011 02:12:AM
Hi, I have been looking at using the UAC IC controllers to do user authentication for resources protected by a ScreenOS firewall policy. My understanding is that the source IP is used as part of the auth table mapping that is created and pushed to the ScreenOS firewall by the IC controller. My question is, if I have multiple users behind a NAT device that all initiate connections from the same source IP from the perspective of the ScreenOS, are we able to identify these users individually? Is the auth table entry that is created for the first user that gets authorised by the resource policies on the IC controller, able to be used by subsequent unauthenticated/unauthorised users behind the same IP? Or can we somehow uniquely identify users, even though they will all come from the same source IP? Thanks for your responses. ... View more
Latest Tags
No tags yet
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.