- Pulse Secure Community
- :
- About CNIDog_
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
since
10-29-2017
10-29-2017
CNIDog_
Occasional Contributor
14
Posts
0
Kudos
0
Solutions
06-29-2012
01:00:PM
Changing the update timer from 60 minutes to one minute appears to correct the issue and users can connect. We change the timer back and the issue returns in about 10 days.
... View more
06-26-2012
12:22:PM
Actually, that last posting was a mistake, the failure entry is from a different non production box. The logs for the production cluster regarding AV signature updates are all successes.
... View more
06-26-2012
11:57:AM
Here are the log messages just before the failure: 2012-06-24 18:45:38" pri=2 fw=172.17.7.7 vpn=ive ivs=Root user=System realm="" roles="" type=mgmt proto= src=127.0.0.1 dst= dstname= sent= rcvd= msg="ERR24746: Unable to download current virus signature list from 'https://download.juniper.net/software/av/uac/epupdate_hist.xml'. Reason: Invalid credentials - '401'." 2012-06-24 18:34:36 - CDISSLVPN2 - [127.0.0.1] System()[] - The current virus signature list downloaded successfully from 'https://download.juniper.net/software/av/uac/epupdate_hist.xml'
... View more
06-21-2012
01:45:PM
I have a customer who is experiencing an issue with the AV DAT file update on a SA4000, running 7.0R6. About every ten days or so, the DAT file update will not run and users are locked out. The user gets notifed that the host checker will not allow users to sign in in via sslvpn. If they change the 60 minute update time to 1 minute, the update will run and corrects the problem. Has anybody experienced this, or know why this might be happening? Regards,
... View more
03-10-2008
06:30:AM
Ray, If you are having issues with Host Checker on Mac and Linux devic es, you can do as kmaybe suggested also in this thread: You can use the IP restriction feature on the authentication policy of the role or realm to allow or deny users sign-in access based on their source IP address. Just browse to User Realms --> --> Authentication Policy --> Source IP or User Roles --> --> General --> Restrictions --> Source IP and add the IP addresses you want to allow or deny. Regards,
... View more
02-04-2008
04:02:PM
Are there good, recent documents available that descibe how to upload a java application (i.e. terminal emulation app) to the SA for use or download by remote VPN users? Regards, DAK
... View more
02-04-2008
12:52:PM
Thank you. I assumed there was a way to satisfy this requirement. The connections will be coming from one of four IP addresses. These source addresses will be NAT-ed addresses that have passed through a firewall. I'm assuming that a resource policy can be written that will look at the incoming packet's source IP address? I have not done this before. Do you know what version of code is required on the SSL VPN appliance? And do you know where I might find an example of such a policy?
... View more
02-04-2008
12:30:PM
I recently checked the release notes for 7.1R4 and saw that 64-bit OSes still are not supported in SVW. Does anybody know if this is on the roadmap yet and when it might be released? Surely seventy five percent of the world is using a 64-bit OS by now. Regards, DAK
... View more
02-04-2008
08:34:AM
I am evaluating various ways of implementing host checker to scan user machines for the presence of AV and FW programs. Many of my users are business partners, over whose machines I have no control. Some of these machnes, I am told, use whitelists for security, instead of a FW or AV program. The way I see it is if I scan a machine for the presence of AV and FW, but they are using whitelists, I will have to deny them access. Is there any way of scanning a client machine for the presence of whitelists? I think these will be primarily Windows devices, but there could be some Mac or Unix devices in the mix. Regards, DAK
... View more
02-04-2008
07:35:AM
Can Host Checker be programmed to check for the source IP address of an incoming connection? I have some users who are allowed to connect from any address, and some who are only allowed to connect from (four) specific addresses. For those restricted users, I want to be able to identify their incoming connections by the source address and then authenticate them (or not) and place them into a role based on the source address. I thought that maybe I could use Host Checker to satisfy this requirement, but I'm not sure how to do it. Thank you in advance.
... View more
02-04-2008
06:08:AM
Can the SA2500 run a Wyse or VT100 terminal emulation natively in a web browser? If not, is there a way to provide this functionality using the Secure Access appliance? Also, does anyone know if this functionality is available with Cisco's ASA firewall? Thank You, DAK
... View more
02-04-2008
05:48:AM
Thank you. I'm just a little surprised that it's only under investigation. Not having 64-bit OS support makes SVW effectively obsolete in today's user community. Is this a sign that Juniper plans to abandon that technology? Regards, DAK
... View more
Latest Tags
No tags yet
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy.
Pulse Secure has updated its Privacy Policy effective June 28, 2017.
