flip_pipe   and what does this mean? ... View more

came here to ask the exact same question.  ... View more

so when i told my management they want to jump ship. Is this what everyeone else doing or they are going to stick with this for now and see how things go? ... View more

so no one has done this? ... View more

the Juniper clients are installed under the users profiles. So the network connect is running on the first users profile if you do a switch user and go to the 2nd user it is not going to have the network connect client etc. This user will need to go back to the login portal and install the Network connect and host checker etc again. The only thing that does not install under a profile is Juniper Installer service.   So in short you can say that this is by design. :) ... View more

I am not sure if Data Cards would be in the same category as smart cards but here is all the things you can configure for a Terminal sessions.   Also when you create a Terminal services bookmark you can tell it to use diffrent resiolutions. Full Screen is an option.     ... View more

Not sure what you are asking. Do you want to have some keybaord shortcut to launch the Juniper terminal services client? ... View more

when the user is logging in they get the host checker first and then this undefined. I am attaching a screenshot ... View more

the problem we have with l3 tunnel is the ipads are are not FIPS 140-2 compliant. So we cant allow users to store anything on the ipads but if we give them L3 access we cant stop them for doing this so we kinda need to limit what the users can do so if they are working on a citrix or rdp type portal than nothing gets saved locally and we are good to go ... View more

so as i dont see any options to configure this i am guessing this option is only avialble in 7.2 chain :( ... View more

Michael , I have been looking for a way to do this as well but does not look like there is a way. If you have Application layer firewalls you can block access to the /admin page in there. It looks like all /URLs are available from all interfaces so you can lock it down by doing what Kevin said but not even show the page to the external user is not something that is built in option. ... View more

anyone ? ... View more

when i try the browser i get Reasons: Machine certificate validation failed (3) the cert Key Usage is Digital Signature, Key Encipherment (a0) Intended Purposes Server Authentication, Client Authentication ... View more

I still can not get this stupid thing to work :( so far this is how i have evertyhing setup 1. I have imported my certs chain in system -> configuration -> Certificates -> Treusted Client CAs upto the root 2. Setup a sign in page https://x.x.x.x/pulse 3. setup a sign in page policy that sends me to pulse realm 4. in the realm i am not doing any restrictions 4. and there is a role called pulse which has the option to do only pulse nothing else 5. there is a host checker policy called cert where i am looking for Machine cert -> Machine Certificate and the only thing checked in there is Criteria and that is my issuer cert. That is the CA that signed my machine cert. Nothing in the optional. 6. I have setup primary authentication in the realm PULSE as LDAP 6. There is a * for anyone who wants to connect to opulse realm will get the pulse role if they have the machine cert 7. every time i do this i get 8. so when i go to my pulse client try to connect i get the login prompt for LDAP i type that in and than i get You are not allowed to login and off course the reason is no Roles as the Host checker policy does not find a machine cert signed by my CA. Please help i am thinking there is something really simple i am messing up. ... View more

We use VASCO which is the industry leader world wide with over 75 million users. Around 1/4th - 1/6th the cost of RSA setup and multiple form factors the coolest being SMS based two factor :) ... View more

as Lilja said once you have clicked the network connect client once by logging in it creates a program entry that you can go to by clicking start -> All programs -> Juniper Networks -> Network Connect - > Network connect you can drag and drop this to the desktop and have your users use that to login. This will do all the host checks and etc and a browser is not needed. ... View more

this is what we are using and it works for windows xp, vista and 7 Key/Subkey: SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NV Domain String; domainnamehere i would also make a fake file name it something like mouse.dxp and put it in windows folder and hide it as a system file and use MD5 hash match to check for this file as well as the above. ... View more

Juniper does not have a RDP client for OSX that is why your users are getting the terminal sessions are not supported error. The first error messgae looks like is from Java based RDP and those can be only setup by admins. Is this an RDP server that you have shared with the users by creating a resource? ... View more

I normally give all my feedback to my SE. ... View more

the useragent of ipad will have the word "ipad" in there and here is an example of iphone header Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420+ (KHTML, like Gecko) Version/3.0 Mobile/1A538b Safari/419.3 ... View more

should answer all your questions :) https://forums.pulsesecure.net/topic/pulse-connect-secure/89008-ipad-iphone-mac-host-checker/highlight/true#M11068 ... View more