You can create separate bookmarks for each user (for the one resource), but it would be easier if you simple name it 'my pc' or something like that. ... View more

Yes, I upgrade as bugs are fixed, but probably have a much simpler use-case than you.   If you look at the PRSearch page and the workaround, you should be able to determine whether you have to upgrade or if the workaround will mitigate the issue and satisfy your security group. ... View more

In the more recent releases, you have the option of enabling ldap on active directory auth servers.  I'm not sure what this allows you to do since I haven't used it. ... View more

An alternative, if your device is separated from the internet by a firewall is to do port translation on your firewall, but if you do this, I'd definitely test everything before giving customers/clients access.   ... View more

If you change the host from the dns name to the ip address in the terminal servcies bookmark, it should work.   I know that uninstall/reinstall of the juniper services on a Windows 7 client will fix it with no changes made on the SA/MAG box, but I don't know if this fix works on Windows 8.x ... View more

I'll have to look again.   They keep adding new features, like Pulse, and I can't keep up... ... View more

I'm sure this is great if all of your users work remotely and logging in via Pulse is required.   For everyone else, it's three extra clicks every time they log into windows.   Also, for those of us in consulting, having my computer connect to customer #1 while I'm sitting in a conference room at customer #2.....is not a good thing,    I believe auto-start used to be an option, apparently, now, it's the unchangeable default....yeah! progress... ... View more

No it doesn't, but depending on the ratio between the number of bookmarks and number of users, it may be an easier fix than uninstalling all juniper (or whatever piece is actually affected by the latest windows update) software and reinstalling it. ... View more

The fix I found does only fix the built-in terminal services client.   My question was does the second fix work: reinstalling the juniper windows executables which doesn't require changing the bookmarks to use ip addresses. ... View more

If you change back to dns names, and uninstall/reinstall the juniper client software, does it continue to work? ... View more

Does uninstall/reinstall of the TS client fix connections that use hostnames? ... View more

I just re-installed Network Connect 7.1.16 and the TS client still works. I don't have an easy way to test a newer (from a MAG2600) client or the pulse client's impact on terminal services. ... View more

I have found that if you uninstall all juniper programs (Network Connect, Juniper Pulse, Juniper Terminal Services Client), that connecting again causes a new copy of the terminal servcies client to be installed, and this fixes the problem.   I don't know which uninstall caused the problematic program to be removed, just that after uninstalling everything, the terminal sevices client works again. ... View more

Manually.  When you set up AD auth, you have to manually select the groups to import into the device (or you can select all of them.)  Once you've done this, any new groups created have to be manually imported.   From the new rule window, if you change the rule to "based on group membership" and click Update, you'll see a Groups button, click that and it'll open a window showing you the groups that have already been imported.  if you click on the search button, it will open the group catalog.  This will list all of the groups that it sees in your AD. (so if you do this immediately after group creation, they might not show up due to replication delays, etc).   You can now choose any or all groups to add and click Add Selected.   I hope this answers your question. ... View more

I thought it was caused by Mozilla deciding unilaterally to no longer trust java. ... View more

The release notes say that it was fixed in 7.4R4. Be that as it may, Firefox 24 (on Fedora 19 i686) still complains about Network Connect. I haven't run the Pulse client from Windows 7 so I can't help you there. Checking the notes for 7.3, they fixed some in R7 and more in R8. ... View more

Of course, if you're running 7.3, you are either on a SA x500 or MAG box.   check the release notes for the last two release for your platform. ... View more

This is fixed in 7.1R15 (for the SA2000) according to the release notes. ... View more

I think you'll also find that the terminal services client is also limited to a single user per machine. ... View more

I've never set up the RSA Self-service option, so I don't know what would be needed to make it work. ... View more

Because its probably the only one that the latest CVE vulnerability is fixed in. ... View more

Let me know if they fix it. I reported this last year....and they didn't ... View more

If you search the forum, I posted my bind config and SA config for using a pair of linux servers to serve separate network addresses to multple roles and its been working well for quite some time. ... View more

Yes you can (with caveats). If both SA devices aren't running the same code, you'll end up with multiple versions of NetworkConnect/Pulse and if you have a Terminal Services client open via one, when you open a terminal services client via the second... your first one will (probably) be closed. I have several clients, all running differnet versions and the only issue I have (and I only connect to a single client at a time) is that the Terminal service client is unique to each SA version, so every time I switch client networks, I have to download their version of the TS client. ... View more

In the NetworkConnect GUI, are you connected via https or ESP. ESP will be faster, but requires opening addional port(s). ... View more

In your example, you used =cvs. If the user shouldn't have access to this resource, you should block it. If they do have access to it, why should it matter if they bookmark it using the non-obsfucated path? If it's because you reserve the right to change the url ever two weeks and are tired of having to update your users' bookmarks, then you have a user problem. I had a similar issue. I sent my users a link to the signin page and some of them opened the url...and then bookmarked it, meaning that their computer now had /dana-na/url_4...... and when I made changes, the url changed to url_5 and their bookmarks were no longer valid, even though the url in my original email remained valid. ... View more

If my SA's internal interface is 10.10.126.38/24 and my NCServerIP is 10.10.126.37, what can happen? I would think that the capture code for this is above the general routing/forwarding code Or is it the case that a valid arp entry for this address (from the internal interface) breaks the interception code? Which would make sense. ... View more

One of my clients enables a web proxy and sends the proxy.pac file in a login script. My comment above was mean to indicate that, depending on client NoScript (or other) settings, it may not be executed. In my case, as 3rd party network support, I don't need access to the resources that it provides, so I don't let it run. This is something that you have to keep in mind if you allow non-domain-member machines to connect to your sslvpn....unless you have very complicated role-mapping rules. ... View more

Create a new sign-in policy and URL as your.ssl.vpn.net/cert.html (this works). and add their text to the sign-in page's instructions field. ... View more