So I have a couple of questions and I've found little/nothing in my Google searching. First, we have our MAG4610 (Running SA7.4R4) working as a SAML2.0 Service Provider. We have a NetIQ Access Manager (NAM) system working as the Identity Provider. The first problem is with Web Remote SSO. Is there any way while using SAML in the fashion we are to make Remote SSO work? I'm assuming the answer is no and I should find a way to utilize NAM to handle the problem. Though if I'm just missing something, I'd love to hear how to get it working through Juniper since the particular system needs the Pulse/NC L3 VPN as well. The second problem is that I no longer see the Network Connect or Junos Pulse bookmarks when logging in on Linux or Android. We are still in the process of testing and building the initial implementation, so I have changed a lot of features over the process and at some point, those bookmarks disappeared. The roles the users get are currently the same whether they are logged in via Windows, MacOSC or Linux.. they just don't get the bookmark like they used to. This is a problem because you can't directly connect to the MAG via the NC/Pulse client when it is in SAML: SP mode. So they have to log into the web interface first to authenticate their session and then connect the VPN client. Is there a way to force that bookmark to show up that I'm missing?
... View more
Hello, We recently purchased a MAG4610 to replace our existing SSLVPN and decided to get some Java RDP client licenses to test with our VDI deployment, which today relies on end-user RDP clients. So now I'm trying to figure out if there's any way to dynamically launch a JRDP session from our VDI connection broker. Ideally we would configure the broker to launch something like http://vpn.ourcompany.com/jrdp.jar?host=192.168.0. 2&username=mcuser that then launches the hobsoft client aimed at the correct VDI workstation. I've tried to search through the forums here and documentation but haven't found anyone looking to do similar. Has anyone done this with the bundled applet or do most people find an unbundled third party app to handle it?
... View more