Scenario / Questions
The Windows users have a new client “Juniper Pulse” to connect to the Juniper VPN server.
On Linux, what VPN client do we have to connect to that Juniper VPN, with maximum compatibility?
Please mention the necessary parameters that have to be provided.
Find below all possible solutions or suggestions for the above questions..
And my favorite method (no java applet required):
your url: ‘https://some.site.com/dana-na/auth/url_default/welcome.cgi‘ (or whatever)
you know your realm or you can find it from the web page or with:
REALM=$(wget -q --no-check-certificate -O - 'https://some.site.com/dana-na/auth/url_default/welcome.cgi' | sed -n 's/.*<input\( [^>]*name="realm" [^>]*\)>.*/\1/p' | sed -n 's/.* value="\([^"]*\)".*/\1/p')
After you login, download the following jar (should be done one time only):
and unzip it to ~/.juniper_networks/network_connect
Get some new libraries for your 64bit machine
yum install glibc.i686 zlib.i686 nss-mdns.i686
Go to ~/.juniper_networks/network_connect and
sudo chown root:root ncsvc sudo chmod 6711 ncsvc chmod 744 ncdiag chmod +x getx509certificate.sh
Get your certificate:
./getx509certificate.sh some.site.com company.cert
./ncsvc -h some.site.com -u username -p password -r REALM -f ./company.cert
For some sites I noticed that you also need to put the -U switch:
./ncsvc -h some.site.com -u username -p password -r REALM -f ./company.cert -U 'https://some.site.com/dana-na/auth/url_default/welcome.cgi'
The OpenConnect VPN client has (nascent) support for Juniper SSL VPN.
See the announcement at http://lists.infradead.org/pipermail/openconnect-devel/2015-January/002628.html
The Juniper support is coming along nicely now and is definitely ready for more testing. It’s reached the point where we’re happy to admit to its existence on the OpenConnect web site: http://www.infradead.org/openconnect/juniper.html
What I usually do is use
openconnect, it has to run as root, from the terminal window and you have to use the
--juniper flag like this:
sudo openconnect --juniper http://your.vpn.server.here
It will ask for your user name and password and will connect you to your vpn.
The only caveat is that the terminal window has to be open all the time and it may drop once or twice in a day, you have to re-connect.
Network-Connect is the Old Juniper VPN. It is no longer used/shipped by juniper, everything is now Pulse secure. The information on this site is old. Pulse Secure is not supported on Linux.
On Ubuntu 15.10:
sudo apt-get install icedtea-7-plugin openjdk-7-jre:i386
sudo ln -s /usr/bin/update-alternatives /usr/sbin/(this may already exist)
sudo apt-get install libstdc++6:i386 lib32z1 lib32ncurses5 libxext6:i386 libxrender1:i386 libxtst6:i386 libxi6:i386
Then connect to your VPN as you would normally through the web interface. You’ll need to allow the IcedTea plugin to run in your browser (I used Firefox) when it prompts you. There are also a number of prompts to trust software from a remote site, and it pop up a terminal for your password.
I believe this is answered on Juniper’s forum here – specifically for Network Connect (I’m assuming that’s what you’re wanting to do). They have excellent screenshots, etc to help you through the process (Five steps).
Disclaimer: This has been sourced from a third party syndicated feed through internet. We are not responsibility or liability for its dependability, trustworthiness, reliability and data of the text. We reserves the sole right to alter, delete or remove (without notice) the content in its absolute discretion for any reason whatsoever.