Pulse Secure formerly SSL VPN
Showing results for 
Search instead for 
Do you mean 
New User
Posts: 1
Registered: ‎02-25-2010
0 Kudos

VPN Accessing ONLY through Network Connect

Hi all!


Is there a best-practice way to implement a solution whereby the only way a user can access the Juniper SSL VPN is through Network Connect. I want to disable the ability for them to get to access the Juniper SA via a web browser. My first thoughts are:

1. To implement Custom Pages and modify the LoginPage.thtml so it doesn't have any ability to login. Therefore, only the LoginPage-stdaln.thtml allows access, as this is the page that is used by Network Connect

2. Perform a Host Check to verify that Network Connect is running. However, this will require Host Check to be installed, which will slow down the logon process.

Any suggestions or help would be appreciated.



Distinguished Expert
Posts: 2,405
Registered: ‎01-29-2008
0 Kudos

Re: VPN Accessing ONLY through Network Connect

Hey Chatan - NC can be started from a command line. It can be started at PC login. You can define a role that only allows NC so that when they login from a browser that is the only option available to them.


Not sure if I understand what you are trying to achieve so I hope these suggestions are of some help.

Kevin Barker
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Posts: 76
Registered: ‎06-19-2009
0 Kudos

Re: VPN Accessing ONLY through Network Connect



you might also look into the GINA option, incorporate NC in the Windows logon.


Best of luck!

JNCIA-SSL,FWV,IDP, Security+,Network+,LPIC-1,MCSESmiley Frustrated,MCITP:EA
Moderator Moderator
Posts: 249
Registered: ‎11-06-2007
0 Kudos

Re: VPN Accessing ONLY through Network Connect

Try the thread @ http://forums.juniper.net/t5/SSL-VPN/Customizing-Network-Connect-login-pages/m-p/38952#M7419

Its doing the opposite of what you want however you should be able to leverage some of that logic. However as noted before in this thread - it is possible to preserve browser based login and still allow access only to Network Connect.