SRX

Dear all, is there anybody got the issue the same me? I confgure dynamic vpn, and what i notice is work correctly by testing from my machine, but the problem is:

- sometimes, i need to type user and password 2 or 3 times to connect VPN successfully. the password and username
i make sure it correctly, and i copied it from notepad.
my internet use PPPoE. if you need know more configuration let me know, i will passed here to let you see.

Hi Pechdara,

Do you get multiple xauth prompts when you try to connect immediately after disconnecting the connection or the new connection is made after some time.?

If the token is invalid or null on SRX, there will be an xuath during the first HTTPS connection (when you click on connect) . This will be additional to the normal ike phase1 xauth.

Also please let us know the SRX model, Junos version and Pulse version.

Thanks,

Suraj

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.

Hi Pechdara pin,

Generally user needs to authenticate twice.

First user Prompt : To download unique token and vpn client config.

second user prompt : for ike authentication

first time that a VPN connection is made, the VPN client configuration parameters, including a unique token, will be downloaded from the SRX device.

From the second connection onwards the token will be used instead of the first authentication. This means that the user is then only requested to provide credentials once, using the credentials from the access profile configured under security ike gateway.

This unique token is saved on the VPN client for the next connections and then for the second time onwards, it will be prompted for user authentication only once.

On the dynamic vpn client , please do not delete the vpn connections profile for SRX . If it is deleted , then token value and other parameters are deleted.

we have seen in older pulse clients , tokens and other vpn configurations are not saved on the client so it prompts for multiple user attempts.

Pulse Download:

https://www.juniper.net/support/downloads/?p=pulse#sw

Try upgrading the Pulse client first and verify if it helps and if it does not then  try upgrade the Junos code on SRX to latest recommended 12.1X44-D35.

Also verify if all vpn clients are used when you attempt to connect.

show system licenses command would help to validate.

Regards
rparthi
 

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too

Hi Parthi, yeah I noticed the procedure as you explained me. The first time, when i connected to VPN, it prompt me twice times to put credinial. but next time, i type user and password only one time, and the connection is successfully. 
Thank for ur explain.