SSL VPN
Reply
Contributor
amonte1
Posts: 25
Registered: ‎11-10-2007
0

6.5x Setup Control - Warning

Just upgraded to the latest 6.5x version and noticed a new "Feature" Pop-up Setup Control - Warning.  Anytime a Juniper executable gets loaded the user gets a popup warning with Always, yes and no.  Although its nice to warn users, is there anyway to disable this feature?  Aside from preloading the Trusted Server List to users.(KB15208)

 

http://kb.juniper.net/index?page=content&id=KB15208&actp=search&searchid=1271180033492

 

Moderator
cbarcellos
Posts: 198
Registered: ‎07-11-2008
0

Re: 6.5x Setup Control - Warning

No, there is not an option to disable the whitelist security feature, besides loading a file on the client before hand (as you have mentioned). This is a security feature that was added to protect users.

Trusted Contributor
rdit
Posts: 154
Registered: ‎07-04-2008
0

Re: 6.5x Setup Control - Warning

everytime the user logs in? i thought that would only pop up when the user initially installs the applications but that happens everytime the software (NC/HC) gets loaded? hell...

Recognized Expert
MattS
Posts: 205
Registered: ‎11-06-2007
0

Re: 6.5x Setup Control - Warning

[ Edited ]

 

If the user clicks 'Always' the server gets added to the user whitelist and they will not receive the pop-up in the future for that server.

Contributor
amonte1
Posts: 25
Registered: ‎11-10-2007
0

Re: 6.5x Setup Control - Warning

Yea. The pop-up appears for Each of the Modules too.  HostChecker, Juniper Installer, NC, etc...  One warning for all should be enough.  We usually prefer to minimize the user intervention.  Especially with Windows 7, it has enough popup warnings itself.

Trusted Contributor
Jickfoo
Posts: 398
Registered: ‎11-06-2007
0

Re: 6.5x Setup Control - Warning

[ Edited ]

You can predeploy the whitelist.txt. We did this and it worked well. Only problem is it needs to go in the users app data folder. We automated this by using a wise script.

 

The script goes to the registry and pulls the APPData value:

 

Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\AppData

 

Then you write the whitelist.txt file to:

%APPDATAVALUE%\Juniper Networks\whitelist.txt

 

This should eliminate the messages. If you're willing to give me the hostnames of your  IVE's I can customize a install for you.

Trusted Contributor
dcvers
Posts: 169
Registered: ‎11-16-2007
0

Re: 6.5x Setup Control - Warning

You can predeploy a whitelist file to the %ProgramFiles%\Juniper Networks\ folder

Check out the Trusted Server List section in the admin guide.

Contributor
amonte1
Posts: 25
Registered: ‎11-10-2007
0

Re: 6.5x Setup Control - Warning

Thank for the suggestions in populating the whitelist for each client.  My problem with that is that my users are mostly non-employees, so its's not as easy to deploy mods to their pcs.  The other problem is that the user needs to really attempt to connect to the ssl vpn first in order for all the Juniper Directories to get created under the Users profile.

 

I think all of this effort really defeats the purpose of the SSL VPN process being "clientless" and not having to preload/maintain anything on the client pc.

 

Thanks,

Tony

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.