SSL VPN
Reply
Contributor
zthiel
Posts: 47
Registered: ‎05-29-2008
0

Community thoughts on this SSL VPN SVW enhancement request

Here is the situation we are running into:

 

We have an application that installs and launches from a website via an ActiveX control. Now the current design of the SVW/SSL VPN is if the ActiveX control and application is installed outside of the SVW then when a user is brought into the SVW it will function as expected. My problem is what if the application has NO possible way of being installed outside of the SVW.

 

So now the problem I have had since one of the 5.5 releases (yes this did work at one time with the SVW). All of our employees are brought into the SVW if they access our Employees Section of our website from a "non company" computer aka their home PC, public PC, etc. This application they need to use has never been installed outside of the SVW environment on their home PC and cannot be accessed unless they are in our Employee's section and inside the SVW. When they go to launch it from inside the SVW is does not load, etc, and does not work.

 

So a long story short the application is 100% unusable for out 800+ employees.

 

Another spin on this is lets say we have a user that goes to a conference and they need to use this application. There is no way we would want that applciation to remain installed on a public conference PC. So it makes sense to have them come into the SVW install the application and then run the application. Then once they are finished they logout of our website and nothing is left on this public conference PC.

 

Thoughts from the JNET community?

ben
Contributor
Posts: 126
Registered: ‎12-06-2007
0

Re: Community thoughts on this SSL VPN SVW enhancement request

For me this sounds more like a bug because I did not read sth. of a limitaion for the general use of ActiveX-Applets (or -based apps) within the SVW, so how about troubleshooting this with JTAC?
Contributor
zthiel
Posts: 47
Registered: ‎05-29-2008
0

Re: Community thoughts on this SSL VPN SVW enhancement request

Ben I have had a case open with support since July of 2007 on this issue/limitation. It did work in a 5.5 release.
ben
Contributor
Posts: 126
Registered: ‎12-06-2007
0

Re: Community thoughts on this SSL VPN SVW enhancement request

Did they say anything why it does not work with newer releases?

The reason why I ask, I don't guess you will find another solution than juniper fixing that or use the pretty expensive symantec virtual desktop as 3rd party one, assuiming that your a'x is working with this.

 

But I don't see any other way as maybe accessing any URL without svw, to just push this a'x and run the main URL with the SVW later. This will result in the behaviuour you dislike, as I unterstood, that this applet will remain on the pc.

Contributor
zthiel
Posts: 47
Registered: ‎05-29-2008
0

Re: Community thoughts on this SSL VPN SVW enhancement request

Unfortunately my experiences dealing with Juniper support have been up and down as you can imagine with this case being open for a year and a half.

Visitor
moreilly
Posts: 8
Registered: ‎05-28-2008
0

Re: Community thoughts on this SSL VPN SVW enhancement request

I made the same experience with the Citrix Terminal Service to be used within the SVW. It works if any Citrix Client is already installed (ActiveX Client, Neigborhood Client etc.). So it´s possible to start the Citrix Client within the SVW but it was/is not possible to install the Citrix Client in case no Citrix Client is already installed. TAC confirmed that limitation/feature. That is a huge limitiation in my opinion
Contributor
zthiel
Posts: 47
Registered: ‎05-29-2008
0

Re: Community thoughts on this SSL VPN SVW enhancement request

I understand this SVW is a environment that is not permanent and gets cleaned up and deleted (as designed for security) but I don't have a problem if each time the application must reinstall within the SVW. Just as long as applications install. Juniper does not seem to grasp this.

 

 

Zach

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.