04-06-2011 10:52 AM
I'm trying to use the iPhone app, Junos Pulse Version 220.127.116.1161, to connected to my company VPN.
From my laptop, I use the Juniper Networks product, Juniper Network Connect Version 18.104.22.16899.
We use a fixed password and an RSA SecurID token generated password along with a user name to authenticate.
Network Connect loads the company VPN log-in page where the credentials are entered.
In the Junos Pulse app, I created a configuration with the URL of the company VPN server (the same one used by Network Connect). I don't have a digital certificate on the device because it's my personal phone and not a company resource, so I left the "Certificate" option as "None". When I attempt to connect, I am taken (in the Junos Pulse app) to the company log-in web interface where I enter all the appropriate credentials. When I attempt to log-in however, I receive a "Connection Error" specifiying that "The server disallowed the connection".
Digging deeper into the log for the app, I see the following:
info PROCESSING URL: https://rcconnect.rockwellcollins.com/dana/home/st
info LoginManager:: Trying VPN connection ... (Logger.m:92)
info LoginManager:: Starting VPN. (Logger.m:92)
info VPNManager:: Start tunnel. (VPNManager.m:149)
info Connection status changed to Connecting (SSLVPNControllerImpl.m:620)
info Adding cookie DSID to request for https://rcconnect.rockwellcollins.com/dana/home/am
error The server does not allow this access method (SSLVPNControllerImpl.m:334)
info Connection status changed to Disconnected (SSLVPNControllerImpl.m:620)
info LoginManager:: VPN disconnected. (Logger.m:92)
Does anyone know what I'm missing here?
Solved! Go to Solution.
04-22-2011 09:55 PM - edited 04-22-2011 09:55 PM
Has your IT dept confirmed you have access to be able to do this through an iOS device?
It is possible for this to be restricted on the SA server configuration.
When you connect from your desktop, do you need to provide a certificate or pass Host Checker?
05-02-2011 02:17 AM
same problem as Colin G. mentioned. Login Screen appears in the Junos App, but after I try to connect with user and password I get an error message (same Log error)
With Iphone/Ipad Safari Browser it works fine. Has anyboy find a solution for this?
05-02-2011 05:59 AM
Are you able to confirm that Network Connect is allowed for the role you are using?
What does the user access/event log show for the time stamp of failure?
What is the IVE OS version you are using (Pulse is supported on 6.4/6.5 and later)?
Are there any additional restrictions on the realm/role that you might not be passing?
What does a policy trace of your login event show?
05-03-2011 12:41 AM
05-03-2011 05:55 AM
You are welcome. s.sts86; glad that worked.
I believe that is because Pulse on Android does not support L3 VPN (so does not require Network Connect but only login access); whereas Pulse on iOS is expecting to create a full VPN tunnel and requires Network Connect.
06-02-2011 07:21 AM - edited 06-02-2011 07:30 AM
How did you either allow network connect for your role or change the role you were using to get Junos Pulse to connect from your iPhone?
06-02-2011 07:29 AM
On the admin console, go to Users>User Roles>roleNameForiPhone>General, Options and make sure Network Connect is enabled.
Create at least a Network Connect Connection profile at Users>Resource Policies>Network Connect>NC Connection Profiles to define the IP address for the role(s) to use
06-02-2011 07:32 AM
I'm guessing these steps to take from the admin console are steps that would have to be taken in some back-end server for my company's VPN? I'm just a network user with an iPhone.