10-30-2008 09:02 AM
2 dayx ago we upgrade IVE from version 6.1 to 6.3 . All was good but when users with NC connect to the gateway, it ask to install certificate and the new 6.3 version of NC. But these users are restricted and are not administrator. So NC can't laucnh. I thought NC 6.1 work even if IVE (and NC) is version 6.3.is there a solution to connect user with NC 6.1 instead of 6.3 so without upgrade NC client ??
Thanks in advance for your returns.
10-30-2008 09:42 AM
Hello David - the IVE is not backward compatible in respect to the Network Connect clients. If the IVE is upgraded, the Network Connect clients need to be upgraded to the corresponding version. If the client computer user does not have administrator permissions on their computer then the recommended solution would be to use the JIS "Juniper Installer Service". The JIS feature is aimed at removing the Admin requirement for installing/upgrading the IVE’s Win32 client-side components. The only problem is that you need to have admin permissions in order to install this in the first place. Ideally the JIS component would be in place prior to an upgrade. If getting administrator access on these devices and upgrading the NC or installing JIS is not possible then the only obvious course of action is to roll back to 6.1 and rethink how you handle these clients.
Hope this helps,
10-30-2008 09:53 AM
Yes of course bu it seams JIS was installed when users desktop was configured. Installers on VPNSSL interface like JIS are upgraded when upgrade IVE. SO if we upgrade to version 6.3, JIS upgrade to version 6.3 too ? If yes, do we have to upgrade JIS ?? FYI, we rollback to 6.1.
Thansk for your return
10-30-2008 10:07 AM - edited 10-30-2008 10:08 AM
SO if we upgrade to version 6.3, JIS upgrade to version 6.3 too ?
This is an excellent question. Firstly, I can say with some authority that while investigating a similar issue for another customer we found that older versions of JIS will upgrade later versions of NC, WSAM, etc without any problem. So there shouldn't be any requirement to upgrade the JIS at all. Secondly, and more importantly, after version 6 the JIS code was designed to upgrade automatically.
So I am a little confused why you encountered this issue if you have JIS on your end point clients. It seems you did everything perfectly! I suppose the next logical step is to contact JTAC and they can look at the setup in more detail.