SSL VPN
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
Chatan
New User
Chatan
Posts: 1
Registered: ‎02-25-2010
0

VPN Accessing ONLY through Network Connect

Options

‎04-15-2010 06:52 AM

Hi all!

 

Is there a best-practice way to implement a solution whereby the only way a user can access the Juniper SSL VPN is through Network Connect. I want to disable the ability for them to get to access the Juniper SA via a web browser. My first thoughts are:

1. To implement Custom Pages and modify the LoginPage.thtml so it doesn't have any ability to login. Therefore, only the LoginPage-stdaln.thtml allows access, as this is the page that is used by Network Connect

2. Perform a Host Check to verify that Network Connect is running. However, this will require Host Check to be installed, which will slow down the logon process.


Any suggestions or help would be appreciated.

 

Chatan

Message 1 of 4 (7,937 Views)
 
Reply
Distinguished Expert
Distinguished Expert
muttbarker
Posts: 1,946
Registered: ‎01-29-2008
0

Re: VPN Accessing ONLY through Network Connect

Options

‎04-15-2010 09:18 AM

Hey Chatan - NC can be started from a command line. It can be started at PC login. You can define a role that only allows NC so that when they login from a browser that is the only option available to them.

 

Not sure if I understand what you are trying to achieve so I hope these suggestions are of some help.

Kevin Barker
JNCIP-SEC
JNCIS-ENT, FWV, SSL
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Message 2 of 4 (7,919 Views)
 
Reply
Kalex
Contributor
Kalex
Posts: 76
Registered: ‎06-19-2009
0

Re: VPN Accessing ONLY through Network Connect

Options

‎04-21-2010 05:11 AM

Chatan,

 

you might also look into the GINA option, incorporate NC in the Windows logon.

 

Best of luck!

Regards,
Alex
JNCIA-SSL,FWV,IDP, Security+,Network+,LPIC-1,MCSE:smileyfrustrated:,MCITP:EA
Message 3 of 4 (7,850 Views)
 
Reply
Moderator Moderator
Moderator
ruc
Posts: 189
Registered: ‎11-06-2007
0

Re: VPN Accessing ONLY through Network Connect

Options

‎04-21-2010 09:15 PM

Try the thread @ http://forums.juniper.net/t5/SSL-VPN/Customizing-Network-Connect-login-pages/m-p/38952#M7419

Its doing the opposite of what you want however you should be able to leverage some of that logic. However as noted before in this thread - it is possible to preserve browser based login and still allow access only to Network Connect.

 

Message 4 of 4 (7,827 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.