IPSec / SSL VPN

Upgrade Juniper SA cluster

René Jorissen on January 26, 2010 • 0 Comments • Tags: #active #activepassive #activestandby #cluster #howto #ive #juniper #mag #passive #sa #standby #upgrade

Add On: This procedure also works for the new Juniper MAG appliances. But keep in mind during the upgrade of the second host (and also the first): BE PATIENT!! A Juniper SA cluster can be configured as active/active or active/standby cluster. An active/active cluster uses an external load balancer or DNS round-robin to enable load-sharing … Read More

IPSec / SSL VPN, Security

Redundant DMVPN network

René Jorissen on August 20, 2009 • 0 Comments • Tags: #authenticate #cloud #dmvpn #dual #dynamic #eigrp #hub #isakmp #multicast #multipoint #networkid #nhrp #redundant #resilient #single #spoke #vpn

Today I looked at the configuration DMVPN (Dynamic Multipoint VPN). A Dynamic Multipoint Virtual Private Network is an enhancement of the virtual private network (VPN) configuration process of Cisco IOS-based routers. DMVPN prevents the need for pre-configured (static) IPsec peers in crypto-map configurations and ISAKMP peer statements. This feature of Cisco IOS allows greater scalability … Read More

IPSec / SSL VPN

Juniper SA & Terminal Service with JavaRDP

René Jorissen on May 12, 2009 • 4 Comments • Tags: #java #javardp #juniper #rdp #sa #service #terminal

Today I tried to configure a JavaRDP as fallback Terminal Services method on the Juniper SA appliances. It took me some time and with help of my colleague, I finally got it working. Even with Single Sign On to the Terminal Server. First of all, you need to upload a new Java applet. The Java … Read More

IPSec / SSL VPN

Juniper SA & Terminal Server with Novell Client SSO

René Jorissen on May 12, 2009 • 0 Comments • Tags: #access #client #juniper #novell #on #sa #secure #server #sign #single #sso #terminal

Normally configuring SSO on a Terminal Server in conjunction with a Juniper SA isn’t that hard. On the Juniper you pass the user credentials to the Terminal Server. On a normal Terminal Server you have to check the following: Disable Always prompt for password under: Terminal Services Configuration –> Connections –> Properties of RDP-tcp –> … Read More

Configuration Example, IPSec / SSL VPN

Juniper SA & GroupWise WebAcc SSO

René Jorissen on May 6, 2009 • 1 Comment • Tags: #2500 #authenticate #based #fba #form #forms #groupwise #juniper #novell #on #post #sa #sign #single #sso #webacc #webaccess

While configuring a Juniper SA2500 in conjunction with Novell GroupWise WebAccess, the customers wanted single sign on (SSO) configured. The default Novell GroupWise WebAccess login page uses FBA (Forms Based Authentication). So it should be possible to push the correct POST parameters to enable SSO for GroupWise WebAccess. I started with looking at the page … Read More

IPSec / SSL VPN, Proxy

Microsoft IAG

René Jorissen on November 25, 2008 • 0 Comments • Tags: #appliance #application #cag #cisco #csg #gateway #iag #intelligent #isa #juniper #microsoft #sa #ssl #vpn #webvpn

It has been a while since my last post, but time is short these days. Today I had to troubleshoot a Microsoft IAG appliance. Microsoft IAG stands for Microsoft Intelligent Application Gateway. And indeed, intelligent it is. NOT. I have seen and configured multiple SSL VPN solutions like Juniper SA, Citrix Access Gateway, Citrix Secure … Read More