Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Juniper VPN's



Matt Shields wrote:
> Anyone using the Juniper SA series VPN's?

We're working with a client that uses a Juniper VPN. (We hate
proprietary VPNs. What's worse is they have it configured to prevent
split networking.)

We've found that there are per-user settings on the server side that
controls what sort of client you are fed (Java) or what sort of
connection it expects. With OS X you have a choice between the older
Network Connect client and the newer Junos Pulse, which you mentioned.
I'm pretty sure you can't arbitrarily switch between these on the client
side. The server settings have to be switched to match.

Similarly, we're using OpenConnect as the client on Linux machines, and
before that would work our accounts needed to be switch to "Linux mode"
as the Windows admin called it.

According to what I've read, OpenConnect will run on OS X, and gives you
a lot greater control over the connection (like the ability to force
split networking). However, to get Juniper functionality working you
really need to build the bleeding edge version of OpenConnect, and even
then might still need to apply a patch posted to the OpenConnect mailing
list. (We've been involved in a few threads on the list. I can send you
a link to the patch if you need it.)

The funny thing about these proprietary VPNs is that they give the
perception of being easier to use for the non-techie Windows users, yet
then tend to be significantly time consuming to work with for power
users. Open source has taken over most fields. Why are VPNs still a
holdout? Is there not a super easy OpenVPN client for Windows yet? I
know there is commercial support for OpenVPN.

 -Tom

-- 
Tom Metro
The Perl Shop, Newton, MA, USA
"Predictable On-demand Perl Consulting."
http://www.theperlshop.com/



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org