Re: Juniper Secure Access SSL VPN access from FreeBSD?

Mon, 15 Sep 2014 10:23:07 -0700 

On 9/15/2014 11:48 AM, Gary Palmer wrote:

On Mon, Sep 15, 2014 at 05:20:05PM +0100, Gary Palmer wrote:

On Mon, Sep 15, 2014 at 08:12:51PM +0400, Lev Serebryakov wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 15.09.2014 20:02, Gary Palmer wrote:


If I want to connect to my workstation at $work, I'm forced to
use Juniper Secure Access SSL VPN + rdesktop. I connect to our
office JunOS gateway with browser, and run RDesktop from it. But
it requires to use supported OS (Windows / MacOS X / Linux), as
tunnel is created via binary browser plugin.

Is it possible to emulate this on FreeBSD? rdesktop from ports
should work as client, as I access standard Windows system, but I
need some way to emulate this VPN tunnel. Is it possible?

Did you try any of the results from Google?  Search for "juniper
ssl vpn open source" (without the quotes) seems to show up some
possibilities.

  Yep, but all of them based on fact, that it works under Linux. For
example, here are script (jvpn.pl), which emulates browser, but it
loads Linux-specific share object from browser plugin (libncui.so) and
calls Linux binary (ncsvc), and it will not natively work under FreeBSD.

  Linux emulator is my last resort, but maybe, here are some other ways?


Not that work reliably.  I know someone who had to use a Juniper VPN
solution and got it working under Linux without any binary plugins,
but he went on vacation and when he came back a couple of weeks later
he couldn't get it working again and struggled for days before giving up
and running Windows in a VM.

As best I understand it, it's a standard IPSEC VPN, but getting past the
authentication to get to the IPSEC session is the tricky part.

Regards,

Gary

You might want to try https://www.shrew.net/download/ike - it claims to
support Juniper secure gateways and runs on FreeBSD.  I have no idea if it
works or not.
As I understand it, Juniper has an 'SSL' VPN product that has nothing to do with IPsec. Juniper abandoned it's IPsec based client in favor of it's newer 'SSL' based client some time ago. The Shrew Soft product only supports IPsec based connectivity and is compatible with SSG/SRX systems. 

Hope this helps,

-Matthew
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"

Reply via email to