Author Topic: Kind of Applications through SSL  (Read 5784 times)

gr33ndata

  • Sr. Member
  • ****
  • Posts: 366
  • Karma: +0/-0
    • View Profile
    • http://www.geocities.com/tarekamr20
Kind of Applications through SSL
« on: January 10, 2005, 05:12:47 am »
Hello
Does anyone know if there is a limitation on the kind of applications that can be used accross an SSL VPN tunnel?
Gr33nData, or you may call me NetScream
JNCIS-FWV, and JNCIA-IDP
http://gr33ndata.blogspot.com/

Frac

  • Hero Member
  • *****
  • Posts: 784
  • Karma: +0/-0
    • View Profile
    • My Blog
Kind of Applications through SSL
« Reply #1 on: January 11, 2005, 02:33:11 am »
HI,

yes, applications that do a back connection (if you are only using SAM). You could solve this by using Network connect for these applications.



GreetZ,
Frac
JNCIS-FWV, JNCIS-ER, JNCIA-EX, JNCIA-IDP http://juniper-frac.blogspot.com

gr33ndata

  • Sr. Member
  • ****
  • Posts: 366
  • Karma: +0/-0
    • View Profile
    • http://www.geocities.com/tarekamr20
Kind of Applications through SSL
« Reply #2 on: January 11, 2005, 11:05:43 am »
So by Network Connect you can tunnel anything, even UDP and ICMP. Right ??
Gr33nData, or you may call me NetScream
JNCIS-FWV, and JNCIA-IDP
http://gr33ndata.blogspot.com/

Floater

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Kind of Applications through SSL
« Reply #3 on: January 11, 2005, 11:41:28 am »
Quote from: Frac
HI,

yes, applications that do a back connection (if you are only using SAM). You could solve this by using Network connect for these applications.



GreetZ,
Frac


What do you mean a Network connect?  We have this problem here with all FlexlM licensed products since they require a connect back through the IP stack.  I am currently seeking a workaround.

Frac

  • Hero Member
  • *****
  • Posts: 784
  • Karma: +0/-0
    • View Profile
    • My Blog
Kind of Applications through SSL
« Reply #4 on: January 12, 2005, 02:30:40 am »
Hi,

You have 3 license on the SSL appliance:

1) core (web/file sharing/telnet/ssh/windows term/ ....)
2) SAM (here you can use some predefined applications trough activeX/java applet. like outlook native client/lotus notes/ citrix/ etc and you can also define other applications (But because everything is proxyd, you can not use appl that do back connections!)

3) Network connect (this will create a temp ppp adaptor on your machine and will give you a IP/DNS/WINS/domain suffix) You can compare this with a normal IPSEC connection, So yes you can tunnel everything trough this! (icmp, udp .....)

For 2 and 3 you need a extra license.

GreetZ,
Frac
JNCIS-FWV, JNCIS-ER, JNCIA-EX, JNCIA-IDP http://juniper-frac.blogspot.com

Floater

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Kind of Applications through SSL
« Reply #5 on: January 12, 2005, 09:10:14 am »
That everything will work through a PPP connection I understand.  However, my company only implements the SAM portion of it.  They do not allow any other type of connections.

You said that the SAM does not allow back connections because it is proxied.  However, I can't seem to make any inbound connections to the PC once the SAM is running.  I don't mean through the remote network; I mean through the primary TCP stack.  I need the PC to be able to connect back to itself, which it can not.  (Standalone FlexLM licenses work with the PC unplugged without the SAM, but become broken once the SAM is installed regardless of weather it is on a network.)

If the problem were just the proxy then my issue would not exist.