Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - alan

Pages: [1] 2 3 4 5 6 ... 40
I just ran into a similar problem - Firefox worked, IE said "cannot display" on an https page.
The solution was to enable TLS 1.0 in IE: Tools > Internet Options > Advanced > ...
If that doesn't do the trick try some of the other crypto settings (I'd avoid SSL 2.0 unless you have to use it)

In case you're wondering what these are...

easy answer is to turn on bridging between VM and host

What are you trying to do? If you connected ok with Net Connect you should have a full layer 3 session to the remote network.
Depends also how NC was setup.

The cert is on the SSL VPN - nothing to do with the VM. If you need to share from the VM back to the host machine you'll need to setup the networks of the VM to do so or turn on bridging between the two.

use a 32-bit VM?

I take that back - there is a bug with the SSL accelerator card that's fixed in 6.3R7 for you. (Bug 463889)

This is one I reported - the system would sort of 'hang' - really, really slow.
So upgrade. I'm running 6.5R4 and looks solid - though I'd go with 6.5R5. Check the Release Notes of course.

No impact to users. Be interesting to know if you notice a speed improvement - let us know.

I have enabled on SA6000 but there wasn't a noticeable difference - at least for a short test.
I would enable if you have it - offloading decryption to hardware is usually helpful.

A couple initial observations on 6.5R3.1 (just early observations)..
much better than 6.5R2 - fixed glitches on Macs (both Leopard and Snow Leopard) as well as Firefox 3.6 (Firefox 3.5.x is fine though).
Seeing an LDAP authentication error that does not occur on 6.2R3 - not clear why yet. Could be our config.
On an SA6000 NC runs fine with Win 7, XP, Mac SL, Ubuntu 9.10. No 64-bit IE, must use 32-bit IE.

Remote Access SSL VPN/UAC/MAG, Pulse, and SBR / Re: SA 2500 Questions
« on: March 01, 2010, 06:13:01 pm »
1. Code 6.5R3.1 works will all the O.S. mentioned except I have not tested CentOS 5
2. Yes. Network Connect is a full layer 3 VPN
3. Nope, we use RSA. Soft tokens are cheaper.
4. Limit RDP access with a Role. I'm sure you can use RADIUS but I haven't done this.
5. You can do Java applets for RDP.
6. Activesync is supported, don't use it. There's an RSA client for free in the App Store.
7. Yes, bookmarks work fine but do behave a bit differently as a bookmark is forced thru the rewrite engine (unless you explicitly exclude).
8. Not clear what you mean. The assigned IP pool must be routable on your internal network so doubt this will work if the IP range is outside.

Does anyone else have a problem or just your desktop? I assume you are running 6.2R2,1 which is build 13525  (6.2R2.0 was pulled) - I don't recognize the 13515 you said. In any case 6.2R2 should work but it's getting pretty old now (Aug 2008) and time to upgrade to 6.%R2 (R3 dues any day) that supports Win7.

Did you try Firefox if IE was causing the problem? I use 6.2R3 on some servers with Win7 on lots of machines with no problem so this seems to be a local issue. What do you logs say? Are you allowing UDP/4500? Any firewall?

NetScreen and SSG/ISG Series Firewalls / Re: SSG 550M
« on: February 11, 2010, 10:51:58 am »
Try this link for the Juniper doc which is very good...

The ScreenOS Cookbook is not free but excellent. Search for it here:

Both the links I posted are valid.

Wireshark ( is your friend. Or tcpdump on the IVE.

It will complain and not install - tried a 6.1 release on an SA5000.

Remote Access SSL VPN/UAC/MAG, Pulse, and SBR / Re: XP SP3 with IE8 issue
« on: January 02, 2010, 07:26:42 pm »
I think you'll find 6.5R2 resolves alot of these things. Let us know.

hi spacyfreak

What's wrong with 6.5R2? My testing so far is pretty solid. Wonder if you've found any flaws worth mentioning...

Remote Access SSL VPN/UAC/MAG, Pulse, and SBR / Re: 6.5R2 released
« on: December 15, 2009, 11:00:30 am »

Pages: [1] 2 3 4 5 6 ... 40