How to connect to a Juniper VPN from Linux
Solution 1:
And my favorite method (no java applet required):
Presumably:
your url: 'https://some.site.com/dana-na/auth/url_default/welcome.cgi' (or whatever)
your username=username
your password=password
you know your realm or you can find it from the web page or with:
-
REALM=$(wget -q --no-check-certificate -O - 'https://some.site.com/dana-na/auth/url_default/welcome.cgi' | sed -n 's/.*<input\( [^>]*name="realm" [^>]*\)>.*/\1/p' | sed -n 's/.* value="\([^"]*\)".*/\1/p')
After you login, download the following jar (should be done one time only):
https://some.site.com/dana-cached/nc/ncLinuxApp.jar
and unzip it to ~/.juniper_networks/network_connect
Get some new libraries for your 64bit machine yum install glibc.i686 zlib.i686 nss-mdns.i686
Go to ~/.juniper_networks/network_connect and
sudo chown root:root ncsvc
sudo chmod 6711 ncsvc
chmod 744 ncdiag
chmod +x getx509certificate.sh
Get your certificate:
./getx509certificate.sh some.site.com company.cert
And connect:
./ncsvc -h some.site.com -u username -p password -r REALM -f ./company.cert
For some sites I noticed that you also need to put the -U switch:
./ncsvc -h some.site.com -u username -p password -r REALM -f ./company.cert -U 'https://some.site.com/dana-na/auth/url_default/welcome.cgi'
Solution 2:
The OpenConnect VPN client has (nascent) support for Juniper SSL VPN.
See the announcement at http://lists.infradead.org/pipermail/openconnect-devel/2015-January/002628.html
Edit 2015-02-02:
The Juniper support is coming along nicely now and is definitely ready for more testing. It's reached the point where we're happy to admit to its existence on the OpenConnect web site: http://www.infradead.org/openconnect/juniper.html
Solution 3:
What I usually do is use openconnect
, it has to run as root, from the terminal window and you have to use the --juniper
flag like this:
sudo openconnect --juniper http://your.vpn.server.here
It will ask for your user name and password and will connect you to your vpn.
The only caveat is that the terminal window has to be open all the time and it may drop once or twice in a day, you have to re-connect.
Solution 4:
Network-Connect is the Old Juniper VPN. It is no longer used/shipped by juniper, everything is now Pulse secure. The information on this site is old. Pulse Secure is not supported on Linux.
Solution 5:
I found this page to be the most use for me. mad scientist