Juniper Secure Access SSL VPN access from FreeBSD?
Gary Palmer
gpalmer at freebsd.org
Mon Sep 15 16:48:47 UTC 2014
On Mon, Sep 15, 2014 at 05:20:05PM +0100, Gary Palmer wrote:
> On Mon, Sep 15, 2014 at 08:12:51PM +0400, Lev Serebryakov wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA512
> >
> > On 15.09.2014 20:02, Gary Palmer wrote:
> >
> > >> If I want to connect to my workstation at $work, I'm forced to
> > >> use Juniper Secure Access SSL VPN + rdesktop. I connect to our
> > >> office JunOS gateway with browser, and run RDesktop from it. But
> > >> it requires to use supported OS (Windows / MacOS X / Linux), as
> > >> tunnel is created via binary browser plugin.
> > >>
> > >> Is it possible to emulate this on FreeBSD? rdesktop from ports
> > >> should work as client, as I access standard Windows system, but I
> > >> need some way to emulate this VPN tunnel. Is it possible?
> > >
> > > Did you try any of the results from Google? Search for "juniper
> > > ssl vpn open source" (without the quotes) seems to show up some
> > > possibilities.
> > Yep, but all of them based on fact, that it works under Linux. For
> > example, here are script (jvpn.pl), which emulates browser, but it
> > loads Linux-specific share object from browser plugin (libncui.so) and
> > calls Linux binary (ncsvc), and it will not natively work under FreeBSD.
> >
> > Linux emulator is my last resort, but maybe, here are some other ways?
>
>
> Not that work reliably. I know someone who had to use a Juniper VPN
> solution and got it working under Linux without any binary plugins,
> but he went on vacation and when he came back a couple of weeks later
> he couldn't get it working again and struggled for days before giving up
> and running Windows in a VM.
>
> As best I understand it, it's a standard IPSEC VPN, but getting past the
> authentication to get to the IPSEC session is the tricky part.
>
> Regards,
>
> Gary
You might want to try https://www.shrew.net/download/ike - it claims to
support Juniper secure gateways and runs on FreeBSD. I have no idea if it
works or not.
Regards,
Gary
More information about the freebsd-net
mailing list