Date: Mon, 15 Sep 2014 17:20:05 +0100 From: Gary Palmer <gpalmer@freebsd.org> To: Lev Serebryakov <lev@FreeBSD.org> Cc: freebsd-net@freebsd.org Subject: Re: Juniper Secure Access SSL VPN access from FreeBSD? Message-ID: <20140915162005.GB51285@in-addr.com> In-Reply-To: <54171003.3090001@FreeBSD.org> References: <54170619.4040508@FreeBSD.org> <20140915160253.GA51285@in-addr.com> <54171003.3090001@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Sep 15, 2014 at 08:12:51PM +0400, Lev Serebryakov wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 15.09.2014 20:02, Gary Palmer wrote: > > >> If I want to connect to my workstation at $work, I'm forced to > >> use Juniper Secure Access SSL VPN + rdesktop. I connect to our > >> office JunOS gateway with browser, and run RDesktop from it. But > >> it requires to use supported OS (Windows / MacOS X / Linux), as > >> tunnel is created via binary browser plugin. > >> > >> Is it possible to emulate this on FreeBSD? rdesktop from ports > >> should work as client, as I access standard Windows system, but I > >> need some way to emulate this VPN tunnel. Is it possible? > > > > Did you try any of the results from Google? Search for "juniper > > ssl vpn open source" (without the quotes) seems to show up some > > possibilities. > Yep, but all of them based on fact, that it works under Linux. For > example, here are script (jvpn.pl), which emulates browser, but it > loads Linux-specific share object from browser plugin (libncui.so) and > calls Linux binary (ncsvc), and it will not natively work under FreeBSD. > > Linux emulator is my last resort, but maybe, here are some other ways? Not that work reliably. I know someone who had to use a Juniper VPN solution and got it working under Linux without any binary plugins, but he went on vacation and when he came back a couple of weeks later he couldn't get it working again and struggled for days before giving up and running Windows in a VM. As best I understand it, it's a standard IPSEC VPN, but getting past the authentication to get to the IPSEC session is the tricky part. Regards, Gary
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140915162005.GB51285>