Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

User Access on Juniper SSL

Posted on 2014-10-02
4
Medium Priority
?
836 Views
Last Modified: 2014-10-08
Hello,

I need to modify user access on Juniper SSL VPN. I looked in User Realm, but cannot see where I can enable access to a shared folder.

Any suggestions?
0
Comment
Question by:exhuser
  • 2
4 Comments
 
LVL 37

Expert Comment

by:bbao
ID: 40359339
after establishing a VPN connection over IP, NetBIOS should be also enabled for SMB based file sharing.
0
 
LVL 65

Expert Comment

by:btan
ID: 40359355
this may be relevant to mapped to user specific access of the filserver as resource

http://forums.juniper.net/t5/SSL-VPN/File-server-access-through-SSL-VPN/td-p/33329
A typical resource profile would be something like:
\\servername\<username> where username is the variable that will allow the SA box to substitue their login username in its place and show just that associated directory.

Don't configure in SSL VPN. Configure it in Windows Server. Make it so only admins and individual user has permission to the folder. It won't show up for the user in the VPN file browser if they have no permissions.
 Are you using Active Directory? If so, configure the user's home drive as \\servername\share\%username%
 Also, you can map the role in VPN with attribute "homeDirectory" is \\servername\*
0
 

Author Comment

by:exhuser
ID: 40360346
I guess my question would be on how to use the Juniper interface to enable the user to access a particular folder?
0
 
LVL 65

Accepted Solution

by:
btan earned 1500 total points
ID: 40360714
Then maybe the below kb worth checking out further under Resource Policies
Web Resource Policies—The Web resource policies specify the Web resources to which users may or may not browse. They also contain additional specifications such as header caching requirements, servers to which java applets can connect, code-signing certificates that the Secure Access Service should use to sign java applets, resources that the Secure Access Service should and should not rewrite, applications for which the Secure Access Service performs minimal intermediation, and single sign-on options.

File Resource Policies—The file resource policies specify the Windows, UNIX, and NFS file resources to which users may or may not browse. hey also contain additional specifications such as file resources for which users need to provide additional credentials.
http://www.juniper.net/techpubs/en_US/sa8.0/topics/concept/secure-access-resource-policies-overview.html

Configuring Windows File Bookmark that maps to a user's LDAP home directory
http://kb.juniper.net/InfoCenter/index?page=content&id=KB17793

Configuration Example - How to access remote protected resources distributed over multiple zones by using Dynamic VPN http://kb.juniper.net/InfoCenter/index?page=content&id=KB23954&actp=RSS

Configure access to Windows file servers through resource profiles
http://www.juniper.net/techpubs/en_US/sa8.0/topics/task/operational/secure-access-file-rewrite-sso-resource-policy.html

Configuring File Resource Profile Bookmarks
(reference a file shortcut, note that the Secure Access Service only displays bookmarks with shortcuts to files or folders on a network share) http://www.juniper.net/techpubs/en_US/sa8.0/topics/task/configuration/secure-access-file-rewrite-file-bookmarks-configuring.html
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question