Friday, May 30, 2014

Junos Pulse native VPN client on Win 8.1 (Advance configuration)

I just discovered another new thing about connecting to juniper networks SSL-VPN.

So the company I work for has multiple "sign on policy path" for our vpn, as the official documentation from juniper puts it. Normally, everyone is expected to go to the full official URL in the browser to connect to the VPN. Connection will require ActiveX, Java, and the right browser to start working.

Windows 8.1 came with a native VPN client, which was a good thing. But unlike the client in iOS, the server field does not take in a url. Hence, I can only connect to the default VPN path, but not to https://vpn.contoso.com/admin

Turns out, the way to do this is only through PowerShell. So let's get straight to the code:

$xml = '<pulse-schema><uri>/admin</uri></pulse-schema>'
$sourceXml = New-Object System.Xml.XmlDocument
$sourceXml.LoadXml($xml)
Add-VpnConnection -Name 'AdminVPN' -ServerAddress 'vpn.contoso.com' `
    -PluginApplicationID "JuniperNetworks.JunosPulseVpn_cw5n1h2txyewy" `
    -CustomConfiguration $sourceXml -SplitTunneling

The "SplitTunneling" is useful is you only want to route VPN network traffic through the adapter. For my case, the admin VPN of my organization doesn't have a gateway to the internet, hence split tunneling is necessary.

Turns out there are more configuration options for the XML. Here are those that are supported: