This technical note provides steps for configuring a Juniper Networks SA Series SSL VPN appliance, running the Instant Virtual Extranet (IVE) operating system version 6.0 or higher platform, to work with Reflection for the Web.
For information about Juniper Networks (formerly Neoteris, then NetScreen) and the SA Series SSL VPN, visit Juniper Networks at http://www.juniper.net.
Note: Reflection for the Web 2008 R2 does not support SSH and SFTP connections. This issue has been resolved in Hotfix 27 or higher; upgrade to the current version.
To work with Reflection for the Web, Juniper Networks Secure Access must be configured to allow users to run Java applets. Choose one of the two methods below to configure Juniper Networks Secure Access in your environment. Note: Method II provides more customization options.
||Roles with opened Java Socket Access
||Java applets with full network connectivity except applicable policies defined above
||*:* (any server on any port)
||Users (assuming a role for “Users” is already defined)
||Allow socket access
You can configure Reflection for the Web (on a Secure Access platform) to use single sign-on through IIS or Windows Authentication. Follow the steps below.
Note: Make sure both Reflection for the Web and Secure Access are configured to use the same domain. See Technical Note 1876 for information about configuring Reflection for the Web for Single Sign-on.
Once configured, users can log into Juniper Networks Secure Access using their network domain account and Secure Access passes the credentials to Reflection for the Web. There is no separate Reflection for the Web login prompt.