Wiki UniTn

Strumenti Utente

Strumenti Sito

Traccia:
pub:conf-vpn-en

Differenze

Queste sono le differenze tra la revisione selezionata e la versione attuale della pagina.

Link a questa pagina di confronto

Entrambe le parti precedenti la revisioneRevisione precedente
Prossima revisione		Revisione precedente
Ultima revisioneEntrambe le parti successive la revisione
pub:conf-vpn-en [2016/02/09 14:57] m.fiorazzo@unitn.itpub:conf-vpn-en [2019/11/05 09:34] m.fiorazzo@unitn.it
Linea 9: Linea 9:
 |Windows, Macosx|Pulse Secure|[[pub:conf-vpn-en#macosx_windows_pulse_secure|Pulse Secure Desktop]]| |Windows, Macosx|Pulse Secure|[[pub:conf-vpn-en#macosx_windows_pulse_secure|Pulse Secure Desktop]]|
 |Linux|Pulse Secure|[[pub:conf-vpn-en#linux_pulse_secure_client|Pulse Secure Linux]]| |Linux|Pulse Secure|[[pub:conf-vpn-en#linux_pulse_secure_client|Pulse Secure Linux]]|
-|Dispositivi Mobili (Smartphone & Tablet)|Pulse Secure|[[pub:conf-vpn-en#dispositivi_mobili|Pulse Secure Mobile]]|+|Mobile devices (Smartphone & Tablet)|Pulse Secure|[[pub:conf-vpn-en#dispositivi_mobili|Pulse Secure Mobile]]| 
 + 
 +**NEWS:** 
 +The new version for linux (5.3r4.1) is 64bit native and provide a stable connection.
  
 ===== MACOSX, Windows (Pulse Secure) ===== ===== MACOSX, Windows (Pulse Secure) =====
  
-^Junos Pulse Download^ +^Pulse Secure Download^ 
-|{{:pub:vpn:ps-pulse-mac-5.2r1.0-b227-installer.dmg|MACOSX (>10.6) Pulse Secure 5.2r1.0-b227}}| +|{{:pub:vpn:ps-pulse-win-5.3R7.0-b1933-64bitinstaller.msi|Windows 7/8/10 (64bit) Pulse Secure 5.3R7 (Jan 2019)}}| 
-|{{:pub:vpn:ps-pulse-win-5.2r1.0-b227-32bitinstaller.msi|Windows XP, Vista and Windows 7/8/10 (32bit) Pulse Secure 5.2r1.0-b227}}| +|{{:pub:vpn:ps-pulse-win-5.3R7.0-b1933-32bitinstaller.msi|Windows 7/8/10 (32bit) Pulse Secure 5.3R7 (Jan 2019)}}| 
-|{{:pub:vpn:ps-pulse-win-5.2r1.0-b227-64bitinstaller.msi|Windows XP, Vista and Windows 7/8/10 (64bit) Pulse Secure 5.2r1.0-b227}}|}}+|{{:pub:ps-pulse-win-5.0r15.1-b61501-32bitinstaller.msi|Windows Vista 32bit Pulse Secure 5.0R15}}| 
 +|{{:pub:ps-pulse-win-5.0r15.1-b61501-64bitinstaller.msi|Windows Vista 64bit Pulse Secure 5.0R15}}| 
 +|{{:pub:vpn:ps-pulse-mac-5.3R7.0-b1933-installer.dmg|MACOSX (> 10.10) Pulse Secure 5.3R7 (Jan 2019)}} (*)| 
 +|{{:pub:vpn:ps-pulse-mac-5.3r3.0-b1021-installer.dmg|MACOSX (> 10.6) Pulse Secure 5.3R3}} (*)| 
 +|{{:pub:vpn:ps-pulse-mac-9.1r3.0-b1313-installer.dmg|MACOSX Catalina Pulse Secure 9.1r3}} (*)|
  
 For Mac and Safari: Warning !!! Be sure that your browser is saving the file with .dmg extension (and not .exe) as "pulse.dmg". \\ For Mac and Safari: Warning !!! Be sure that your browser is saving the file with .dmg extension (and not .exe) as "pulse.dmg". \\
Linea 49: Linea 56:
  
 ===== Linux Pulse Secure Client ===== ===== Linux Pulse Secure Client =====
 +
 +**NEWS:**
 +The new version for linux (5.3r3) is 64bit native and provide a stable connection.
  
 ^Pulse Secure for Linux Download^ ^Pulse Secure for Linux Download^
-|{{:pub:vpn:ps-pulse-linux-8.1r7.0-b41041-centos-rhel-installer.rpm|Linux CentOS Pulse Secure 8.1r7.0-b41041}}| +|{{:pub:vpn:ps-pulse-linux-5.3r7.0-b919-centos-rhel-32-bit-installer.rpm|Linux CentOS 32bit Pulse Secure 5.3R7 (Jan 2019)}}| 
-|{{:pub:vpn:ps-pulse-linux-8.1r7.0-b41041-ubuntu-debian-installer.deb|Linux Ubuntu (> 14.04) Pulse Secure 8.1r7.0-b41041}}|+|{{:pub:vpn:ps-pulse-linux-5.3r7.0-b919-ubuntu-debian-32-bit-installer.deb|Linux Ubuntu (> 14.04) 32bit Pulse Secure 5.3R7 (Jan 2019)}}| 
 +|{{:pub:vpn:ps-pulse-linux-5.3r7.0-b919-centos-rhel-64-bit-installer.rpm|Linux CentOS 64bit Pulse Secure 5.3R7 (Jan 2019)}}| 
 +|{{:pub:vpn:ps-pulse-linux-5.3r7.0-b919-ubuntu-debian-64-bit-installer.deb|Linux Ubuntu (<= 16.04) 64bit Pulse Secure 5.3R7 (Jan 2019)}}| 
 +|{{:pub:vpn:ps-pulse-linux-9.0r3.0-b923-ubuntu-debian-64-bit-installer.deb|Linux Ubuntu (18.04) 64bit Pulse Secure 9.0R3 (Feb 2019)}}| 
 +|{{:pub:vpn:ps-pulse-5.3r3-linux-quickstart-guide.pdf|Documentazione ufficiale client linux 5.3r3}}|
  
 Download the package installer to the Linux client then run the installer using the following command: Download the package installer to the Linux client then run the installer using the following command:
Linea 67: Linea 81:
  
 <code> <code>
-sudo dpkg -i /$HOME/Downloads/ps-pulse-linux-8.1r7.0-b41041-ubuntu-debian-installer.deb+sudo dpkg -i /$HOME/Downloads/ps-pulse-linux-8.2r4.0-b47329-ubuntu-debian-installer.deb
 </code> </code>
  
-The script will prompt the user to install any missing dependent packages if they are not already installed (in this case libc6-i386 and lib32z1):+Install the dependencies:
  
 <code> <code>
-user@host:~$ sudo dpkg -i /$HOME/Downloads/ps-pulse-linux-8.1r7.0-b41041-ubuntu-debian-installer.deb +user@host:~$ sudo /usr/local/pulse/PulseClient.sh install_dependency_packages
-(Reading database ... 154703 files and directories currently installed.) +
-Preparing to replace pulse 8.1 (using +
-.../ps-pulse-linux-8.1r7.0-b41041-ubuntu-debian-installer.deb) ... +
-Unpacking replacement pulse ... +
-Setting up pulse (8.1) ... +
- Please execute below commands to install missing dependent packages +
-apt-get install libc6-i386 +
-apt-get install lib32z1 +
-Please refer /usr/local/pulse/README for instructions to launch the Pulse Client+
 </code> </code>
  
-You have to download the device certificate from the Secure Access server in DER format:\\ +if you want to launch the UI from a command line (/usr/local/pulse/pulseUi) you have to export this library path:
-**NB: this is has to be done only one time**+
  
 <code> <code>
-user@host:~openssl s_client -connect vpn-ssl.unitn.it:443 -showcerts < /dev/null 2> /dev/null | openssl x509 -outform der > /$HOME/Downloads/vpn-ssl.crt+export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/pulse
 </code> </code>
  
-You can also download the certificate from here {{:pub:vpn-ssl.zip|}} and unzip it with:+Or you can launch Pulse from your Applications by clicking on the Pulse icon.
  
-<code> + - Main screen 
-user@host:~$ unzip /%HOME/Downloads/vpn-ssl.zip + 
-</code>+{{:pub:vpn:pulseui-linux-1.png?200|}} 
 + 
 +  - Create the connection: 
 + 
 +{{:pub:vpn:pulseui-linux-2.png?200|}} 
 + 
 +  - Login: 
 + 
 +{{:pub:vpn:pulseui-linux-3.png?200|}} 
 + 
 +  - Connection state: 
 + 
 +{{:pub:vpn:pulseui-linux-4.png?200|}}
  
-Use the following command to launch the VPN client (you will be asked for the UniTN password):+If you don't want to use the UI, use the following command to launch the VPN client (you will be asked for the UniTN password):
 <code> <code>
-/usr/local/pulse/PulseClient.sh -h vpn-ssl.unitn.it -u nome.cognome@unitn.it -f /$HOME/Downloads/vpn-ssl.crt -U https://vpn-ssl.unitn.it -r AR-unitn-ldap-ad+/usr/local/pulse/PulseClient.sh -h vpn-ssl.unitn.it -u nome.cognome@unitn.it -U https://vpn-ssl.unitn.it -r AR-unitn-ldap-ad
 </code> </code>
  
Linea 106: Linea 122:
  
 <code> <code>
-user@host:~$ /usr/local/pulse/PulseClient.sh -h vpn-ssl.unitn.it -u username@unitn.it -f /$HOME/Downloads/vpn-ssl.crt -U https://vpn-ssl.unitn.it -r AR-unitn-ldap-ad+user@host:~$ /usr/local/pulse/PulseClient.sh -h vpn-ssl.unitn.it -u username@unitn.it -U https://vpn-ssl.unitn.it -r AR-unitn-ldap-ad
 Reading package lists... Done Reading package lists... Done
 Building dependency tree Building dependency tree
Linea 113: Linea 129:
 libc6-i386 is already the newest version. libc6-i386 is already the newest version.
 0 upgraded, 0 newly installed, 0 to remove and 557 not upgraded. 0 upgraded, 0 newly installed, 0 to remove and 557 not upgraded.
-executing command : /usr/local/pulse/pulsesvc -h vpn-ssl.unitn.it -u username@unitn.it -f /$HOME/Downloads/vpn-ssl.crt -U https://vpn-ssl.unitn.it -r AR-unitn-ldap-ad+executing command : /usr/local/pulse/pulsesvc -h vpn-ssl.unitn.it -u username@unitn.it -U https://vpn-ssl.unitn.it -r AR-unitn-ldap-ad
 VPN Password: VPN Password:
 </code> </code>
Linea 139: Linea 155:
 </code> </code>
  
-References - official documentation:\\ https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB40126/?q=linux&l=en_US&fs=Search&pn=1&atype= +===== Mobile Devices =====
- +
-===== Dispositivi Mobili =====+
  
 **REQUISITI** **REQUISITI**
   * iPhone, iPod Touch, iPad   * iPhone, iPod Touch, iPad
-  * Android devices 4.0 o superiori+  * Android devices 4.0 or higher
   * Windows Mobile 6.5   * Windows Mobile 6.5
  
-**ISTRUZIONI:** (screenshots relativi alla versione Android 5) +**INSTRUCTIONS:** (screenshots related to Android version 5) 
-  * installare l'app "Pulse Secure" dall' App Store o da Google Play +  * Install the app "Pulse Secure" from ther App Store or Google Play 
-  * avviare l' applicazione "Pulse Secure"+  * Start the application "Pulse Secure"
  
 {{:pub:vpn:1_pulse_secure_mobile.png?200|}} {{:pub:vpn:1_pulse_secure_mobile.png?200|}}
  
-  * Creare una nuova connessione inserendo+  * Create a new connection by entering
-    * "Nome connessione" (a scelta)+    * "Connection Name" (your choice)
     * "URL": https://vpn-ssl.unitn.it/     * "URL": https://vpn-ssl.unitn.it/
-    * "Nome utente" (nella forma nomeutente@unitn.it) +    * "User Name" (in the form username@unitn.it) 
-    * toccare su "Crea connessione"+    * Touch on "Create Connection"
  
 {{:pub:vpn:2_pulse_secure_mobile_connessione.png?200|}} {{:pub:vpn:2_pulse_secure_mobile_connessione.png?200|}}
  
-  * toccare su "Connetti", inserire la password e selezionare "Sign In" (eventualmente accettare la richiesta di considerare l' applicazione attendibile+  * Tap on "Connect", enter your password and select "Sign In" (possibly accept the warning about security and trusted application)
  
 {{:pub:vpn:4_pulse_secure_mobile_connetti.png?200|}} {{:pub:vpn:4_pulse_secure_mobile_connetti.png?200|}}
 {{:pub:vpn:3_pulse_secure_mobile_login.png?200|}} {{:pub:vpn:3_pulse_secure_mobile_login.png?200|}}
  
-  * a questo punto viene stabilita la connessioneverificabile tramite un tocco su "Stato"+  * after whilethe connection is established, verify it by tapping on "Status"
  
 {{:pub:vpn:5_pulse_secure_mobile_connesso_ok.png?200|}} {{:pub:vpn:5_pulse_secure_mobile_connesso_ok.png?200|}}
 {{:pub:vpn:6_pulse_secure_mobile_status.png?200|}} {{:pub:vpn:6_pulse_secure_mobile_status.png?200|}}
  
-  * al termine della sessioneper terminare la connessione, toccare su "Disconnetti"+  * to terminate the sessiontap on "Disconnect" 
 ===== Features of vpn-ssl service ===== ===== Features of vpn-ssl service =====
  
Linea 184: Linea 199:
  
 NB: the routing change doesn't affect the already "established" connections at the moment of the connection NB: the routing change doesn't affect the already "established" connections at the moment of the connection
 +
 ==== User-side Firewall rules ==== ==== User-side Firewall rules ====
  
 VPN traffic is encrypted in SSL and uses TCP destination port 443. For the ESP mode (which increases performance) you must open the UDP destination port 4500 too. VPN traffic is encrypted in SSL and uses TCP destination port 443. For the ESP mode (which increases performance) you must open the UDP destination port 4500 too.
- 
-==== Supported clients ==== 
- 
-^Platform^SO^Browsers and Java Environment^ 
-|Windows|- Windows 8 on 32-bit or 64-bit platforms.- Windows 8 Enterprise on 32-bit. \\ - Windows 7 on 32-bit or 64-bit platforms \\ - Windows 7 SP1 Enterprise on 32-bit \\ - Windows Vista on 32-bit or 64-bit platforms \\ - Windows XP with SP3 on 32 bit|- Internet Explorer 10 \\ - Internet Explorer 9.0 \\ - Internet Explorer 8.0 \\ - Internet Explorer 7.0 \\ - Firefox 3.0 and above including FF10 \\ - Oracle JRE 6 and above| 
-|Mac|- Mac OS X 10.6.x, 32 bit and 64 bit \\ - Mac OS X 10.7.x, 32 bit \\ - Mac OS X 10.8.x, 32 bit|- Safari 6.0 Sun JRE 6 \\ - Safari 5.1 Sun JRE 6 \\ - Safari 5.0 Sun JRE 6| 
-|Linux|- OpenSuse 10.x and 11.x \\ - Ubuntu 9.10, 10.x and 11.x \\ - Red Hat Enterprise Linux 5|- Firefox 3.0 and above \\ - Oracle JRE 6 and above| 
-|Solaris|- Solaris 10, 32 bit only|- Mozilla 2.0 and above| 
-**NOTE:**\\ \\ 
-1) IE 10 is supported in Windows 8 Desktop Mode on Windows 8\\ 
-2) 32 bit Network Connect is supported only on the following distributions:\\ 
-^Platform^Operating System^Browsers and Java Environment^ 
-|Linux|- Ubuntu 12.04 LTS \\ - OpenSUSe 12.1 \\ - Fedora 17|- FireFox 10-ESR \\ - Oracle JRE 6 and 7 \\ - IcedTea-Web 1.2 with OpenJDK 6 and 7| 
- 
-Other operating systems, browsers and versions of Java, it may work by requiring, in some cases, possible interventions configuration on the client. 
-