Remote-access Guide

ncp exclusive remote access client

by Dr. Eden Bednar Published 2 years ago Updated 2 years ago
image

Which devices can be managed with NCP exclusive remote access?

VPN configurations, user certificates and licenses for these clients can be centrally managed.The NCP Exclusive Remote Access Android Clients are available for mobile end devices with Android 4.4 and above.

What is the NCP exclusive VPN client?

The VPN client is only available with NCP Exclusive Remote Access Management. Use the NCP Exclusive Client to establish secure, IPsec -based data links from any location when connected with SRX Series Gateways.

How does autovpn work with the NCP exclusive remote access client?

The NCP Exclusive Remote Access Client is supported with AutoVPN in point-to-point secure tunnel interface mode. AutoVPN is only supported on route-based IPsec VPNs on the SRX Series device. Traffic selectors configured on the SRX Series device and the NCP client determine the client traffic that is sent through the IPsec VPN tunnel.

What happens when a remote access user disconnects from autovpn?

When a remote access user disconnects and the corresponding IKE and IPsec SAs expire, subsequent reconnection of the user depends on whether the currently installed license is expired or not. The NCP Exclusive Remote Access Client is supported with AutoVPN in point-to-point secure tunnel interface mode.

image

What is NCP exclusive remote access?

NCP Eclusive Remote Access Client for iPhones and iPads provides the user with the benefits of a comprehensive, fully-automated remote access solution within a Virtual Private Network (VPN). It can be downloaded free of charge from the Apple App Store and installed on the device. The server components NCP Exclusive Remote Access Management and the Juniper SRX Server are used to configure and distribute certificates centrally. Communication with the corporate network is carried out via a VPN tunnel according to the highest technical standards.

What is an iOS client?

The iOS Client has access to resources in the company network via the Juniper SRX Server, and is designed for interoperability with NCP Exclusive Remote Access Management which can also automatically import large user groups from existing user management systems into the remote access infrastructure.

What is an IKEv2 remote access client?

In this example, IKEv2 Exclusive Remote Access Client users are authenticated with an external RADIUS server using EAP-TLS. An authenticated client is assigned an IP address and a primary DNS server from a local address pool configured on the SRX Series device. The traffic selector is configured with 0.0.0.0/0 for the remote and local addresses, which means that any traffic is permitted on the tunnel.

What is TCP encapsulation profile?

On an SRX Series device, a TCP encapsulation profile defines the data encapsulation operation for remote access clients. Multiple TCP encapsulation profiles can be configured to handle different sets of clients. For each profile, the following information is configured:

What happens if a remote server does not return an IP address?

If the RADIUS server does not return an IP address and there is a user-configured local address pool, an IP address is assigned to the remote client from the local pool. The number of addresses in the local address pool or RADIUS server address pool should be larger than the number of remote access client users.

Downloading the Initial Configuration

The initial configuration should be created for all users with a pre-shared key rather than a certificate, as this allows the configuration to be sent via all transfer methods.

Download the Personanl Configuration

To download the personal configuration, the user must be notified of the authentication data (user ID and authentication code) and, if applicable, the PIN for the personal certificate (e.g. by e-mail).

image
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9