Re: wild card ssl cert installation on SSG140
Hello, 1) Are you saying that the identity certificate (issued by CA & issued to your firewall) is shown under CA certificate? If that is the case, you want to delete it from under 'CA...
View ArticleRe: wild card ssl cert installation on SSG140
thanks for your response. 1. Under Objects | Certificates in WebGUI, there is nothing when I select "Show Local".2. When I select "Show CA", I saw my loaded cert like this. MyCA Root Certificate...
View ArticleCan I use RADIUS on Windows 2012R2 for Juniper SSG140?
Hello; Instead of using LDAP, can I use RADIUS setting on Juniper SSG140 to authenticate my SSLVPN user to Active Directory which is Windows 2012R2. Can anyone direct me to the right place to find the...
View ArticleRe: Can I use RADIUS on Windows 2012R2 for Juniper SSG140?
Hello, Please use below link for configuring the Dial Up VPN. https://kb.juniper.net/InfoCenter/index?page=content&id=KB15272&actp=search And please use below link (Chapter 5, search for...
View ArticleRe: wild card ssl cert installation on SSG140
Hello, Can you tell me if the CSR for this certificate was generated on the device? Regards, Rushi
View ArticleRe: Can I use RADIUS on Windows 2012R2 for Juniper SSG140?
And to be precise, an SSG-140 cannot act as an SSL-VPN server. The VPNs need to be IPSec VPNS.
View ArticleRe: wild card ssl cert installation on SSG140
Hi, First - the certificate request should have been created o nthe Firewall. You cannot sign a CSR generated on some other machine, sign it with a CA and load it on the Firewall for local use. Once a...
View ArticleRe: Forward public ip to device directly attached to ssg interface
Hi, If you need to have Router-B behind the SSG with a puclic IP, you will end up using one more public IP, because int-4 needs an IP from the same 188.x.x.x subnet. The easiest way to get this done...
View ArticleHow to force SSG FW to generate SHA-256 cert
Can anyone point me to the process either via cli or from the gui (not NSM) to generate a CSR for an SSG/ScreenOS firewall to use a SHA-256 algorithm? Thanks
View ArticleRe: How to force SSG FW to generate SHA-256 cert
SHA-256 is selected by the certificate authority, not the device itself.
View ArticleRe: How to force SSG FW to generate SHA-256 cert
right and our certificate authority uses SHA-256 and we ran into an isuse on an srx device some time aog where we just created the csr as we knew how and turned out it created it with default SHA-1 so...
View ArticleRe: How to force SSG FW to generate SHA-256 cert
For the CSR, you only specify the key length and type (RSA, DSA or ECDSA). The hash algorithym is specified by the CA server that issues the signed certificate. There is no way to "force" SHA-2 on...
View ArticleRe: How to force SSG FW to generate SHA-256 cert
thank you - so im running 6.3.0r21 on these so are you saying then that if i just go forward and generate a CSR that it will work with a CA using SHA 256? Because i dont believe that is the case with...
View ArticleRe: How to force SSG FW to generate SHA-256 cert
Yes. The signing algorithm used is determined by the CA, not the device generating the CSR.
View ArticleRe: How to force SSG FW to generate SHA-256 cert
is this confirmed to be different behavior than on the SRX series then? Because as I mentioned I had to specify SHA 256 in the CSR that I generated from an SRX not too long ago because ECA vendors are...
View ArticleRe: wild card ssl cert installation on SSG140
Hi; the initial certificate request is not generated from this SSG140 device, as what you mentioned, it is from other computer, I export the cert with the key. This is the way I did for the another...
View ArticleRe: Can I use RADIUS on Windows 2012R2 for Juniper SSG140?
Hi; That means, I cannot create a web portal for user access to my Remote Desktop Server from SSG140? Because I want to create a portal page that allow user access to Exchange OWA, Microsoft Remote...
View ArticleRe: wild card ssl cert installation on SSG140
Hello, ScreenOS firewalls must generate CSR on the device itself. If you have generated CSR from other device & you have got PKCS12 file containing CA certificate, Local Certificate & Key pair,...
View ArticleRe: Can I use RADIUS on Windows 2012R2 for Juniper SSG140?
Hello, So if I understand correctly, you want to do it similar to webvpn/sslvpn on Cisco where user first connects to SSLVPN & gets a portal & then clicks an icon which takes it to Remote...
View ArticleRe: Can I use RADIUS on Windows 2012R2 for Juniper SSG140?
so, do you know, what model of Juniper support webvpn/sslvpn? Does the latest model like SRX series support it?
View Article