Junos Pulse Client Config

denmoff
Contributor II

Anyone pushing out their VPN configurations with JAMF? I was planning to do this, but i'm not seeing a straightforward way of doing this. Figured there was a preference file that held the info. Looks like there is a file called connstore.dat that gets put in /Library/Application Support/Juniper Networks/Junos Pulse/. And there is an entry in /etc/hosts. (Kind of surprised the Junos app could make these system changes without admin creds.) There's also a load of files created in ~/Library/Application Support/Juniper Networks/SetupClient.

1 ACCEPTED SOLUTION

nkalister
Valued Contributor

this is actually really easy . . .you'll need to have a config file from your VPN server. Your VPN admin should be able to generate that for you from the server. Once you have that, follow the instructions from this KB to apply the config to your client. I run these commands as a postflight script in the installer package.
http://www.juniper.net/techpubs/en_US/junos-pulse5.0/topics/concepts/a-c-c-jamcommand-overview.html

View solution in original post

12 REPLIES 12

nkalister
Valued Contributor

this is actually really easy . . .you'll need to have a config file from your VPN server. Your VPN admin should be able to generate that for you from the server. Once you have that, follow the instructions from this KB to apply the config to your client. I run these commands as a postflight script in the installer package.
http://www.juniper.net/techpubs/en_US/junos-pulse5.0/topics/concepts/a-c-c-jamcommand-overview.html

View solution in original post

denmoff
Contributor II

@nkalister Thanks.

Thota
New Contributor

it is work for pulse 5

!/bin/sh

Import the company VPN settings

/Applications/Junos Pulse.app/Contents/Plugins/JamUI/jamCommand -importfile https://vpn.test.com-jnprpreconfig

now not work can you help me. we are using pulse secure

lzdesktop
New Contributor II

has anyone been able to get this to work? We are running 5.2.5 and we can't get the profile to publish. thanks in advance for any answers.

rirwin1
New Contributor II

@nkalister Do you have an updated link? the one posted is 404. Thx.

We have four .jnprpreconfig files, but have not been able to get them to work. can you consolidate them to one file, or pull them one by one from a hidden dir?

Tried this without success
--
!/bin/sh

Import the company VPN settings

/Applications/Junos Pulse.app/Contents/Plugins/JamUI/jamCommand -importfile /var/test/test.jnprpreconfig

nkalister
Valued Contributor

the link in this thread was just to Pulse's documentation, so if that link isn't present any longer, I'd just look around on their support site. that's how I found that doc originally.
I've had no issues with continuing to use the jam commands to configure pulse . . . we're currently deploying pulse version 5.2.6 on Sierra, and I have not had to make any changes to the branding or configuration commands in my scripts.
@rirwin1 I notice that your jamCommand path still references Junos Pulse.app. Junos has changed the application name to Pulse Secure.app. Make sure you're using the right path to the jamCommand binary- if you're deploying Pulse Secure, that path in your post is incorrect.

nkalister
Valued Contributor
We have four .jnprpreconfig files, but have not been able to get them to work. can you consolidate them to one file, or pull them one by one from a hidden dir?

Your pulse server admin can generate a config that combines them all for you, but that must be done on the server. Importing multiple files will overwrite previously imported configurations, so if you need all of those present at one time you'll need to get a combined config from your server admins.

lzdesktop
New Contributor II

I was able to figure this out with trial and error. Here are the steps I did to get the config to import using JAMF.

First, if you have multiple Juniper configs open them using a text editor and combine the configs into one *.jnprpreconfig file. Once you have the all in one config save the FileName.jnprpreconfig and use package to create a package and send it to /Users/Shared/.

In packages place this Juniper file under Payload: Highlight Users/Shared and click the + icon to upload the file then build the package.

Once you send the file to the MAC say @ login, then create another policy to run the script: /Applications/Pulse Secure.app/Contents/Plugins/JamUI/jamCommand -importFile /Users/Shared/FileName.jnprpreconfig.

If you have a policy to install Junos Pulse do this three policies in JAMF, otherwise you just need two policies. One to push and one to import:

  1. Policy to install at Login
  2. Policy to send FileName.jnprpreconfig
  3. Policy at logout to importFile or use the reoccurring at check-in.

This is what worked for me. If you try to send + import in policy it may not sync the process in time.

I couldn't the config files to loaded under Packages using this guy's how to: https://derflounder.wordpress.com/2015/03/13/deploying-a-pre-configured-junos-pulse-vpn-client-on-os-x/

Also the newer versions of Secure Pulse are different from the older versions.

Stephen V.

maleuthold
New Contributor

thanks

rastogisagar123
Contributor

@nkalister junos or Pulse Secure VPN goes to Jamf mdm to confirm mac is compliant. Is it possible, if ues jow can we achieve it?

rastogisagar123
Contributor

@nkalister I need to disable Pulse secure window at auto launch , issue is whenever we reboot macOS pulse secure launches, could you please help me who can we disable it, please help me with complete process.

rastogisagar123
Contributor

@nkalister do you know what process name we can bypass for Pulse Secure VPN on MCP(McAfee). I would like to know for Pulse Secure process names