Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

client-config (Juniper Secure Connect)

Syntax

Hierarchy Level

Description

Define Juniper Secure Connect remote client configuration parameters. The parameters define how Juniper Secure Connect client establishes VPN tunnel with your security device.

Options

name

Name of configuration object name.
application-bypass

Define application-bypass configuration.
biometric-authentication

Enable biometric authentication.
domain-name Define the set of search domain name. As a system administrator, you can configure the set of search domain name that the Juniper Secure Connect application will use to handle DNS lookups. This is applicable to both full tunnels and split tunnel configurations.

You can provide more than one search domain names by executing the set security remote-access client-config name domain-name domain-name multiple times. When you enter more than one domain name, it automatically adds a separator (comma) to that value. The number of domain names are limited to the total number of characters and must not exceed 1023 characters. For example, the two domain names juniper.net,lab.juniper.net consumes 27 characters while juniper.net consumes 11 characters.

Range: 0-1023 characters including comma.
connection-mode

Set one of the following connection mode for clients:

  • Values:

    • always—Connect to the VPN automatically when user logs in to remote client device. In always mode, the first VPN connection established when the user clicks the "Connect" button. After that, whenever VPN connection gets disconnected without manual intervention, the client device always attempts to re-establish the connection automatically.

    • manual—Connect to the VPN manually.

  • Default: manual
credentials

Set one of the following to save the user credentials in Juniper Secure Connect application:

Values:

  • username—To save the username in Juniper Secure Connect application. When you enable this option, user will not be required to provide username every time they connect to Juniper Secure Connect application.
  • password—To save both the username and password in Juniper Secure Connect application. When you enable this option, user will not be required to provide username and password every time they connect to Juniper Secure Connect application.

Note that you cannot configure both the options at the same time. If you have not configured the credentials configuration options, then the Juniper Secure Connect application does not remember any user credentials.
dead-peer-detection—

Enable dead-peer-detection on the client.

Interval

The time between DPD probe messages in seconds.

  • Default: 60 seconds
threshold

Maximum number of DPD retransmissions.

  • Default: 5
no-dead-peer-detection

Disable dead-peer-detection on client
no-eap-tls

Disable EAP-TLS IKEV2 method.
no-tcp-encap

Disable tcp encapsulation.
windows-logon

Specify windows logon options.

The remaining statements are explained separately. See CLI Explorer.

Required Privilege Level

security

Release Information

Statement introduced in Junos OS Release 20.3R1.

Support for domain-name option at the [edit security remote-access client-config name] hierarchy level added in Junos OS Release 22.1R1.

Support for application-bypass option added in Junos OS Release 23.1R1.

Related Documentation