Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Connection Menu

SUMMARY Juniper Secure Connect Connection menu provides you the options to establish remote access connection and secure the connection with certificates. Use the Connection menu for connection related options to view the certificates, enter PIN, reset PIN, or change PIN.

What's Next

For more information on Juniper Secure Connect GUI elements, see Juniper Secure Connect GUI Elements.

For more information on Juniper Secure Connect features and how to configure the options, see View Menu, Log Menu, and Help Menu.

Connect Menu Option

  1. You must first define and select a profile to establish a connection for that profile. Click on the Connection Profile dropdown list and select a profile for which you want to establish a connection.

  2. Click the Connection toggle button to establish connection manually to the destination system. You can also select Connection > Connect from the menu bar to manually establish a VPN connection as shown in Figure 2.

    Warning:

    If the following the warning message is displayed, your application is missing the CA certificate from the VPN gateway (SRX Series Firewall). If you are a remote user, contact your IT organization for appropriate action. If you are a system administrator, place the cacerts in the respective location for the platform.

    Figure 1 is a sample warning message on macOS platform when CA certificate is not present.

    Figure 1: Sample Certificate Warning Message on macOS Platform Sample Certificate Warning Message on macOS Platform

  3. To disconnect the existing connection, go to Connection > Disconnect, or use the Connection toggle button.

Figure 2: Connection MenuConnection Menu

Connection Info Menu Option

In the menu bar, navigate to Connect > Connection Info to get the following information on your connection as shown in Figure 3:

  • Name of the currently selected profile

  • Statistics information (for example, time online, and value of timeout)

  • IP addresses (VPN IP address, DNS server, and VPN Endpoint)

  • Security mode

  • Security keys used

Figure 3: Connection Info OptionConnection Info Option

Figure 4 shows an example of connection information for a VPN connection.

Figure 4: Connection InformationConnection Information

View Certificates Menu Option

Certification Authority (CA) (also referred as the Issuer) creates and issues certificates using a PKI manager (software) and stores as a soft certificate.

User and CA certificates are stored in the following directory locations:

  • User certificates are stored as a PKCS#12 file in /Library/Application Support/Juniper/SecureConnect/certs folder location, like /Library/Application Support/Juniper/SecureConnect/certs/user.p12.

  • CA or issuer certificates are stored in /Library/Application Support/Juniper/SecureConnect/cacerts folder location.

Juniper Secure Connect supports *.pem and *.crt formats for CA certificates.

Navigate to Connection > Certificates and select View Certificates as shown in Figure 5 to view certificates related menu options.

Figure 5: Certificates Menu OptionCertificates Menu Option

Figure 6 shows an example of CA certificates window, after selecting Display CA Certificates option from the Certificates menu.

Figure 6: View CertificatesView Certificates

Enter PIN Menu Option

You can enter the PIN after starting the Juniper Secure Connect and before establishing a connection. If you want to establish a connection using a certificate at a later time, then you can skip the PIN entry unless the certificate configuration requires it.

To enter your PIN:

  1. Navigate to Connection > Enter PIN from the menu. See Figure 7.
    Figure 7: Enter PIN Menu OptionEnter PIN Menu Option
  2. Enter the PIN. Your PIN must be minimum of six digits in length.
  3. Click OK.

You need a PIN to establish the connection with certificates successfully. At the first time of establishing a connection manually, you must enter the PIN. For subsequent manual connections, you can skip entering the PIN again. A correct PIN entry is indicated by a green PIN symbol.

Change PIN Menu Option

In Juniper Secure Connect, if you want to enter the PIN only before establishing the connection, your administrator needs to enable PIN request at each connection option for Certificate Based Authentication method. Administrator can enable PIN request at each connection option to prevent an unauthorized user from setting up an unauthorized connection when the PIN has already been entered. When PIN request at each connection option is enabled, whenever you establish a connection, you are prompted to enter the PIN.

If you select Connection > Change PIN, the PIN that has already been requested in connection with other functions is no longer used, that is, when setting up a connection, or in the Enter PIN connection menu. Instead you can always select the Connection > Change PIN and the new PIN will be automatically reset immediately after the change. This ensures that when configuring PIN request at each connection (by your administrator) on an unauthorized Juniper Secure Client, an unauthorized user’s PIN cannot be used at anytime to establish a connection.

To change your PIN for a smartcard or token or soft certificate:

  1. Navigate to Connection > Change PIN in the menu bar. See Figure 8.
    Figure 8: Change PIN Menu OptionChange PIN Menu Option
  2. Enter the correct PIN number has been entered previously.
  3. Enter your new PIN and confirm it by repeating it.
  4. Click OK. You have now changed your PIN.

Reset PIN Menu Option

To reset your PIN:

  1. You can select Connection > Reset PIN to reset the PIN.
  2. You must enter the correct PIN to reset the PIN, because, the certificate is used to establish the connection.
  3. If the PIN is reset, you cannot use this certificate to establish a connection, until the correct PIN is entered again.