Archive

Archive for January, 2010

Simple Juniper Cache Cleaner troubleshooting steps

January 21, 2010 4 comments

If you have a Juniper SSL-VPN appliance once of the biggest headaches you may deal with is cache cleaner. Its a great tool from a security standpoint, but most of the problems that get escalated to me have to do with this program. However, none of the problems have been with cache cleaner, rather the problems have been with IE not loading the ActiveX control correctly. Here is a simple list of things to check when having cache cleaner issues:

  • Clear the cache.
    • In IE7 or IE8 do the following
      • Go to Tools > Internet Options
      • In Browsing History click on “delete”
      • In the Temporary Internet Files section click on “Delete Files”
      • Click “yes” to delete temp internet files.
      • Close IE
      • Open IE and try again
  • Uninstall Cache Cleaner
    • Go Start > Programs > Juniper Networks > Cache Cleaner x.x.x > Uninstall Cache Cleaner
    • There will be no confirmation, it will simply uninstall Cache Cleaner.
    • Open IE and try again. When logging in the SSL-VPN the program will install again.
  • Delete the downloaded program from IE
    • In IE go to Tools > Internet Options
    • In the Browsing History section click on Settings
    • Click on ‘View Objects’
    • This will list all the active x controls installed.
    • Right-click on all Juniper programs and click “remove”
    • Also remove any with invalid names (a bunch of weird characters)
    • Close IE
    • Reopen IE and try again.
  • Install the Juniper Installer Service, I always leave this as a last option because I hate putting programs on users personal computer.
    • You can get the Juniper Installer Service from the Maintenance section within the SSL-VPN administration. As a last resort this has always fixed issues. You will need to find a way to get the file to your user. One way it to create a realm with its own URL. This realm only has a download link for this or another important files your user may need for VPN purposes.
Categories: Juniper, Networking, Security

Enable pinging Server2008

January 21, 2010 Leave a comment

One change Microsoft made with the Server 2008 Firewall was to disallow pinging the server by default. The other change is the Micrsoft built in firewall does not have a category for ping or ICMP. Instead pinging is restricted in the category File and Printer Sharing. To enable pinging of the server do the following:

  • Go into Start > Control Panel
  • In the Security section click on “Allow a program through Windows firewall’
  • Put a check in front of ‘File and Printer Sharing”
  • Click OK

You will now be able to ping the server. This is normally not an issue on my network as I use a 3rd party firewall solution. I would not recommend anyone trusting the windows firewall for production servers.

Categories: Microsoft, Security