Juniper Networks SSL VPN Integration Guide

Similar documents
Add OKTA as an Identity Provider in EAA

ComponentSpace SAML v2.0 Okta Integration Guide

MyWorkDrive SAML v2.0 Okta Integration Guide

Configuring Confluence

RECOMMENDED DEPLOYMENT PRACTICES. The F5 and Okta Solution for High Security SSO

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. Pulse Connect Secure 8.x

Integration Guide. PingFederate SAML Integration Guide (SP-Initiated Workflow)

SecureAuth IdP Realm Guide

Integrating VMware Workspace ONE with Okta. VMware Workspace ONE

Configure Unsanctioned Device Access Control

Using Microsoft Azure Active Directory MFA as SAML IdP with Pulse Connect Secure. Deployment Guide

Enabling Single Sign-On Using Okta in Axon Data Governance 5.4

ActivIdentity ActivID Card Management System and Juniper Secure Access. Integration Handbook

All about SAML End-to-end Tableau and OKTA integration

Okta SAML Authentication with WatchGuard Access Portal. Integration Guide

Cloud Secure Integration with ADFS. Deployment Guide

Enabling Single Sign-On Using Microsoft Azure Active Directory in Axon Data Governance 5.2

Morningstar ByAllAccounts SAML Connectivity Guide

This documentation will go over how to install Sharepoint for configuring with Panopto.

Community Manager Guide: Jive Jabber Add-on

Administering Jive Mobile Apps for ios and Android

About This Document 3. Overview 3. System Requirements 3. Installation & Setup 4

Google Authenticator User Guide

Configuring and Delivering Salesforce as a managed application to XenMobile Users with NetScaler as the SAML IDP (Identity Provider)

ServiceNow Deployment Guide

Google SAML Integration with ETV

Configuring Alfresco Cloud with ADFS 3.0

Integrating AirWatch and VMware Identity Manager

Establishing two-factor authentication with Juniper SSL VPN and HOTPin authentication server from Celestix Networks

Single Sign-On for PCF. User's Guide

Configuring and Delivering Salesforce as a managed application to XenMobile Users with 3 rd Party SAML IDP (Identity Provider)

CONFIGURING AD FS AS A THIRD-PARTY IDP IN VMWARE IDENTITY MANAGER: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

RSA SecurID Access SAML Configuration for Datadog

INTEGRATING OKTA: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Configuring Single Sign-on from the VMware Identity Manager Service to Marketo

This topic discusses what's required of SAML IdPs in general and provides a step-by-step procedure for setting up a OneLogin IdP.

App Gateway Deployment Guide

Qualys SAML & Microsoft Active Directory Federation Services Integration

Unity Connection Version 10.5 SAML SSO Configuration Example

Slack Cloud App SSO. Configuration Guide. Product Release Document Revisions Published Date

Okta Integration Guide for Web Access Management with F5 BIG-IP

Integration Guide. LoginTC

Setting Up the Server

Pulse Secure Client for Chrome OS

Hypersocket SSO. Lee Painter HYPERSOCKET LIMITED Unit 1, Vision Business Centre, Firth Way, Nottingham, NG6 8GF, United Kingdom. Getting Started Guide

Juniper SA 8.x Integration

Deliver and manage customer VIP POCs. The lab will be directed and provide you with step-by-step walkthroughs of key features.

Advanced integrations with Okta: MobileIron

Configuring User VPN For Azure

Revised: 08/02/ Click the Start button at bottom left, enter Server Manager in the search box, and select it in the list to open it.

Configuring Single Sign-on from the VMware Identity Manager Service to Bonusly

How to Use ADFS to Implement Single Sign-On for an ASP.NET MVC Application

PingOne. How to Set Up a PingFederate Connection to the PingOne Dock. Quick Start Guides. Version 1.1 December Created by: Ping Identity Support

Document for connecting an ipad/iphone to the University VPN System

RSA SecurID Access WS-Fed Configuration for Microsoft SharePoint

4TRESS AAA. Out-of-Band Authentication (SMS) and Juniper Secure Access Integration Handbook. Document Version 2.3 Released May hidglobal.

Identity Implementation Guide

Identity Implementation Guide

Using vrealize Operations Tenant App as a Service Provider

4TRESS FT2011 Out-of-Band Authentication and Juniper Secure Access

TECHNICAL GUIDE SSO SAML Azure AD

AWS Remote Access VPC Bundle

SAML-Based SSO Configuration

Java SAML Consumer Value-Added Module (VAM) Deployment Guide

Identity Implementation Guide

This section includes troubleshooting topics about single sign-on (SSO) issues.

VAM. Java SAML Consumer Value- Added Module (VAM) Deployment Guide

User Guide. Version R94. English

Configuration Guide - Single-Sign On for OneDesk

VMware Workspace ONE Quick Configuration Guide. VMware AirWatch 9.1

AirWatch Container. VMware Workspace ONE UEM

TACACs+, RADIUS, LDAP, RSA, and SAML

.NET SAML Consumer Value-Added (VAM) Deployment Guide

Setting Up Resources in VMware Identity Manager 3.1 (On Premises) Modified JUL 2018 VMware Identity Manager 3.1

Implementation Guide for protecting Juniper SSL VPN with BlackShield ID

Workday Deployment Guide Version 4.0

Webthority can provide single sign-on to web applications using one of the following authentication methods:

Setting Up Resources in VMware Identity Manager (On Premises) Modified on 30 AUG 2017 VMware AirWatch 9.1.1

Guide to Deploying VMware Workspace ONE. VMware Identity Manager VMware AirWatch 9.1

Protecting SugarCRM with SafeNet Authentication Manager

Quick Start Guide for SAML SSO Access

SAML-Based SSO Solution

Introduction to application management

Setting Up Resources in VMware Identity Manager (SaaS) Modified 15 SEP 2017 VMware Identity Manager

IMPLEMENTING SINGLE SIGN-ON (SSO) TO KERBEROS CONSTRAINED DELEGATION AND HEADER-BASED APPS. VMware Identity Manager.

Secure Remote Access with Comprehensive Client Certificate Management

USER MANUAL. SalesPort Salesforce Customer Portal for WordPress (Lightning Mode) TABLE OF CONTENTS. Version: 3.1.0

Guide to Deploying VMware Workspace ONE. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1

SSL Certificate Based VPN

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. Citrix NetScaler Gateway 12.0

RSA SecurID Access SAML Configuration for StatusPage

Integration Guide. SafeNet Authentication Service. Strong Authentication for Juniper Networks SSL VPN

User Guide. Version R92. English

VMware Identity Manager Administration. MAY 2018 VMware Identity Manager 3.2

OneLogin SAML Authentication with WatchGuard Access Portal. Integration Guide

Google Auto User Provisioning

Integration Guide. SafeNet Authentication Manager. Using SAM as an Identity Provider for Okta

Using Your Own Authentication System with ArcGIS Online. Cameron Kroeker and Gary Lee

Udemy for Business SSO. Single Sign-On (SSO) capability for the UFB portal

VMware Identity Manager Administration

Transcription:

Juniper Networks SSL VPN Integration Guide Introduction Overview Terms Setting Up an Authentication Server Creating a User Role Creating a User Realm Setting Up Your Sign In URL top Introduction This document describes how to integrate an Okta organization with a Juniper Instant Virtual Extranet (IVE), so that users can connect from Okta to an IVE server using SAML, and then SSO into a target application or resource. Overview Following is a brief overview of the steps required to integrate an Okta organization with a Juniper IVE: 1. An administrator must configure an IVE instance in their Okta organization. 2. Sign into IVE and configure it to accept SAML assertions from Okta. 3. Create an Authentication Server. 4. Create a User Role that maps users to a managed resource on the IVE. 5. Create a target Authentication Realm that you associate with the Target App URL/Resource. 6. Map users in your Authentication Realm to a User Role. 7. Create a target application Sign In URL that you pass to the IVE via the Okta SAML assertion target. 8. After you set up the IVE to receive SAML assertions from OKTA, you can assign the IVE instance to end users. After completing these steps, users can click an application icon on their home page and SSO to the target application (resource) managed by the IVE. Figure 1. Okta Integration Overview top

top Terms The following is a list of terms and values that are used in this guide: Authentication Server: Okta_SAML_AUTH_SERVER User Role: Okta_SSO_USER_ROLE Realm: Okta_SAML_SSO_REALM Sign In URL: Target Field of SAML assertion Target App URL: Sign in URL of desired app or resource that is managed by the IVE. top Setting Up an Authentication Server Do the following: 1. From your Okta Administrative Dashboard, select Application > New Application and enter template in the search bar. Choose the SAML 2.0 Template. See figures 2 5 below. 2. Sign into your Juniper IVE Admin Manager. 3. Create a new authentication server, and name it Okta_SAML_AUTH_SERVER. Select Authentication, click Auth Servers, select SAML server from the New drop down menu, and click New Server. 4. Complete the fields for your new authentication server: Server Name: Enter a name that can be easily identified. Source Site Inter Site Transfer Service URL: Copy and paste the post back URL from Okta SAML setup instructions. Issuer Value for Source Site: Copy and paste issuer value from Okta SAML setup instructions. User Name Template: Enter <userattr.cn> Allowed Clock Skew (minutes): Enter the difference between the IVE and Okta server. SSO Method: Select Post. Upload the certificate provided in the Okta SAML setup instructions. Make sure Enabled Signing Certificate status checking is not checked. 5. Click the Save Changes button. Figure 2. Setting Up the Application in Okta

Figure 3. Setting Up the Application in Okta

Figure 4. Setting Up the Application in Okta Figure 5. Setting Up an Authentication Server

top Creating a User Role This section describes how to create a new role to map users in the Okta_SAML_SSO_REALM. Name this role Okta_SSO_USER_ROLE. 1. Select Users > User Roles > New Role. 2. Select General, click the Overview tab, and complete the following fields: Name: Okta_SSO_USER_ROLE Description: Enter a description. Make sure the following are selected in Options: Select Session/Options. Select UI/Options. In Access Features, select Web. 3. Click the Save Changes button. Figure 6. Creating a User Role

4. On the same page, click the Web tab and select Bookmarks. 5. Create a new bookmark to the target application or resource the IVE is managing. Name this URL TARGET_APP_URL. 6. Under Type, choose a Web Resource Profile. 7. Enter a name in the Name field. Figure 7. Creating a New Bookmark

8. Staying on the same page, select General and click UI Options. 9. Under Start Page, select Custom Page. 10. In the start page URL field, enter TARGET_APP_URL. This is the sign in page URL for the target application or resource that you created in Creating a User Role. For example, https://www.yammer.com/login Make sure you check Also allow access to directories below URL. 11. Click Save. Figure 8. Setting the Start Page

top Creating a User Realm Do the following: 1. Create a new realm to associate with your Okta_SAML_AUTH_SERVER authentication server. Name the realm Okta_SAML_SSO_REALM. 2. Select Users, click User Realms,and then click New. 3. Create a new User Authentication Realm and complete the following fields: Name: Okta_SAML_SSO_REALM Description: Enter SAML SSO Realm. Authentication: Select Okta_SAML_AUTH_SERVER (created in Setting Up an Authentication Server. ) Figure 9. Creating a User Realm

4. On the same page, click the Role Mapping tab. 5. Click New Rule and complete the following fields: Rule Based on: Select Username Name: Okta_SAML_SSO_RULE Set Rule: If Username to is: * Assign these roles: Set to Okta_SSO_USER_ROLE. 6. Click Save Changes. Figure 10. Creating a New Rule

top Setting Up Your Sign In URL 1. Select Authentication and click Signing In. 2. Click New URL. 3. Edit your new Sign In URL as follows: Sign In URL: The Sign In URL is passed into the IVE from the SAML Assertion POST. Enter the Sign In URL for Okta to complete the Okta IVE configuration. Select User picks from a list of authentication realms and then select Okta_SAML_SSO_REALM. 4. Click the Save Changes button. Figure 11. Editing a Sign In URL

This step completes your integration. Your users can now authenticate using SAML from Okta to an IVE server and then SSO into the target application or resource.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback