Juniper Networks Secure Access Administration Guide

Table of Contents
Delegating resource policy management ...............................................741
Delegating resource profile management ..............................................742
Defining general system administrator role settings ....................................743
Defining default options for administrator roles ....................................743
Managing general role settings and options...........................................743
Specifying access management options for the role ..............................744
Specifying general session options ........................................................744
Specifying UI options.............................................................................745
Delegating access to IVS systems ..........................................................746
Chapter 29 Instant Virtual System (IVS) 747
Licensing: IVS availability.............................................................................748
Deploying an IVS .........................................................................................748
Virtualized IVE architecture ...................................................................750
Signing in to the root system or the IVS .......................................................751
Signing-in using the sign-in URL prefix ..................................................751
Signing-in over virtual ports...................................................................753
Signing-in over a VLAN interface ...........................................................754
Navigating to the IVS .............................................................................754
Determining the subscriber profile...............................................................754
IVS Configuration Worksheet.................................................................754
Administering the root system ..............................................................756
Configuring the root administrator ........................................................757
Provisioning an IVS......................................................................................757
Understanding the provisioning process ......................................................758
Configuring sign-in ports..............................................................................760
Configuring the external port.................................................................760
Configuring a virtual port for sign-in on the external port......................761
Configuring a virtual port for sign-in on the internal port.......................761
Configuring a Virtual Local Area Network (VLAN).........................................762
Configuring VLANs on the virtualized IVE..............................................763
Adding static routes to the VLAN route table .........................................764
Deleting a VLAN ....................................................................................765
Loading the certificates server......................................................................766
Creating a virtual system (IVS profile) ..........................................................766
Creating a new IVS profile .....................................................................766
Signing in directly to the IVS as an IVS administrator...................................768
Configuring role-based source IP aliasing .....................................................769
Associating roles with VLANs and the source IP address........................770
Configuring virtual ports for a VLAN ......................................................770
Associating roles with source IP addresses in an IVS .............................770
Configuring policy routing rules on the IVS ..................................................771
Routing Rules ........................................................................................772
Overlapping IP address spaces ..............................................................773
Define Resource policies........................................................................773
Clustering a virtualized IVE ..........................................................................773
Configuring DNS for the IVS.........................................................................774
Accessing a DNS server on the MSP network.........................................775
Accessing a DNS server on a subscriber company intranet....................775
Configuring Network Connect for use on a virtualized IVE ...........................777
Configuring the Network Connect connection profile ............................777
Configuring Network Connect on backend routers ................................777
Configuring a centralized DHCP server ........................................................780
Configuring authentication servers...............................................................782
Table of Contents � xix