I'm setting up a Juniper Secure Connect configuration for the first time.
I've got it to work with IKEv1 and pre-shared-keys, but I'm now trying to get it to work with IKEv2 and a signed certificate.
I've loaded the local and CA certificates on the SRX, and I've added the CA certificates to the Juniper Secure Connect client folder per this article:
Install Juniper Secure Connect on Windows
I've gotten it so far that it connects, but then it asks me for the "PIN of your certificate":
No matter what PIN I enter, it then gives me the following screen:
I'm not sure why this PIN is needed or which certificate file it can't find. I haven't set any PIN on any certificate.
I'm using credentials for login, and not a user certificate, so there should be no additional certificate needed on the client side.
The last lines in the client Log Book are:
2024-09-28 19:19:25 - Configuration download: Login success
2024-09-28 19:19:25 - Configuration download: Configuration time not changed
2024-09-28 19:19:25 - Configuration download: Logout success
2024-09-28 19:19:25 - Configuration download: Logout - no new configuration imported
2024-09-28 19:19:26 - SUCCESS - MONITOR: Configuration download -> Configuration is up to date
2024-09-28 19:19:26 - MONITOR: Configuration download -> Save credentials for "[censured]"
2024-09-28 19:19:26 - INFO - MONITOR: Configuration download -> Start vpn connection
2024-09-28 19:19:27 - System: Setting NCP virtual adapter linkstatus=0,laststate=0.
2024-09-28 19:19:27 - ncpadapter: reset IP adapter properties
2024-09-28 19:19:27 - ncpadapter: reset ipv4 properties,ip4adr=0.0.0.0
2024-09-28 19:19:27 - ncpadapter: reset_ip4_properties, manual=0
2024-09-28 19:19:27 - System: DNSHandling=0
2024-09-28 19:19:27 - IPSec: Start building connection
2024-09-28 19:19:27 - IPSec: Connecting and Pin is not entered
What am I missing?
------------------------------
Lars Kristensson
------------------------------