Juniper Networks Mist Access Assurance

Awọn pato

• Orukọ ọja: Mist Access Assurance Client Onboarding – NAC Portal
• Ẹya: 1.0
• Olutaja: Juniper

ọja Alaye
The Mist Access Assurance Client Onboarding – NAC Portal is a solution provided by Juniper for secure client-driven self-provisioning within organizations. It includes features such as PSK Portal, MPSK, BYOD support, PSK Admin, NAC Portal, EAP-TLS, Marvis Client for various platforms (iOS/iPadOS/Android), and more.

Awọn ilana Lilo

NAC Portal Configuration
To configure the NAC Portal for client onboarding, follow these steps:

1. Navigate to Organization > Certificates and set up Onboard CA Configuration (Active).
2. Configure the Onboard Certificate Authority under Onboard CA Configuration.
3. Add the NAC Onboarding Portal under NAC settings.
4. Set up Portal Settings, including Name, Portal Type, and NAC Portal URL.
5. Configure Portal Authorization settings like SSO and SAML.

Ilana lori wiwọ
Follow these steps for the onboarding process:

1. Download and install the Marvis Client App if not already installed.
2. Proceed with SCEP for Wi-Fi profile and client certificate setup.

Isakoso ijẹrisi
For managing certificates, navigate to Organization > Certificates, where you can view, revoke, or manage internal certificates.

Mist Access Assurance Client Onboarding – NAC Portal

Ẹya 1.0

© 2025 Juniper Networks

Juniper Business Lo Nikan

1

Client Onboarding – NAC Portal

20259 Mist Cloud https://www.juniper.net /documentation /us /en /software /mist /product-updates /latest.html

Mist Documentation
Juniper Mist Access Assurance Guide

Owusu https://www.juniper.net/jp/ja/local/solution-technical-information/mist.html

© 2025 Juniper Networks

Juniper Business Lo Nikan

2

© 2025 Juniper Networks

Juniper Business Lo Nikan

3

itan

Ẹya
Ver 1.0

20259

© 2025 Juniper Networks

Juniper Business Lo Nikan

4

© 2025 Juniper Networks

Onibara Onboarding
5 Juniper Business Lo Nikan

Onibara Onboarding
Client-driven self provisioning

NAC Portal

PSK Portal
MPSK

BYOD
· PSK Portal · SSO(SAML) (password + MFA etc..) · QR SSID/passphrase passphrase email (Optional) · MPSK SSID

PSK Admin

NAC Portal
EAP-TLS

· PSK Portal · SSO(SAML) (password + MFA etc..) · SSID/passphrase passphrase email · MPSK SSID
Marvis Client
Marvis Client Marvis Client(iOS/iPadOS/Android)
· NAC Portal · SSO(SAML) (password + MFA etc..) · Marvis Client & profile/certificate · WPA3/WPA2 802.1X(Mist Auth) SSID

NOTE: Marvis Client Client Onboarding 20259()

© 2025 Juniper Networks

Juniper Business Lo Nikan

6

© 2025 Juniper Networks

NAC Portal
NOTE: 20259()
7 Juniper Business Lo Nikan

NAC Portal
Organization > Certificates
[Organization] [Certificates]

Onboard CA Configuration (Active)

© 2025 Juniper Networks

Juniper Business Lo Nikan

8

NAC Portal
Onboard Certificate Authority

Onboard CA Configuration ()

[ ] [Onboard CA Configuration] [Onboard Certificate Authority] [Active] [OK]

Ita/Inu

© 2025 Juniper Networks

Juniper Business Lo Nikan

9

NAC Portal
NAC
[Organization] [Client Onboarding] [NAC] [Add NAC Onboarding Portal]

© 2025 Juniper Networks

Juniper Business Lo Nikan

10

NAC Portal
Name / Portal Settings [Name] [Portal Type] [Marvis Client] [Create] NAC Portal URL URL
NAC Portal URL

© 2025 Juniper Networks

Juniper Business Lo Nikan

11

NAC Portal
Portal Authorization
[Portal Authorization] SSO
· [ URL] [SSO URL] · [Microsoft Entra ][Issuer]

© 2025 Juniper Networks

Juniper Business Lo Nikan

Entra ID Mist 1
Entra Name ID Format
URL
12

NAC Portal
Portal Authorization
[Portal Authorization] SSO
· (Base64) [][Certificate] · [] [SAML ][] SAML

Entra ID Mist 2

© 2025 Juniper Networks

Juniper Business Lo Nikan

13

NAC Portal
Portal Authorization
[Portal SSO URL] Entra ID [] [ URL]

Mist Entra ID

© 2025 Juniper Networks

Portal SSO URL
14 Juniper Business Lo Nikan

NAC Portal
Onboarding Parameters
[Onboarding Parameters] [Save]

WLAN Template

Awọn paramita
SSID
Security Type Client Certificate Format Certificate expires in X days

Apejuwe
WLAN Template SSID ­ WPA2/WPA3 > Enterprise(802.1X) ­ Authentication Server: Mist Auth WPA2/WPA3
(: 365)

© 2025 Juniper Networks

Juniper Business Lo Nikan

15

NAC Portal
Organization > Auth Policies

Auth Policy

[Organization] [Auth Polices] [Add Rule] Auth Policy

© 2025 Juniper Networks

Juniper Business Lo Nikan

16

NAC Portal
Ilana lori wiwọ

[NAC Portal URL] [NAC Portal URL] Client Onboarding() SSO

IdP(Entra ID etc)

NAC Portal URL

URL

Portal SSO URL

SSO(SAML)

© 2025 Juniper Networks

+ MFA()
Juniper Business Lo Nikan

Ṣe igbasilẹ ati Fi ohun elo naa sori ẹrọ
Marvis Client
Already have the app?

17

NAC Portal
Ilana lori wiwọ

SCEP

Marvis Client ()Wi-Fi

Marvis Client

Wi-Fi Profile

Iwe-ẹri Onibara

© 2025 Juniper Networks

Wi-Fi
Juniper Business Lo Nikan

18

NAC Portal
Organization > Certificates
[Organization] [Certificates] [Internal]

© 2025 Juniper Networks

NAC Portal
19 Juniper Business Lo Nikan

NAC Portal
Organization > Certificates > Revoke Certificate

[Revoke Certificate]

© 2025 Juniper Networks

Juniper Business Lo Nikan

20

© 2025 Juniper Networks

Appendix Entra ID SAML SSO
21 Juniper Business Lo Nikan

Entra ID SAML SSO
Entra ID > > Entra ID [] []

© 2025 Juniper Networks

Juniper Business Lo Nikan

22

Entra ID SAML SSO

Mist Cloud Admin SSO

[] [] [] []

© 2025 Juniper Networks

Juniper Business Lo Nikan

23

Entra ID SAML SSO
[]

© 2025 Juniper Networks

Juniper Business Lo Nikan

24

Entra ID SAML SSO
SAML [SAML]

© 2025 Juniper Networks

Juniper Business Lo Nikan

25

Entra ID SAML SSO

SAML

Entra ID

SAML

Portal SSO URL
( ID) URL

Microsoft Entra Issuer
SAML
(Base64) Certificate
URL SSO URL

© 2025 Juniper Networks

Juniper Business Lo Nikan

owusu
26

© 2025 Juniper Networks

Juniper Business Lo Nikan

27

Awọn iwe aṣẹ / Awọn orisun

Juniper Networks Mist Access Assurance [pdf] Itọsọna olumulo Mist Access Assurance, Access Assurance, Assuranc

Awọn itọkasi

• Itọsọna olumulo