I am a big supporter of all things Juniper, we run SRX's, EX's, MX's, SA's and MAG's
I have read a few posts on the forums about creating dial-up VPN's using native clients to establish tunnels to SRX devices serving as VPN Servers (Dynamic IPSec or otherwise) and appears that this is just not possible.
It seems that you would need to purchase a Cisco / Fortinet / Checkpoint etc. or just about any other non-juniper or cheap home router if you wanted achieve clientless / semi-clientless (i.e. not install pulse or ns-remote etc) client VPN tunnelling.
This does seem really crazy from juniper? No clientless SSL, IPsec or l2tp unless you purchase a SA/MAG?
This post is for me to make sure this is true before changing manufacturer, does anyone know if there is a way to create a working clientless VPN from windows or mac clients connecting to the SRX or is this just not possible?
I believe one issue preventing the SRX clientless tunnels required by windows is transport mode IPsec as per: https://support.microsoft.com/en-nz/kb/325158 possible on Cisco ASA not Juniper SRX
Secondly SRX's don’t support SSL VPN's as they would probably step on former SA/Mag series devices.
Hope this is not true!
Dawid