diff --git a/auth-dialog/main.c b/auth-dialog/main.c
index 7e28db2..d53befc 100644
--- a/auth-dialog/main.c
+++ b/auth-dialog/main.c
@@ -937,6 +937,7 @@ static int get_config (GHashTable *options, GHashTable *secrets,
 	char *hostname;
 	char *group;
 	char *csd;
+	char *juniper;
 	char *sslkey, *cert;
 	char *csd_wrapper;
 	char *pem_passphrase_fsid;
@@ -1000,6 +1001,11 @@ static int get_config (GHashTable *options, GHashTable *secrets,
 		openconnect_setup_csd(vpninfo, getuid(), 1, OC3DUP (csd_wrapper));
 	}
 
+    juniper = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_JUNIPER_MODE);
+	if (juniper && strcmp(juniper, "yes") == 0) {
+        openconnect_set_protocol(vpninfo, "nc");
+	}
+
 	proxy = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_PROXY);
 	if (proxy && proxy[0] && openconnect_set_http_proxy(vpninfo, OC3DUP (proxy)))
 		return -EINVAL;
diff --git a/properties/nm-openconnect-dialog.ui b/properties/nm-openconnect-dialog.ui
index 4643b73..1a6baa5 100644
--- a/properties/nm-openconnect-dialog.ui
+++ b/properties/nm-openconnect-dialog.ui
@@ -263,6 +263,26 @@
               </packing>
             </child>
             <child>
+              <object class="GtkCheckButton" id="juniper_button">
+                <property name="border_width">2</property>
+                <property name="visible">True</property>
+                <property name="can_focus">True</property>
+                <property name="label" translatable="yes">Connect to
+                    _Juniper gateway</property>
+                <property name="use_underline">True</property>
+                <property name="relief">GTK_RELIEF_NORMAL</property>
+                <property name="focus_on_click">True</property>
+                <property name="active">False</property>
+                <property name="inconsistent">False</property>
+                <property name="draw_indicator">True</property>
+              </object>
+              <packing>
+                <property name="padding">0</property>
+                <property name="expand">False</property>
+                <property name="fill">False</property>
+              </packing>
+            </child>
+            <child>
               <object class="GtkAlignment" id="alignment14">
                 <property name="visible">True</property>
                 <property name="xalign">0.5</property>
diff --git a/properties/nm-openconnect.c b/properties/nm-openconnect.c
index ec1a3e8..d4151ee 100644
--- a/properties/nm-openconnect.c
+++ b/properties/nm-openconnect.c
@@ -552,6 +552,16 @@ init_editor_plugin (OpenconnectEditor *self, NMConnection *connection, GError **
 	}
 	g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (stuff_changed_cb), self);
 
+	widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "juniper_button"));
+	if (!widget)
+		return FALSE;
+	if (s_vpn) {
+		value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_JUNIPER_MODE);
+		if (value && !strcmp(value, "yes"))
+			gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON (widget), TRUE);
+	}
+	g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (stuff_changed_cb), self);
+
 	widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "csd_wrapper_entry"));
 	if (!widget)
 		return FALSE;
@@ -613,6 +623,10 @@ update_connection (NMVpnEditor *iface,
 	str = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON (widget))?"yes":"no";
 	nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_PEM_PASSPHRASE_FSID, str);
 
+	widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "juniper_button"));
+	str = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON (widget))?"yes":"no";
+	nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_JUNIPER_MODE, str);
+
 	widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "csd_button"));
 	str = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON (widget))?"yes":"no";
 	nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_CSD_ENABLE, str);
diff --git a/src/nm-openconnect-service-defines.h b/src/nm-openconnect-service-defines.h
index 8bc2626..6972e29 100644
--- a/src/nm-openconnect-service-defines.h
+++ b/src/nm-openconnect-service-defines.h
@@ -45,5 +45,6 @@
 #define NM_OPENCONNECT_KEY_CSD_WRAPPER "csd_wrapper"
 #define NM_OPENCONNECT_KEY_TOKEN_MODE "stoken_source"
 #define NM_OPENCONNECT_KEY_TOKEN_SECRET "stoken_string"
+#define NM_OPENCONNECT_KEY_JUNIPER_MODE "juniper_mode"
 
 #endif /* NM_OPENCONNECT_SERVICE_DEFINES_H */
diff --git a/src/nm-openconnect-service-openconnect-helper.c b/src/nm-openconnect-service-openconnect-helper.c
index 11da4f3..71e7bb6 100644
--- a/src/nm-openconnect-service-openconnect-helper.c
+++ b/src/nm-openconnect-service-openconnect-helper.c
@@ -216,14 +216,14 @@ addr6_list_to_gvariant (const char *str)
 }
 
 static GVariant *
-split_dns_list_to_gvariant (const char *str)
+split_dns_list_to_gvariant (const char *str, const char *sep)
 {
 	gchar **split;
 
 	if (!str || strlen (str) < 1)
 		return NULL;
 
-	split = g_strsplit (str, ",", -1);
+	split = g_strsplit (str, sep, -1);
 	if (g_strv_length (split) == 0)
 		return NULL;
 
@@ -382,6 +382,7 @@ get_ip6_routes (void)
  * INTERNAL_IP4_DNS       -- list of dns serverss
  * INTERNAL_IP4_NBNS      -- list of wins servers
  * CISCO_DEF_DOMAIN       -- default domain name
+ * CISCO_SPLIT_DNS        -- default domain name
  * CISCO_BANNER           -- banner from server
  *
  */
@@ -450,11 +451,6 @@ main (int argc, char *argv[])
 	if (val)
 		g_variant_builder_add (&builder, "{sv}", NM_VPN_PLUGIN_CONFIG_BANNER, val);
 
-	/* Default domain */
-	val = str_to_gvariant (getenv ("CISCO_DEF_DOMAIN"), TRUE);
-	if (val)
-		g_variant_builder_add (&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_DOMAIN, val);
-
 	/* MTU  */
 	tmp = getenv ("INTERNAL_IP4_MTU");
 	if (tmp && strlen (tmp)) {
@@ -501,10 +497,27 @@ main (int argc, char *argv[])
 	if (val)
 		g_variant_builder_add (&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_NBNS, val);
 
-	/* Split DNS domains */
-	val = split_dns_list_to_gvariant (getenv ("CISCO_SPLIT_DNS"));
-	if (val)
-		g_variant_builder_add (&builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_DOMAINS, val);
+	/* We have two environment variables with domains --
+	   CISCO_SPLIT_DNS and CISCO_DEF_DOMAIN. On Cisco,
+	   CISCO_DEF_DOMAIN can only be a single domain, while
+	   CISCO_SPLIT_DNS can have multiple domains separated by
+	   comma. On Juniper, CISCO_SPLIT_DNS is not supported but
+	   CISCO_DEF_DOMAIN can have multiple domains separated by ", ".
+	   
+	   The upshot of all this is we use CISCO_SPLIT_DNS if available,
+	   CISCO_DEF_DOMAIN if not. */
+
+	val = split_dns_list_to_gvariant (getenv ("CISCO_SPLIT_DNS"), ",");
+	if (val) {
+		g_variant_builder_add (&ip4builder, "{sv}",
+				       NM_VPN_PLUGIN_IP4_CONFIG_DOMAINS, val);
+	} else {
+		val = split_dns_list_to_gvariant (getenv ("CISCO_DEF_DOMAIN"), ", ");
+		if (val) {
+			g_variant_builder_add (&ip4builder, "{sv}",
+					       NM_VPN_PLUGIN_IP4_CONFIG_DOMAINS, val);
+		}
+	}
 
 	/* Routes */
 	val = get_ip4_routes ();
diff --git a/src/nm-openconnect-service.c b/src/nm-openconnect-service.c
index 9cc1d75..eaea041 100644
--- a/src/nm-openconnect-service.c
+++ b/src/nm-openconnect-service.c
@@ -92,6 +92,7 @@ static ValidProperty valid_properties[] = {
 	{ NM_OPENCONNECT_KEY_CSD_WRAPPER, G_TYPE_STRING, 0, 0 },
 	{ NM_OPENCONNECT_KEY_TOKEN_MODE,  G_TYPE_STRING, 0, 0 },
 	{ NM_OPENCONNECT_KEY_TOKEN_SECRET, G_TYPE_STRING, 0, 0 },
+	{ NM_OPENCONNECT_KEY_JUNIPER_MODE, G_TYPE_BOOLEAN, 0, 0 },
 	{ NULL,                           G_TYPE_NONE, 0, 0 }
 };
 
@@ -363,7 +364,8 @@ nm_openconnect_start_openconnect_binary (NMOpenconnectPlugin *plugin,
 	GPtrArray *openconnect_argv;
 	GSource *openconnect_watch;
 	gint	stdin_fd;
-	const char *props_vpn_gw, *props_cookie, *props_cacert, *props_mtu, *props_gwcert, *props_proxy;
+	const char *props_vpn_gw, *props_cookie, *props_cacert, *props_mtu,
+		*props_gwcert, *props_proxy, *props_juniper_mode;
 	
 	/* Find openconnect */
 	openconnect_binary = openconnect_binary_paths;
@@ -405,11 +407,17 @@ nm_openconnect_start_openconnect_binary (NMOpenconnectPlugin *plugin,
 	}
 	props_gwcert = nm_setting_vpn_get_secret (s_vpn, NM_OPENCONNECT_KEY_GWCERT);
 
-	props_cacert = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_CACERT);
+	props_cacert =
+		nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_CACERT);
+
 	props_mtu = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_MTU);
 
-	props_proxy = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_PROXY);
+	props_proxy =
+		nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_PROXY);
 
+	props_juniper_mode =
+		nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_JUNIPER_MODE);
+	
 	openconnect_argv = g_ptr_array_new ();
 	g_ptr_array_add (openconnect_argv, (gpointer) (*openconnect_binary));
 
@@ -443,6 +451,10 @@ nm_openconnect_start_openconnect_binary (NMOpenconnectPlugin *plugin,
 		g_ptr_array_add (openconnect_argv, (gpointer) priv->tun_name);
 	}
 
+	if (g_strcmp0 (props_juniper_mode, "yes")) {
+		g_ptr_array_add (openconnect_argv, (gpointer) "--juniper");
+	}
+	
 	g_ptr_array_add (openconnect_argv, (gpointer) props_vpn_gw);
 
 	if (debug)