Linux Checkpoint SNX tool configuration issues
up vote
2
down vote
favorite
I tried a solution mentioned in the question: getting Checkpoint VPN SSL Network Extender working in command line (the accepted answer), but for some reason I'm getting an authentication failed error.
I can access through the web browser to the Checkpoint portal with the credentials I have, but not with the snx tool.
What I've done:
- installed the Root CA certificates of the VPN;
- installed the snx_install.sh on my machine with success;
- also installed the python tools you recomended but I think I didn't need them.
What I have:
- My system is Linux Mint 19 (based on Ubuntu 18);
- I've Check Point's Linux SNX build 800007097.
What I tried:
running the snx tool both with arguments and with config file (.snxrc) and both gave the error:
SNX: Authentication failed
My.snxrc file has this (user and server are illustrative ):
server MYVPNSERVER
username MYUSER
reauth yes
Important note: is not the user and password since I can do connect using a Windows 10 VM with checkpoint software.
debian vpn checkpoint
edited Oct 28 at 8:15
Rui F Ribeiro
38.2k1475123
asked Oct 25 at 9:27
ricardogaspar2
133
add a comment |
up vote
2
down vote
favorite
I tried a solution mentioned in the question: getting Checkpoint VPN SSL Network Extender working in command line (the accepted answer), but for some reason I'm getting an authentication failed error.
I can access through the web browser to the Checkpoint portal with the credentials I have, but not with the snx tool.
What I've done:
- installed the Root CA certificates of the VPN;
- installed the snx_install.sh on my machine with success;
- also installed the python tools you recomended but I think I didn't need them.
What I have:
- My system is Linux Mint 19 (based on Ubuntu 18);
- I've Check Point's Linux SNX build 800007097.
What I tried:
running the snx tool both with arguments and with config file (.snxrc) and both gave the error:
SNX: Authentication failed
My.snxrc file has this (user and server are illustrative ):
server MYVPNSERVER
username MYUSER
reauth yes
Important note: is not the user and password since I can do connect using a Windows 10 VM with checkpoint software.
debian vpn checkpoint
edited Oct 28 at 8:15
Rui F Ribeiro
38.2k1475123
asked Oct 25 at 9:27
ricardogaspar2
133
add a comment |
up vote
2
down vote
favorite
up vote
2
down vote
favorite
I tried a solution mentioned in the question: getting Checkpoint VPN SSL Network Extender working in command line (the accepted answer), but for some reason I'm getting an authentication failed error.
I can access through the web browser to the Checkpoint portal with the credentials I have, but not with the snx tool.
What I've done:
- installed the Root CA certificates of the VPN;
- installed the snx_install.sh on my machine with success;
- also installed the python tools you recomended but I think I didn't need them.
What I have:
- My system is Linux Mint 19 (based on Ubuntu 18);
- I've Check Point's Linux SNX build 800007097.
What I tried:
running the snx tool both with arguments and with config file (.snxrc) and both gave the error:
SNX: Authentication failed
My.snxrc file has this (user and server are illustrative ):
server MYVPNSERVER
username MYUSER
reauth yes
Important note: is not the user and password since I can do connect using a Windows 10 VM with checkpoint software.
debian vpn checkpoint
edited Oct 28 at 8:15
Rui F Ribeiro
38.2k1475123
asked Oct 25 at 9:27
ricardogaspar2
133
I tried a solution mentioned in the question: getting Checkpoint VPN SSL Network Extender working in command line (the accepted answer), but for some reason I'm getting an authentication failed error.
I can access through the web browser to the Checkpoint portal with the credentials I have, but not with the snx tool.
What I've done:
- installed the Root CA certificates of the VPN;
- installed the snx_install.sh on my machine with success;
- also installed the python tools you recomended but I think I didn't need them.
What I have:
- My system is Linux Mint 19 (based on Ubuntu 18);
- I've Check Point's Linux SNX build 800007097.
What I tried:
running the snx tool both with arguments and with config file (.snxrc) and both gave the error:
SNX: Authentication failed
My.snxrc file has this (user and server are illustrative ):
server MYVPNSERVER
username MYUSER
reauth yes
Important note: is not the user and password since I can do connect using a Windows 10 VM with checkpoint software.
debian vpn checkpoint
debian vpn checkpoint
edited Oct 28 at 8:15
Rui F Ribeiro
38.2k1475123
asked Oct 25 at 9:27
ricardogaspar2
133
edited Oct 28 at 8:15
Rui F Ribeiro
38.2k1475123
asked Oct 25 at 9:27
ricardogaspar2
133
edited Oct 28 at 8:15
Rui F Ribeiro
38.2k1475123
edited Oct 28 at 8:15
Rui F Ribeiro
38.2k1475123
edited Oct 28 at 8:15
Rui F Ribeiro
38.2k1475123
38.2k1475123
asked Oct 25 at 9:27
ricardogaspar2
133
asked Oct 25 at 9:27
ricardogaspar2
133
asked Oct 25 at 9:27
ricardogaspar2
133
133
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
1
down vote
accepted
Checkpoint has discontinued (official) support for their snx client, on the Linux command line, a couple of years ago.
Use of snx has not been supported from the command line after version 800007075 (from 2012) ; newer versions only work officially when invoked from a Java Applet, supplied when browsing the Checkpoint appliance.
Per my post, that you are linking to in your question, 800007075 is the last one having the routines for doing the VPN full setup/configuration in Linux/Debian derivates from the command line. Maybe my fault, in that I am not entirely clear on that.
So, the snx version 800007097 you are using, won't work, when trying to connect to the VPN from the command line.
Newer versions might work, with snxconnect to complement the missing routines in the newer snx versions (hence the python tools), however the reverse engineering of the missing snx functionalities still presents some peculiarities. So, I recommend using the older version, that does not need the python tools.
I have been using snx version 800007075 for months now, with Debian Stretch, and it has been working pretty well.
TLDR
The 800007075 works without the snxconnect python instructions. The newer/your version needs the python hack/tools.
For using the CheckPoint snx program in the command line, without the python tools, you do not download the snx client that comes with your firewall appliance.
You have got to download the old 800007075 version, separately form Oporto Ciencias University, here https://www.fc.up.pt/ci/servicos/acesso/vpn/software/CheckPointVPN_SNX_Linux_800007075.sh ; then follow the link to my answer you have in the question, for setting it up with more modern version of Debian derivates.
PS. A workmate using the version of Ubuntu your Mint is based, followed my instructions last week using the snx version 800007075, and has been working fine. (as mentioned, I am using it myself in AntiX/Debian Stretch)
PPS. Taken from the Arch Linux AUR repositories scripts Package Details: snx-800007075 800007075-1, you can also get the 800007075 Checkpoint VPN client at https://starkers.keybase.pub/snx_install_linux30.sh?dl=1
answered Oct 25 at 10:15
Rui F Ribeiro
38.2k1475123
1
It worked like a charm. Thanks a lot! :)
– ricardogaspar2
Oct 25 at 17:25
Good to know, congrats. As it is in Linux, also doing other tricks with it, not as much constrained as in Windows ;)
– Rui F Ribeiro
Oct 25 at 17:26
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
accepted
Checkpoint has discontinued (official) support for their snx client, on the Linux command line, a couple of years ago.
Use of snx has not been supported from the command line after version 800007075 (from 2012) ; newer versions only work officially when invoked from a Java Applet, supplied when browsing the Checkpoint appliance.
Per my post, that you are linking to in your question, 800007075 is the last one having the routines for doing the VPN full setup/configuration in Linux/Debian derivates from the command line. Maybe my fault, in that I am not entirely clear on that.
So, the snx version 800007097 you are using, won't work, when trying to connect to the VPN from the command line.
Newer versions might work, with snxconnect to complement the missing routines in the newer snx versions (hence the python tools), however the reverse engineering of the missing snx functionalities still presents some peculiarities. So, I recommend using the older version, that does not need the python tools.
I have been using snx version 800007075 for months now, with Debian Stretch, and it has been working pretty well.
TLDR
The 800007075 works without the snxconnect python instructions. The newer/your version needs the python hack/tools.
For using the CheckPoint snx program in the command line, without the python tools, you do not download the snx client that comes with your firewall appliance.
You have got to download the old 800007075 version, separately form Oporto Ciencias University, here https://www.fc.up.pt/ci/servicos/acesso/vpn/software/CheckPointVPN_SNX_Linux_800007075.sh ; then follow the link to my answer you have in the question, for setting it up with more modern version of Debian derivates.
PS. A workmate using the version of Ubuntu your Mint is based, followed my instructions last week using the snx version 800007075, and has been working fine. (as mentioned, I am using it myself in AntiX/Debian Stretch)
PPS. Taken from the Arch Linux AUR repositories scripts Package Details: snx-800007075 800007075-1, you can also get the 800007075 Checkpoint VPN client at https://starkers.keybase.pub/snx_install_linux30.sh?dl=1
answered Oct 25 at 10:15
Rui F Ribeiro
38.2k1475123
1
It worked like a charm. Thanks a lot! :)
– ricardogaspar2
Oct 25 at 17:25
Good to know, congrats. As it is in Linux, also doing other tricks with it, not as much constrained as in Windows ;)
– Rui F Ribeiro
Oct 25 at 17:26
add a comment |
up vote
1
down vote
accepted
Checkpoint has discontinued (official) support for their snx client, on the Linux command line, a couple of years ago.
Use of snx has not been supported from the command line after version 800007075 (from 2012) ; newer versions only work officially when invoked from a Java Applet, supplied when browsing the Checkpoint appliance.
Per my post, that you are linking to in your question, 800007075 is the last one having the routines for doing the VPN full setup/configuration in Linux/Debian derivates from the command line. Maybe my fault, in that I am not entirely clear on that.
So, the snx version 800007097 you are using, won't work, when trying to connect to the VPN from the command line.
Newer versions might work, with snxconnect to complement the missing routines in the newer snx versions (hence the python tools), however the reverse engineering of the missing snx functionalities still presents some peculiarities. So, I recommend using the older version, that does not need the python tools.
I have been using snx version 800007075 for months now, with Debian Stretch, and it has been working pretty well.
TLDR
The 800007075 works without the snxconnect python instructions. The newer/your version needs the python hack/tools.
For using the CheckPoint snx program in the command line, without the python tools, you do not download the snx client that comes with your firewall appliance.
You have got to download the old 800007075 version, separately form Oporto Ciencias University, here https://www.fc.up.pt/ci/servicos/acesso/vpn/software/CheckPointVPN_SNX_Linux_800007075.sh ; then follow the link to my answer you have in the question, for setting it up with more modern version of Debian derivates.
PS. A workmate using the version of Ubuntu your Mint is based, followed my instructions last week using the snx version 800007075, and has been working fine. (as mentioned, I am using it myself in AntiX/Debian Stretch)
PPS. Taken from the Arch Linux AUR repositories scripts Package Details: snx-800007075 800007075-1, you can also get the 800007075 Checkpoint VPN client at https://starkers.keybase.pub/snx_install_linux30.sh?dl=1
answered Oct 25 at 10:15
Rui F Ribeiro
38.2k1475123
1
It worked like a charm. Thanks a lot! :)
– ricardogaspar2
Oct 25 at 17:25
Good to know, congrats. As it is in Linux, also doing other tricks with it, not as much constrained as in Windows ;)
– Rui F Ribeiro
Oct 25 at 17:26
add a comment |
up vote
1
down vote
accepted
up vote
1
down vote
accepted
Checkpoint has discontinued (official) support for their snx client, on the Linux command line, a couple of years ago.
Use of snx has not been supported from the command line after version 800007075 (from 2012) ; newer versions only work officially when invoked from a Java Applet, supplied when browsing the Checkpoint appliance.
Per my post, that you are linking to in your question, 800007075 is the last one having the routines for doing the VPN full setup/configuration in Linux/Debian derivates from the command line. Maybe my fault, in that I am not entirely clear on that.
So, the snx version 800007097 you are using, won't work, when trying to connect to the VPN from the command line.
Newer versions might work, with snxconnect to complement the missing routines in the newer snx versions (hence the python tools), however the reverse engineering of the missing snx functionalities still presents some peculiarities. So, I recommend using the older version, that does not need the python tools.
I have been using snx version 800007075 for months now, with Debian Stretch, and it has been working pretty well.
TLDR
The 800007075 works without the snxconnect python instructions. The newer/your version needs the python hack/tools.
For using the CheckPoint snx program in the command line, without the python tools, you do not download the snx client that comes with your firewall appliance.
You have got to download the old 800007075 version, separately form Oporto Ciencias University, here https://www.fc.up.pt/ci/servicos/acesso/vpn/software/CheckPointVPN_SNX_Linux_800007075.sh ; then follow the link to my answer you have in the question, for setting it up with more modern version of Debian derivates.
PS. A workmate using the version of Ubuntu your Mint is based, followed my instructions last week using the snx version 800007075, and has been working fine. (as mentioned, I am using it myself in AntiX/Debian Stretch)
PPS. Taken from the Arch Linux AUR repositories scripts Package Details: snx-800007075 800007075-1, you can also get the 800007075 Checkpoint VPN client at https://starkers.keybase.pub/snx_install_linux30.sh?dl=1
answered Oct 25 at 10:15
Rui F Ribeiro
38.2k1475123
Checkpoint has discontinued (official) support for their snx client, on the Linux command line, a couple of years ago.
Use of snx has not been supported from the command line after version 800007075 (from 2012) ; newer versions only work officially when invoked from a Java Applet, supplied when browsing the Checkpoint appliance.
Per my post, that you are linking to in your question, 800007075 is the last one having the routines for doing the VPN full setup/configuration in Linux/Debian derivates from the command line. Maybe my fault, in that I am not entirely clear on that.
So, the snx version 800007097 you are using, won't work, when trying to connect to the VPN from the command line.
Newer versions might work, with snxconnect to complement the missing routines in the newer snx versions (hence the python tools), however the reverse engineering of the missing snx functionalities still presents some peculiarities. So, I recommend using the older version, that does not need the python tools.
I have been using snx version 800007075 for months now, with Debian Stretch, and it has been working pretty well.
TLDR
The 800007075 works without the snxconnect python instructions. The newer/your version needs the python hack/tools.
For using the CheckPoint snx program in the command line, without the python tools, you do not download the snx client that comes with your firewall appliance.
You have got to download the old 800007075 version, separately form Oporto Ciencias University, here https://www.fc.up.pt/ci/servicos/acesso/vpn/software/CheckPointVPN_SNX_Linux_800007075.sh ; then follow the link to my answer you have in the question, for setting it up with more modern version of Debian derivates.
PS. A workmate using the version of Ubuntu your Mint is based, followed my instructions last week using the snx version 800007075, and has been working fine. (as mentioned, I am using it myself in AntiX/Debian Stretch)
PPS. Taken from the Arch Linux AUR repositories scripts Package Details: snx-800007075 800007075-1, you can also get the 800007075 Checkpoint VPN client at https://starkers.keybase.pub/snx_install_linux30.sh?dl=1
answered Oct 25 at 10:15
Rui F Ribeiro
38.2k1475123
edited 2 days ago
answered Oct 25 at 10:15
Rui F Ribeiro
38.2k1475123
answered Oct 25 at 10:15
Rui F Ribeiro
38.2k1475123
answered Oct 25 at 10:15
Rui F Ribeiro
38.2k1475123
38.2k1475123
1
It worked like a charm. Thanks a lot! :)
– ricardogaspar2
Oct 25 at 17:25
Good to know, congrats. As it is in Linux, also doing other tricks with it, not as much constrained as in Windows ;)
– Rui F Ribeiro
Oct 25 at 17:26
add a comment |
1
It worked like a charm. Thanks a lot! :)
– ricardogaspar2
Oct 25 at 17:25
Good to know, congrats. As it is in Linux, also doing other tricks with it, not as much constrained as in Windows ;)
– Rui F Ribeiro
Oct 25 at 17:26
1
1
It worked like a charm. Thanks a lot! :)
– ricardogaspar2
Oct 25 at 17:25
It worked like a charm. Thanks a lot! :)
– ricardogaspar2
Oct 25 at 17:25
Good to know, congrats. As it is in Linux, also doing other tricks with it, not as much constrained as in Windows ;)
– Rui F Ribeiro
Oct 25 at 17:26
Good to know, congrats. As it is in Linux, also doing other tricks with it, not as much constrained as in Windows ;)
– Rui F Ribeiro
Oct 25 at 17:26
add a comment |
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f477689%2flinux-checkpoint-snx-tool-configuration-issues%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
