Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ozuser
Explorer

Checkpoint 81.10.7191 VPN client randomally pops up when laptop offline

We have recently deployed Win 10 1803 with Checkpoint 81.10.7191 VPN client on Domain connected laptops into our office

The  VPN client has been packaged through SCCM.

When the user is not on the network the Checkpoint VPN client will keep popping up with the screen as per attached screenshot.

Is there a way to suppress this to only come up when actually trying to connect vi the VPN client on the end user machine? It becomes annoying when users are travelling and not in a WIFI or network environment.

Have checked all the settings available via the GUI interface but there doesn't seem to be. Have also tried stopping the application from starting up on logon / reboot but it still will eventually startup on the machine

Is there some sort of configurable file for the VPN client at all to suppress this?

Thanks in advance for any help..

 

0 Kudos
5 Replies
Wolfgang
Authority
Authority

Ozuser,

it looks like "always connect" is enabled. Everytime a process tries to access a resource of your VPN domain the VPN client tries to start a connection. You can disable these in the properties of the configured site in the VPN client.

Another way... disable this for all clients on the gateways

"global properties => RemoteAccess => EndPoint Connect=> connect mode"

Wolfgang

0 Kudos
Velocy
Participant

I know this is a quite late reply, but maybe it still helps you or others:
Apart from the obvious solution, which would be Always Connect like Wolfgang stated, there is also a "Bug" in the Checkpoint Watchdog which we had a ticket about with Checkpoint quite some years back. Since then this Bug is reappearing from time to time. Hope the explanation is understandable:
One of the Watchdogs tasks is, to care that TRGUI.exe is started in the user's context if a user logs on. Eventually, this causes issues if you have a second logon on your computer, in my case, 2 prominent scenarios are:
- I work on my computer with my normal, non admin Account, lets say "user1". If I perform administrative tasks, like opening Active Directory Console on my Computer, I do that by Run As different User / Run As Administrator and use my Admin Account instead, let's say Admin1. Now the mmc.exe runs ad Admin1 while I am still normally logged on as User1. Watchdog now (from time to time) detects: Hey there is a new user logged on Admin1 and he does not have the TrGui.exe started for him, let's start it. Here's the issue, the TrGui.exe is now started a second time, which does not work... if TrGui.exe is started the first time, it's put to the tray icon and does nothing... if it starts a second time (same as if you select Checkpoint from the start menu), it launches the connect process, there you have your connect window.
- The same thing also happens with our software deployment system, which uses a domain user with client admin permissions, instead of the local system account to install software, as users have no admin permissions. Watchdog detects this secondary logon and the same thing happens as in the first scenario.

I could also imagine, this is the same if you for example have scheduled tasks running in the background with a different user, besides the system accounts...
This was quite some years back and I don't remember exactly, but I think this could be seen in the epwd.log in your Watchdogs Log Directory.

Nico

0 Kudos
archie
Participant

Is this bug resolved? Is there any Check Point Endpoint Client version, on which the issue not appears?

0 Kudos
G_W_Albrecht
Legend
Legend

So you did disable "Always Connect" in the client but it does not work ? If you use the newest recommended EPS client version E86.60, does this issue appear ?

CCSE CCTE CCSM SMB Specialist
0 Kudos
kovacsocsi
Participant

We have a similar issue. After we turned on the Secuer Domain Logon, the SCCM agent is somehow starts a TrGUI.exe befor the windows login. The result is, that the Checkpoint icon is missing from the systray, when the user didn't use the SDL.
It happens randomly, on random clients.

When it happens, sometimes there is an message from the Checkpoint (see attached)

What was the solution in your case? 
We are using the 87.10 client.
Thank you,

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events