This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
rampo
Explorer
‎2024-05-09 06:15 AM

Credentials are needed for a secondary tunnel connection

After upgrading to MacOS Sonoma 14.3.1, Endpoint Security VPN spits this error message when I try toestablising an RDP: "Credentials are needed for a secondary tunnel connection".

I've uninstalled the current version and installed E88.30 however the problems stays as is.

By the way, for the site, there were 2 different gateways (the one that is used to connect in first place, which is called FW, and MAESTRO). When I connect, I use FW and the connection is successfully established (this was the case all along), however when I try to connect to my PC using Microsoft Remote Desktop, I see the "Credentials are needed for a secondary tunnel connection" message and this time, "MAESTRO" is automatically selected for as Gateway. If I put my connection information, the connection is denied of course.

At this point, I am considering to install a fresh copy of MacOS Sonoma, which will be very painful 😞

Any help is appreciated.

 

Screenshot 2024-03-31 at 02.26.03.png

0 Kudos
7 Replies
PhoneBoy
Admin
Admin
‎2024-05-09 07:29 AM

I would try deleting and re-adding the site and see if that resolves the issue.
If it doesn't, I suggest a consult with the TAC: https://help.checkpoint.com 

the_rock
Legend
Legend
‎2024-05-09 07:36 AM

That was also my first thought what Phoneboy said...delete and re-create the tunnel, just to see if the client can "fetch" all the new info from the gateway side.

Andy

0 Kudos
rampo
Explorer
‎2024-05-09 11:01 AM
In response to the_rock

Tried removing and adding site however that didn't work.

Can someone explain how come I could connect to the remote network but cannot connect to my PC?

0 Kudos
PhoneBoy
Admin
Admin
‎2024-05-09 11:49 AM
In response to rampo

To read about Secondary Connect: https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_RemoteAccessVPN_AdminGuide/C... 

The VPN client believes your PC is reachable behind the MAESTRO gateway.
As such, the client attempts to establish another VPN tunnel to that gateway.
If the gateway is not configured correctly to allow this, the authentication fails.

Which means either Secondary Connect needs to be disabled or the configuration of the MAESTRO needs to be corrected.
Neither of these things can be affected from the client side.

0 Kudos
rampo
Explorer
‎2024-05-09 12:08 PM
In response to PhoneBoy

Thank you Admin.

I appreciate your explanation.

Now, all I need to do is convince the admin team that they actually need to take action to fix this 🙂

0 Kudos
the_rock
Legend
Legend
‎2024-05-09 12:15 PM
In response to PhoneBoy

Ironically enough, I never remember being able to find option from that link by default on any fw version before, not sure if thats intended behavior...:)

0 Kudos
PhoneBoy
Admin
Admin
‎2024-05-09 12:37 PM
In response to the_rock

It might be on by default, but there is still some configuration required for it to work correctly 🙂

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events