This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
rsingh-a2n
Participant
‎2023-07-14 10:48 AM

Infinity Portal Delete/Create VPN Site Failing - Trying to Delete with trac.exe

Hi All,

 

We're going to be changing our trac_client_1.ttm file on the Gateways as per SK103440

For the change to take affect for clients we'll have to delete & recreate the VPN site.

 

We attempted to do this via push operations from the Infinity Portal for Windows 10/11 x64 endpoints with Harmony Mobile 86.80 and 86.60 but the push operation wasn't really stable or reliable we found (We've asked TAC about it and are waiting to see what they can determine from client logs). We've also verified that the way we formulated the push operations was correct and it *sometimes* worked on test and prod endpoints but not reliably enough for us to comfortably use.

 

As an alternative we're trying to write a simple batch script to use trac.exe to disconnect, delete, and recreate the site  but it doesn't appear to  want to delete the site consistently either.

Script lines are as follows:

>cd "C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Connect\"

>trac.exe disconnect -g "FW Cluster Name"

>trac.exe delete -s "Sitename"

>trac.exe create -s "Sitename" -di "SiteDisplayName" -lo "Standard"

 

This fails on deleting the sitename with message "Connection could not be deleted". Does anyone know what could be causing this?

 

Thanks,

Rahul 

 

2 Replies
rsingh-a2n
Participant
‎2023-07-14 01:11 PM

Adding on to this.

 

This worked with the standalone VPN client.

We tried disabling Compliance blades and Threat prev blades but this didn't have any affect, users can manually delete & recreate sites without issue.

 

Rahul

0 Kudos
the_rock
Legend
Legend
‎2023-07-14 01:41 PM

To add to what Rahul stated, considering that all works fine on barebone VPN client (no EDR capabilities), but not on old SBA (new harmony endpoint), to me at least, it would logically indicate its either a blade or certain file (or line in it) causing this to fail.

As @rsingh-a2n mentioned, we turned off compliance and TE blades, but no luck.

Im not 100% sure what TAC provided, but that did not work either.

Cheers,

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events