cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question
Jerry
Gold

Endpoint Security Client for macOS 10.14 (E80.71 fails)

hi chaps

quick one

1. does anyone have it already working or has some EA dmg's in hand of the "working client" on macOS 10.14?

2. my E80.71 does not hook up at all from macOS10.14 to the R80.10 infrastructure but it does authenticate somehow (via pks/p12) and afterwards client times-out with the message that the connection failed

3. is there any chance I could have "working macOS client" before the offiial release of 10.14 next week? my customer has only MAC's and they intend to use those with the MAB all the time (instead of SNX java/activeX aplet).

anyone helpful this time? Smiley Happy 

have a lovely day chaps!

Jerry

Jerry
10 Replies
Admin
Admin

Re: Endpoint Security Client for macOS 10.14 (E80.71 fails)

At least based on past experience, we don't release even an EA of the newer client until after the relevant MacOS version goes GA.

Haven't seen it internally either, but can ask around.

Also keep in mind that the Mac client requires an Endpoint Security license (last I checked), which means you may not be able to use it with just a MAB license.

0 Kudos
Jerry
Gold

Re: Endpoint Security Client for macOS 10.14 (E80.71 fails)

Thanks Dameon, much appreciate your reponse on that matter.

Although I must object how it was in the past I'm afraid.

ESC for  Mac used to work with MAB on R77.30 like a charm with no additional licenseing required so I'm surpised that with R80.10 it may require one.

Please double check and let me know if possible.

Thanks in advance

Jerry
0 Kudos
Admin
Admin

Re: Endpoint Security Client for macOS 10.14 (E80.71 fails)

We didnt make any licensing changes around this in R80.x for this, so if it worked in R77.30 it should be the same. 

Jerry
Gold

Re: Endpoint Security Client for macOS 10.14 (E80.71 fails)

just on a side note then,

have you ever experienced on 10.13 macOS with LittleSnith (obviously some of us knows that software)

that EPS 80.71 won't connect due to the LittleSnitch filtering?

I'm experiencing it myself ever since macOS 10.13 that E80.17 and LittleSnitch won't work together at all ... it hooks up with "trust" when you create a site, it loads while connecting but does not load topology and driver at the end and remains like this for 3 minutes (times-out at the end) ... look at below screens and tell me if I'm not alone Smiley Happy

  

am I alone with that problem folks?

ps. I do know it's been always and issue hooking up via SSL/ESP to the MAB but this worked perfectly fine till ... macOS 10.13 Smiley Sad ...

any idea ?

Jerry
0 Kudos

Re: Endpoint Security Client for macOS 10.14 (E80.71 fails)

Dear Jerry,

Same issue here, how did you solved this problem?

Hope to hear from you soon!

Jerry
Gold

Re: Endpoint Security Client for macOS 10.14 (E80.71 fails)

Hi Walid

I did not - EPS for macOS with little Snitch does not work. When I remove Little Snitch from any macOS platform that EPS Clients does not work either. Not sure whats wrong with those EPS Clients or macOS but since the end-of-era of OSX ...

macOS Clients did not work on my case with any MAB on CP platforms. no idea why Windows Clients works like a charm all the time Smiley Happy Hope R&D will address that "little inconvinience" sooner rather than later  

Jerry
0 Kudos
Admin
Admin

Re: Endpoint Security Client for macOS 10.14 (E80.71 fails)

There's a couple of different issues I see here:

1. EPS and Little Snitch: They're both firewalls, I can't see them working together.

2. EPS on Mac connecting to MAB: As far as I know, that's by design as the Mac client is a full Endpoint client from a licensing point of view. As such a MAB license is not sufficient to use EPS on Mac.

0 Kudos
Jerry
Gold

Re: Endpoint Security Client for macOS 10.14 (E80.71 fails)

ok mate so here is the thing though:

1. EPS for macOS as firewall (as of VPN Client)? I hear first time that none-FDE EPS is a firewall as such therefore it is obiovuls that if it IS a FW as you claim it will colide with another personall FW called Little Snitch - but why EPS Client on macOS you call "Firewall" Dameon?

2. MAB licensing is per-client and not per-type-of-a-client afaik. I don't understand your statement here I'm sorry Dameon. I do respect all you write and whereveryou do that but your stand point here doesn't make any sense to me? Any Endpoint (Win/Mac/iOS) can utilize MAB Licenses on R80x - am I wrong LICENSING TEAM?

Please confirm as it gets more and more confusing just now Smiley Happy

Thanks in adavnce

Jerry

Jerry
0 Kudos
Admin
Admin

Re: Endpoint Security Client for macOS 10.14 (E80.71 fails)

There are basically four types of VPN clients:

  • SecuRemote (Windows only) which is a limited functionality VPN client -- L2TP support also falls into this category, I believe. This is free.
  • SSL VPN clients (which includes MAB portal, Capsule Workspace and SNX) -- Requires a Mobile Access License.
  • Check Point Mobile (Windows) and VPN clients for Android and iOS -- Also requires a Mobile Access license.
  • Endpoint Security VPN -- This requires a full Endpoint license and includes a desktop firewall.

The Mac does not have SecuRemote or a Check Point Mobile variant, leaving you with either Endpoint Security VPN or SNX as options.

I suppose L2TP would also work, but I haven't tried it from a Mac nor have I tried it in quite some time.

Source: Check Point Remote Access Solutions 

If the Mac VPN client worked previously with only a MAB license, it was a bug. Smiley Happy

Jerry
Gold

Re: Endpoint Security Client for macOS 10.14 (E80.71 fails)

Thanks. I got that and I agree the model is exactly as you've described Dameon but I have to admit. It did work before with MAB Eval. only for years Smiley Happy

Nevermind, I'll take all this into the consideration, ditch all my Apple products and remain fully MS based since now on  LOL

have a great week !

Jerry

Jerry
0 Kudos