- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
Some user's passwords may be forced to attack by blackhat. It was used to login in SNX VPN and want to attack the client LAN.
The client found that and is worried about it. They want to disconnect that connection first.
I gave him one command: RAsession_util terminate byuser xxx
After executing that command, he executed two below commands:
RAsession_util show users byname xxx
listusers
but the output is quite different. Did he disconnect SNX User successfully? Why? How should I help the client? Could someone kindly explain what is the difference between the two commands?
G_W_Albrecht
I think you mix up RAsession_util show users all (only for MAB/SNX users) and the VPN tables listusers from sk152132: How to Monitor the Exact Number of Active VPN Tunnels ?
G_W_Albrecht
I think you mix up RAsession_util show users all (only for MAB/SNX users) and the VPN tables listusers from sk152132: How to Monitor the Exact Number of Active VPN Tunnels ?
sk152132 explain is very useful, but I confuse mobile access VPN admin guide description:
Disconnecting Remote Access Users
To disconnect a user:
RAsession_util terminate {all|byuser <user>|bysession_id <id>|custom <sql
constraint>}
It seems like that "RAsession_util terminate XXX" can only disconnect remote access VPN users. I remember that remote access VPN is IPSec VPN while SNX is SSL VPN.
G_W_Albrecht
EPS VPN, Mobile and SecuRemote are the three IPsec VPN flavours, while Mobile Access and SNX uses SSL VPN and can be influenced using RAsession_util.
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY