- Products
- Learn
- Local User Groups
- Partners
- More
Firewall Uptime, Reimagined
How AIOps Simplifies Operations and Prevents Outages
Introduction to Lakera:
Securing the AI Frontier!
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
SharePoint CVEs and More!
Hello everyone,
I’m experiencing an issue with the Checkpoint Mobile Client on two different devices (a virtual machine and a notebook), where there is no data flow over the VPN tunnel after the connection is successfully established. The connection is initiated but breaks shortly after because no data can be sent or received through the tunnel. Here are the details:
Device 1 (Virtual Machine):
Windows 11 24H2 is running in VirtualBox (Host: Windows 10). In NAT mode, the VPN tunnel works perfectly. However, when I switch the network adapter to Bridged mode so that the VM gets its own IP address from the Fritzbox router, the problem occurs. The tunnel is established, but no data flows through it, and shortly after, the connection drops with an error message stating that the gateway is not responding.
Device 2 (Notebook):
The same issue occurs here, regardless if WIFI or Ethernet (direct connection to the Fritzbox). After the connection is established, the VPN client sends keep-alive packets, but no response is received. Shortly after, the connection also drops.
I suspect that the issue is either related to the Fritzbox configuration (routing or NAT) or the handling of the Office Mode IP by the Checkpoint Mobile Client.
Thank you in advance for your support!
Note: I’m not very good at English, so I used ChatGPT to help me write this text.
I have the same problem, generating the same error, same version of Windows 11. Help US!
Please look into https://support.checkpoint.com/results/sk/sk182749 for resolution
Good Morning,
The solution presented is restricted.
The content of this SK is largely discussed here: https://community.checkpoint.com/t5/Remote-Access-VPN/Windows-11-24H2-Remote-Access-VPN/m-p/229233#M...
Unless you can convince your admin to make the gateway-level changes, you'll most likely need to edit trac.defaults locally.
May someone that has the permission to read this document, post the solution here? i dont get why it is restricted.
Unfortunately, some SKs require you to have a Support Agreement to access.
We cannot directly copy/paste SKs to the community.
However, the thread I linked to has all the information in that SK.
Specifically, you change the following line in trac.defaults on the client:
route_conflict_resolution_method STRING "delete_create" GLOBAL 1
to
route_conflict_resolution_method STRING "modify" GLOBAL 1
Whether that will work in your case or not is a separate question.
Thank you for that. Unfortunately that is a solution for this problem that a colleague of mine found somewhere else. we already tried it and it didnt work in this case. is there a hint if this is a problem of windows or checkpoint?
There should be an option on the client to "Collect Logs."
Perhaps some clue will be present in those logs.
Otherwise, all I can suggest is engaging the TAC.
Hi, I made changes in file trac.defaults and I still have this problem
I had the same problem, and the issue is the windows update 24H2, is very buggy. So I went back to the previous version 23H2 and it works again.
I face the same issue, couple months later.
What is a stupid workaround that work son my machine is to connect to the VPN, it will kill your connection.
Go to your network adapter, disable it and enable again. That leaves me with working VPN and internet comes back on.
BUT when you disconnect from the VPN, it will kill your internet again, forcing you to repeat the procedure.
On a side note, I think it is VERY low, to deny users of a product, the access to potential solutions. This is the only VPN where I have experienced this issue. Forti, Cisco, Windows, Open all run ok.
Unless you explicitly installed Check Point Mobile, SecuRemote, or Capsule VPN, or are using SNX, Check Point-branded VPN client includes a client-side firewall.
This firewall is configured by the site you connect with and remains active even when disconnected from the VPN.
A common configuration is to not allow Internet access unless connected to the VPN, much like you are experiencing.
This is by design.
You can, of course, try to install one of the above VPN clients.
However, your site may not allow them to be used.
In short, you need to work with the administrators/helpdesk of the site in question to resolve this issue.
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
User | Count |
---|---|
3 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
Tue 07 Oct 2025 @ 10:00 AM (CEST)
Cloud Architect Series: AI-Powered API Security with CloudGuard WAFThu 09 Oct 2025 @ 10:00 AM (CEST)
CheckMates Live BeLux: Discover How to Stop Data Leaks in GenAI Tools: Live Demo You Can’t Miss!Thu 09 Oct 2025 @ 10:00 AM (CEST)
CheckMates Live BeLux: Discover How to Stop Data Leaks in GenAI Tools: Live Demo You Can’t Miss!Wed 22 Oct 2025 @ 11:00 AM (EDT)
Firewall Uptime, Reimagined: How AIOps Simplifies Operations and Prevents OutagesAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY