Create a Post
Showing results for 
Search instead for 
Did you mean: 

Endpoint Security Client - Post connect script

Can anyone please remind me where in Checkpoint I might set a post connect script to be run on a remote client machine after the Endpoint Security Client has successfully connected remote VPN?  This would be a batch file script is to map network drives & printers etc.  I've looked through the VPN Admin Guide & online, but I'm struggling to find the right information - only instructions with SSL extender.  I've looked in: Policy > Global Properties; GW Properties > Mobile Access; Mobile Access [Tab] > Applications. 

Thanks in advance...

5 Replies

I am also looking for the same answer.  Did you ever figure this out?


Simply use Windows Task Scheduler to check every minute if the VPN is up, then run your tasks.


I suppose that could work, but I'm looking for a way to configure this in the VPN client or gateway so I don't have to push a task to 2000+ workstations.  Every other VPN I have used has this ability, so hoping that it is buried somewhere in Check Point too.  I saw some references to this in really old CPUG posts, but haven't found anything for current versions.


Here is excerpt from Remote Access Clients for Windows 32/64-bit E80.72 and Higher administration guide:

Configuring Post Connect Scripts

The Post Connect feature lets you run a script on client computers after connection is established. You must make sure that the script resides on the client computers, in the correct path.

To set the script path:

  1. Open GuiDBedit.
  2. Set desktop_post_connect_script to a full path on client machines for a script that Remote Access Clients will run after a connection is established (leave empty to disable the feature).
  3. Set desktop_post_connect_script_show_window to true to make the script run in a new window. (The default is false. The script runs in a hidden window.).
  4. Save and close GuiDBedit.
  5. Install the policy.

Hope that helps.

0 Kudos

Thanks for the info, I missed that info in my search.  Does the script really have to reside locally on the client computer?  I was assuming I could just point to a UNC path since it is post connect and the client will be on the network at that point.

0 Kudos