Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
aliveoceans
Participant

Handshake error on Ubuntu 20.04 and 18.04

Hi, I am using CP mobile portal agent client to connect the VPN of my client. It works perfectly fine on windows 10 but it gives a handshake error on Ubuntu 18.04 and 20.04. How can I resolve it? I have installed all the required software as mentioned. installed SNX and CShell prompted on clients VPN URL.
My kernel version is as below.

Linux mylaptopName 5.4.0-89-generic #100-Ubuntu SMP Fri Sep 24 14:50:10 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

Check Point's Linux SNX
build 800008074


from this post https://community.checkpoint.com/t5/Endpoint/Checkpoint-VPN-stuck-on-Starting-Mobile-Access-Portal-A... I come to know that there is the latest hotfix available but I cannot download it. Its shows that I am not entitled to download it.

 

I have attached the log files.

 

Let me know what all details you want from me to diagnose the issue.

 


Kindly help me to connect to VPN on Ubuntu 20.04. It is impacting my project work?

 

One more thing I want to know. When I installed CShell in log I see the CSHellKey is generated using my laptop user ID and not using my VPN user ID. Is it correct? Or should it use VPN user id provided by my client? 

 

Many thanks in advance.

0 Kudos
7 Replies
PhoneBoy
Admin
Admin

The hotfix in question has to be installed by your admin as it is something you load on the gateway.
Ubuntu 20.x is not currently supported per: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... 

0 Kudos
aliveoceans
Participant

And what about Ubuntu 18.04? I am getting the same result for this also.

Can you please go through the logs I have attached and see if you find something helpful to resolve the issue? 

0 Kudos
G_W_Albrecht
Legend
Legend

I would suggest to contact TAC or your CCSP.

CCSE CCTE SMB Specialist
0 Kudos
aliveoceans
Participant

Thanks for the reply. but I am sorry. I am not aware of the terms TAC and CCSP. Who they are and how to contact them.

0 Kudos
PhoneBoy
Admin
Admin

TAC == Technical Assistance Center
CCSP == Check Point Certified Service Partner

Both of which require some sort of agreement in place.
If you are an end user and not responsible for managing the Check Point gateways, you will need to work directly with those who are.

0 Kudos
PhoneBoy
Admin
Admin

The logs suggest it's trying SSLv3, but not sure that's really the case or not.
As an end user, there is nothing you can really do to resolve the issue.
This will require troubleshooting in concert with the folks running the Mobile Access gateway and possibly our TAC or Check Point Partner.

0 Kudos
aliveoceans
Participant

Update from my side.

I again tried on Mac and another Windows 10 systems for testing.

On Mac with the Safari browser the result is identical as FF in linux. I can login through CP vpn portal with user name password and OTP. On connect button it opens popup - try to connect (for once I had to grant permission for localost:14186) - closees the popup - on main page it still not connected.

On Windows10 system things are getting little wierd. This time first I tested on FF. It prompted me to donload and install cshell software. I downloaded - closed FF - installed software opened FF andtried to login and connect. The result is same as FF in linux. After several failed attempt I tried witm MS Edge browser. this time It prompted me to install another software (I guess slimserver) I installed it and VPN connected successfully. On FF it didnot prompt me to instll slimserver amd may be thats why it didnot connect.  

As you suggest, I should ask my client to work with CP or TAC for troubleshooting.

 

Thanks for you reply.

0 Kudos