Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Dreyfuss
Participant

Mobile access blade with segfault.

Hi! It seems that I discovered the problem about File Sharing describe in https://community.checkpoint.com/t5/Remote-Access-VPN/Mobile-Access-Blade-with-CIFS-segfault/m-p/818...


It turns out that Checkpoint itself is dubious in understanding about compatibility in smbv2 / 3 with version 80.30 (even in kernel 3.10). In one sk CP says it is not compatible, in another CP says it is compatible. In my studies, I saw that it was compatible, yes. And I started without migrating to version 80.40. The heart of the matter is the fact that, for Mobile Access, the default is for the feature to make the connection in SMBv1, according to https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut.... This should not be default, or at least, that this information should be clearer.
There is also clear confusion regarding the compatibility of version 80.30 and smbv2 / 3. 

DEFAULT is still SMBv1!!!

After applying these settings, I listed the dialect between server and Windows Server:

XXX.XXX.XXX.XXX/xxx /opt/CPcvpn-R80.30/mnt/cvpn_mnt/ml14 cifs rw,relatime,vers=3.0,sec=ntlmssp,cache=strict,username=john.doe,domain=XXXXXX,uid=0,noforceuid,gid=0,noforcegid,addr=XXX.XXX.XXX.XXX,file_mode=0755,dir_mode=0755,nounix,mapposix,noperm,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1 0 0

In spite of this call to be with the support of Checkpoint of the United States for 365 days (1 YEAR!), no one in CP knows to fix it.
SR: 6-0001974972

Now I got one more problem: after 2 hours, the mounting simply vanishes from mount location and the user of Mobile Access loses the connection to the share. So, after a re authentication, everything works again. Here we go again.

1 Reply
PhoneBoy
Admin
Admin

@AndreiR any way we can make SMBv3 the default in a future JHF or version?

0 Kudos