This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Hermano_Pereira
Participant
‎2018-01-04 10:46 AM
Jump to solution

VPN E80.71 in MacOS X 10.13.2

Hello,

Does anyone tried "endpoint security vpn" E80.71 in MacOS 10.13.2 ?

I tried in several machines and the connection is successful, but no connectivity...

The gateway is R80.10 with Jumbo 56.

Thanks!

0 Kudos
1 Solution

Accepted Solutions
Hermano_Pereira
Participant
‎2018-01-10 03:51 AM
In response to Patrick_Milroy
Jump to solution

Exactly the same symptoms you describe! At the same time we had problems with legacy authentication, but the real solution is to disable the desktop firewall.

This version for MAC includes desktop firewall... So if you can, edit the ttm file on the gateway and change the "default" of "enable_firewall" from "true" to "client_decide"

The client default is false.

...

:enable_firewall (
                        :gateway (
                                :map (
                                        :false (false)
                                        :true (true)
                                        :client_decide (client_decide)
                                )
                                :default (client_decide)
                        )
                )

...

Best regards

View solution in original post

0 Kudos
5 Replies
Hermano_Pereira
Participant
‎2018-01-08 08:20 AM
Jump to solution

Hello,

It seems  the problem is related with legacy authentication... after changing the object to a Role and client re-installation, VPN it's working.

Thanks!

Patrick_Milroy
Explorer
‎2018-01-09 11:32 PM
Jump to solution

Hi Hermano,

What sort of symptoms were you seeing from the client? I am having a similar issue, where using the VPN client works fine on MacOS 10.13.1, but on 10.13.2 the client authenticates successfully, but does not pass any traffic eg. if I try SSH to a known IP address, I receive an "Operation not permitted" message, and can't see any traffic from the client in our FW logs.

Thanks!

Hermano_Pereira
Participant
‎2018-01-10 03:51 AM
In response to Patrick_Milroy
Jump to solution

Exactly the same symptoms you describe! At the same time we had problems with legacy authentication, but the real solution is to disable the desktop firewall.

This version for MAC includes desktop firewall... So if you can, edit the ttm file on the gateway and change the "default" of "enable_firewall" from "true" to "client_decide"

The client default is false.

...

:enable_firewall (
                        :gateway (
                                :map (
                                        :false (false)
                                        :true (true)
                                        :client_decide (client_decide)
                                )
                                :default (client_decide)
                        )
                )

...

Best regards

0 Kudos
Hermano_Pereira
Participant
‎2018-01-10 03:09 PM
In response to Hermano_Pereira
Jump to solution

This is a workaround..., maybe its possible to do something in the MacOS system configuration. I´m not a Mac user Smiley Happy

We route all vpn traffic to the gateway, and our "endpoint security VPN" desktop firewall policy is allow_all, so this workaround is a solution for our Mac users. Windows users use "Checkpoint mobile for windows".

If there is anyone with more ideas... it would be great Smiley Happy

Best regards.

0 Kudos
Patrick_Milroy
Explorer
‎2018-01-13 11:40 PM
In response to Hermano_Pereira
Jump to solution

Thanks so much Hermano! That seems to have solved our issue.

Cheers,

Patrick

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events