More precisely, E85.30 should be the first version with macOS Monterey support.
Timeline is, as I said, the next few weeks. 

As noted above, this is currently not supported.
We will release a new version in the coming weeks that will have support for macOS Monterey.

Hi @rmeznaric 

What is the client version you have? Do you see any packets in tcpdump?

Hi @Alex_Sazonov ,

I`m using the latest available on the official web page: E84.70 Build 986200225 (see attached screenshot).

I`ve tried with RDP and SSH connections and also tried to ping IPs, but nothing works.

In which log file can I see that? I have no idea what log entry should be there as I didn`t yet checked log files where a client works.

Br

Hi,

I`m using the latest version of the CheckPoint VPN client: E84.70 Build 986200225 (see screenshot).

I`ve tried with RDP and SSH connections and even pinging IPs, but it just doesn't work. In what exact logs do I need to check and what exactly am I searching for? Didn`t check the logs before this problem occur.

Br

@rmeznaric 

Run this command and check e.g. SSH  on which interface you see SYN packets. In my case you can see packets are going out of en0 interface:

$ sudo tcpdump -ni all -k IN port 22
tcpdump: data link type PKTAP
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on all, link-type PKTAP (Apple DLT_PKTAP), capture size 262144 bytes
13:09:30.433130 (en0, proc ssh) IP 10.10.10.102.54635 > 142.251.32.206.22: Flags [S], seq 2664821152, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 1890533870 ecr 0,sackOK,eol], length 0
13:09:31.433075 (en0, proc ssh) IP 10.10.10.102.54635 > 142.251.32.206.22: Flags [S], seq 2664821152, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 1890534870 ecr 0,sackOK,eol], length 0

Hi,

With the hostname:

As you mentioned I added. the tcpdump command for port 22 and then tried to connect over SSH over Termius (an App I use for managing different servers) to one of my servers when Checkpoint VPN client was "connected". Additionally, I tried to SSH from Terminal and in both cases, I didn't get any entry into the console.

sudo tcpdump -ni all -k IN port 22

tcpdump: data link type PKTAP

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on all, link-type PKTAP (Apple DLT_PKTAP), capture size 262144 bytes

Pinging the hostname also doest work.

With the IP:

I've tried to SSH with the IP and it is actually working and ping also works. I must admit I didn`t try to use the direct IP yesterday.

udo tcpdump -ni all -k IN port 22   

tcpdump: data link type PKTAP

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on all, link-type PKTAP (Apple DLT_PKTAP), capture size 262144 bytes

12:52:32.876062 (utun3, proc ssh) IP 10.12.135.23.58962 > 10.216.159.37.22: Flags [SEW], seq 281043968, win 65535, options [mss 1310,nop,wscale 6,nop,nop,TS val 1516873318 ecr 0,sackOK,eol], length 0

12:52:32.947710 (utun3, proc ssh) IP 10.216.159.37.22 > 10.12.135.23.58962: Flags [S.E], seq 228542461, ack 281043969, win 28960,

options [mss 1383,sackOK,TS val 3918524969 ecr 1516873318,nop,wscale 7], length 0

12:52:32.947769 (utun3, proc ssh) IP 10.12.135.23.58962 > 10.216.159.37.22: Flags [.], ack 1, win 2048, options [nop,nop,TS val

1516873390 ecr 3918524969], length 0

12:52:32.949520 (utun3, proc ssh) IP 10.12.135.23.58962 > 10.216.159.37.22: Flags [P.], seq 1:22, ack 1, win 2048, options

[nop,nop,TS val 1516873392 ecr 3918524969], length 21

12:52:33.017011 (utun3, proc ssh) IP 10.216.159.37.22 > 10.12.135.23.58962: Flags [.], ack 22, win 227, options [nop,nop,TS val

3918525040 ecr 1516873392], length 0

This is the workaround for all of us on MacOs Monteye till you don`t release a new version.

Best Regards

Hi,

using an IP adress seems to be a good workaround before the new client version is released.

I was using the hostname to access the servers. 

BR.

Thanks a lot! That helps so much until the new client version is released!

BR

I'm also having those same issues after updating to macOS Monterrey. A workaround that is working for me is to turn off and on the WI-FI after establishing the VPN connection.

I have the same problem (Mac Mini M1 & CP VPN 85.30).

I investigated the problem, the DNS server and the resolv.conf not working very well (after disconnect the CP VPN client couldn't change back the original DNS servers and search domain).

Did you read the comment at the top of the resolve.conf file?

This file is not used by macOS for DNS resolution.

Hi, 

I have also found another workaround for those who have M1 Macs.

I have downloaded iOS/iPadOS app Capsule from AppStore to my Mac and it works just fine.  (I use that app on my iPad so I got the idea to try that)

BR

Hi there,

I have just been trying to get the release version of E85.30 running on my new M1 Max MBP, which is running Monterey 12.1.

Unfortunately DNS is completely borked in this environment. I am unable to add a new site (it's a new computer) because it can't verify it.

I'm up and limping with the CheckPoint capsule, but some internal sites remain inaccessible.

Hi Nicholas,

Could you share what steps you perform exactly?

I've been trying for several months and I can't connect to the vpn with a mac m1, currently I connect with SSL network extender through the browser, I already tried to connect with the new clients:

Capsule

Client Checkpoint

But it tells me that the creation of the new site tried with the different types of authentication and it tells me that the client is not supported..

My connection mode is user, password and a token that reaches my cell phone

I will be very grateful if you share your achievement, because I have not been successful for months

Greetings and thank you very much!