Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ankur_Datta1
Participant

SNX - Authentication failed error on ubuntu machine

Hi All,

Good Day.

I tried to build client less vpn through mobile access blade between checkpoint R80.10 and ubuntu machine.

When i try to open gui: https://192.168.x.x/sslvpn with the local credentials created, i am able to login and created a policy to access web server that is in inside in mobile access. I am able to access server through GUI as well from my remote host. now i want to add telnet/ssh functionality to my server so i selected native applications and configure application for telnet access.

Now when i again go it GUI portal, it gives me option of native application - connect. when i press connect it take some time and get error java is not available.

however java is installed on my system - 

openjdk version "10.0.2" 2018-07-17
OpenJDK Runtime Environment (build 10.0.2+13-Ubuntu-1ubuntu0.18.04.1)
OpenJDK 64-Bit Server VM (build 10.0.2+13-Ubuntu-1ubuntu0.18.04.1, mixed mode)


i tried to download snx package and installed the package.

I ran the snx command:

snx -s <gateway_IP> -u <user-name> , username - that i created on mgmt server

I get below error:

Check Point's Linux SNX
build 800008061
Please enter your password:

SNX: Authentication failed


build is same at both linux machine and on checkpoint.

Kindly guide.

Thanks

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

Have you tried it with Oracle's version of the JRE?

I don't know if we tested it with OpenJDK.

0 Kudos
D_W
Advisor

You should see the log entry "failed to decrypt user password" in the SmartLog.

Solution(?) is to use an older SNX Version. See for this sk115242 "Authentication failed" error presented when user tries to connect to site using SNX CLI mode in Lin...  - I don't know why there are a newer versions when only that old one works. If someone can explain this please.

Also please maybe i only have this issue but MobileAccess rules for Linux users are not to configure via the mobile access blade!? I always have to create a vpn ruleset for specific users in the firewall ruleset. So i believe there is no real MobileAccess (SSLVPN) option for Linux Users - only SNX Smiley Sad ?

Cheers,

David

0 Kudos
antoniojunior
Explorer

Guys,

 

I had the same problem, but I noticed that when you disable Mobile Access (when you don't need access VPN using browsers) others build of SNX works.

I'm using build 800008061 of snx_install.sh and is working.

My gateways are in R80.10.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events