Using Checkpoint VPN SSL Network Extender CLI with certificate
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
I'm trying to use the command line tool from Checkpoint to set up an SSL Network Extender VPN using a certificate (P12) rather than a password.
I tried the solution mentioned in getting Checkpoint VPN SSL Network Extender working in the command line.
Specifically:
- build 800007075
- compiled down to 32-bit (as per the accepted answer)
I'm able to connect with the OS X desktop client, but the command line tool throws the following error:
"Virtual Network Adapter initialization and configuration failed. Try to reconnect."
I'm running the connection in a Docker container with the ubuntu:18.04
base image (once I get it to work, I'll port it to something lightweight), using the following command:
RUN snx -s <server_ip> -c <path_to_cert> -g
debian vpn ssl checkpoint
add a comment |
up vote
1
down vote
favorite
I'm trying to use the command line tool from Checkpoint to set up an SSL Network Extender VPN using a certificate (P12) rather than a password.
I tried the solution mentioned in getting Checkpoint VPN SSL Network Extender working in the command line.
Specifically:
- build 800007075
- compiled down to 32-bit (as per the accepted answer)
I'm able to connect with the OS X desktop client, but the command line tool throws the following error:
"Virtual Network Adapter initialization and configuration failed. Try to reconnect."
I'm running the connection in a Docker container with the ubuntu:18.04
base image (once I get it to work, I'll port it to something lightweight), using the following command:
RUN snx -s <server_ip> -c <path_to_cert> -g
debian vpn ssl checkpoint
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I'm trying to use the command line tool from Checkpoint to set up an SSL Network Extender VPN using a certificate (P12) rather than a password.
I tried the solution mentioned in getting Checkpoint VPN SSL Network Extender working in the command line.
Specifically:
- build 800007075
- compiled down to 32-bit (as per the accepted answer)
I'm able to connect with the OS X desktop client, but the command line tool throws the following error:
"Virtual Network Adapter initialization and configuration failed. Try to reconnect."
I'm running the connection in a Docker container with the ubuntu:18.04
base image (once I get it to work, I'll port it to something lightweight), using the following command:
RUN snx -s <server_ip> -c <path_to_cert> -g
debian vpn ssl checkpoint
I'm trying to use the command line tool from Checkpoint to set up an SSL Network Extender VPN using a certificate (P12) rather than a password.
I tried the solution mentioned in getting Checkpoint VPN SSL Network Extender working in the command line.
Specifically:
- build 800007075
- compiled down to 32-bit (as per the accepted answer)
I'm able to connect with the OS X desktop client, but the command line tool throws the following error:
"Virtual Network Adapter initialization and configuration failed. Try to reconnect."
I'm running the connection in a Docker container with the ubuntu:18.04
base image (once I get it to work, I'll port it to something lightweight), using the following command:
RUN snx -s <server_ip> -c <path_to_cert> -g
debian vpn ssl checkpoint
debian vpn ssl checkpoint
edited Dec 4 at 13:43
Rui F Ribeiro
38.5k1479128
38.5k1479128
asked Dec 4 at 1:41
Ashwin Balamohan
1084
1084
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
1
down vote
accepted
Using MacOS, I would download/use the latest Mac OS Check Point official client, that is actively supported by CheckPoint, instead of using Docker.
Been using Checkpoint's client in Mojave for a couple of months now, and contrary to my experience at the beginning of the year, in High Sierra, where it was going off all the time, it is fairly stable now.
As for running the Linux CheckPoint VPN client/snx
in Docker, it won't work.
The snx
VPN client routines:
- check for the kernel presence/the tun kernel module being loaded;
- load/insmod the tun kernel module if not loaded;
- create and use the resulting tunsnx virtual network interface;
- manipulate your routing table;
- send traffic through the virtual tunsnx interface.
Some or all of those actions won't simply happen inside a Docker container.
TDLR snx
inside Docker won't work. Either use the Mac native client, or run the Linux snx
VPN client on a Linux VM.
PS. I would advise getting familiar with the differences between a container and a VM.
1
Appreciate the explanation. Thanks, Rui
– Ashwin Balamohan
Dec 4 at 13:19
1
Rui, just ran it on a VM and it worked like a charm. Thanks again for the pointer.
– Ashwin Balamohan
Dec 4 at 14:45
You are welcome; we have been running it for a while in Debian/Ubuntu/Mint.
– Rui F Ribeiro
Dec 4 at 14:46
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
accepted
Using MacOS, I would download/use the latest Mac OS Check Point official client, that is actively supported by CheckPoint, instead of using Docker.
Been using Checkpoint's client in Mojave for a couple of months now, and contrary to my experience at the beginning of the year, in High Sierra, where it was going off all the time, it is fairly stable now.
As for running the Linux CheckPoint VPN client/snx
in Docker, it won't work.
The snx
VPN client routines:
- check for the kernel presence/the tun kernel module being loaded;
- load/insmod the tun kernel module if not loaded;
- create and use the resulting tunsnx virtual network interface;
- manipulate your routing table;
- send traffic through the virtual tunsnx interface.
Some or all of those actions won't simply happen inside a Docker container.
TDLR snx
inside Docker won't work. Either use the Mac native client, or run the Linux snx
VPN client on a Linux VM.
PS. I would advise getting familiar with the differences between a container and a VM.
1
Appreciate the explanation. Thanks, Rui
– Ashwin Balamohan
Dec 4 at 13:19
1
Rui, just ran it on a VM and it worked like a charm. Thanks again for the pointer.
– Ashwin Balamohan
Dec 4 at 14:45
You are welcome; we have been running it for a while in Debian/Ubuntu/Mint.
– Rui F Ribeiro
Dec 4 at 14:46
add a comment |
up vote
1
down vote
accepted
Using MacOS, I would download/use the latest Mac OS Check Point official client, that is actively supported by CheckPoint, instead of using Docker.
Been using Checkpoint's client in Mojave for a couple of months now, and contrary to my experience at the beginning of the year, in High Sierra, where it was going off all the time, it is fairly stable now.
As for running the Linux CheckPoint VPN client/snx
in Docker, it won't work.
The snx
VPN client routines:
- check for the kernel presence/the tun kernel module being loaded;
- load/insmod the tun kernel module if not loaded;
- create and use the resulting tunsnx virtual network interface;
- manipulate your routing table;
- send traffic through the virtual tunsnx interface.
Some or all of those actions won't simply happen inside a Docker container.
TDLR snx
inside Docker won't work. Either use the Mac native client, or run the Linux snx
VPN client on a Linux VM.
PS. I would advise getting familiar with the differences between a container and a VM.
1
Appreciate the explanation. Thanks, Rui
– Ashwin Balamohan
Dec 4 at 13:19
1
Rui, just ran it on a VM and it worked like a charm. Thanks again for the pointer.
– Ashwin Balamohan
Dec 4 at 14:45
You are welcome; we have been running it for a while in Debian/Ubuntu/Mint.
– Rui F Ribeiro
Dec 4 at 14:46
add a comment |
up vote
1
down vote
accepted
up vote
1
down vote
accepted
Using MacOS, I would download/use the latest Mac OS Check Point official client, that is actively supported by CheckPoint, instead of using Docker.
Been using Checkpoint's client in Mojave for a couple of months now, and contrary to my experience at the beginning of the year, in High Sierra, where it was going off all the time, it is fairly stable now.
As for running the Linux CheckPoint VPN client/snx
in Docker, it won't work.
The snx
VPN client routines:
- check for the kernel presence/the tun kernel module being loaded;
- load/insmod the tun kernel module if not loaded;
- create and use the resulting tunsnx virtual network interface;
- manipulate your routing table;
- send traffic through the virtual tunsnx interface.
Some or all of those actions won't simply happen inside a Docker container.
TDLR snx
inside Docker won't work. Either use the Mac native client, or run the Linux snx
VPN client on a Linux VM.
PS. I would advise getting familiar with the differences between a container and a VM.
Using MacOS, I would download/use the latest Mac OS Check Point official client, that is actively supported by CheckPoint, instead of using Docker.
Been using Checkpoint's client in Mojave for a couple of months now, and contrary to my experience at the beginning of the year, in High Sierra, where it was going off all the time, it is fairly stable now.
As for running the Linux CheckPoint VPN client/snx
in Docker, it won't work.
The snx
VPN client routines:
- check for the kernel presence/the tun kernel module being loaded;
- load/insmod the tun kernel module if not loaded;
- create and use the resulting tunsnx virtual network interface;
- manipulate your routing table;
- send traffic through the virtual tunsnx interface.
Some or all of those actions won't simply happen inside a Docker container.
TDLR snx
inside Docker won't work. Either use the Mac native client, or run the Linux snx
VPN client on a Linux VM.
PS. I would advise getting familiar with the differences between a container and a VM.
edited Dec 5 at 19:59
answered Dec 4 at 11:19
Rui F Ribeiro
38.5k1479128
38.5k1479128
1
Appreciate the explanation. Thanks, Rui
– Ashwin Balamohan
Dec 4 at 13:19
1
Rui, just ran it on a VM and it worked like a charm. Thanks again for the pointer.
– Ashwin Balamohan
Dec 4 at 14:45
You are welcome; we have been running it for a while in Debian/Ubuntu/Mint.
– Rui F Ribeiro
Dec 4 at 14:46
add a comment |
1
Appreciate the explanation. Thanks, Rui
– Ashwin Balamohan
Dec 4 at 13:19
1
Rui, just ran it on a VM and it worked like a charm. Thanks again for the pointer.
– Ashwin Balamohan
Dec 4 at 14:45
You are welcome; we have been running it for a while in Debian/Ubuntu/Mint.
– Rui F Ribeiro
Dec 4 at 14:46
1
1
Appreciate the explanation. Thanks, Rui
– Ashwin Balamohan
Dec 4 at 13:19
Appreciate the explanation. Thanks, Rui
– Ashwin Balamohan
Dec 4 at 13:19
1
1
Rui, just ran it on a VM and it worked like a charm. Thanks again for the pointer.
– Ashwin Balamohan
Dec 4 at 14:45
Rui, just ran it on a VM and it worked like a charm. Thanks again for the pointer.
– Ashwin Balamohan
Dec 4 at 14:45
You are welcome; we have been running it for a while in Debian/Ubuntu/Mint.
– Rui F Ribeiro
Dec 4 at 14:46
You are welcome; we have been running it for a while in Debian/Ubuntu/Mint.
– Rui F Ribeiro
Dec 4 at 14:46
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f485800%2fusing-checkpoint-vpn-ssl-network-extender-cli-with-certificate%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown