34

Is there a Linux client for Checkpoint VPN? Preferably for Ubuntu?

Improve this question

7 Answers 7

Reset to default
11

I've heard good things about Shrew, but I've only ever seen it used on Windows.

http://shrew.net/home

Improve this answer
16

I'm using SNX (by checkpoint) and it works perfect. It can be downloaded from here.

I used this guide in order to install snx on my client, check it out and see if you got all the required packages installed.

In addition, you can create a .snxrc file in your /home/user/ directory and include there the server's IP and username like so:

server 1.1.1.1 username itaig

Then just run snx, you'll be asked to input your password and that's it.

Improve this answer
5
  • 2
    I just get "SNX: Authentication failed" after I supply the certificate's password. Do I have to authenticate with the Windows client once before it will work, or something? Commented Aug 11, 2014 at 17:58
  • @RobinGreen, I've updated my answer, check it out. Commented Aug 11, 2014 at 18:06
  • Any idea how SNX would handle 2 factor authentication? I can't seem to get it to work. Commented Aug 23, 2016 at 7:36
  • It's complicated to configure and I haven't done it myself but I know it's doable Commented Aug 23, 2016 at 9:20
  • It is no longer supported on linux if ou disable RC4 and 3DES on the firewall :( Commented Jul 12, 2017 at 13:03
6

The existing client is ancient, and as for now AFAIK, there are no plans to write a newer one. There are Linux native VPN clients that should work with checkpoint - check out vpnc and raccoon especially.

http://www.vpnc.org/InteropProfiles/checkpoint-profile.pdf
http://www.fw-1.de/aerasec/ng/vpn-racoon/CP-VPN1-NG-Linux-racoon.html

Improve this answer
3

I have successfully connected to Checkpoint (NGX R75) using Shrew Soft, more info here: https://serverfault.com/a/386021/73387

Improve this answer
2

I'm assuming your looking for an IPSEC client, but if you are looking for SSL VPN, I have had good luck with the Checkpoint SNX client in Ubuntu.

http://www.checkpoint.com/products/ssl_network_ext/

Improve this answer
2
  • 1
    Unfortunately this now redirects to their mobile blade site. Commented Nov 14, 2012 at 16:19
  • And no longer works with modern ciphers Commented Jul 12, 2017 at 13:05
0

I also was looking for it AND I've found a checkpoint client VPN on the Checkpoint Users Forums, I'll link it to you tomorrow.

OK Here is the link to the Documentation under RedHat:

http://www.google.com/url?q=http://www.checkpoint.com/techsupport/downloads/html/securemote/sr-5-0/SecureClient_NG_build_53328.pdf&ei=48FFS7vqK5Sw4Qacls3_Ag&sa=X&oi=nshc&resnum=1&ct=result&cd=1&ved=0CAwQzgQoAA&usg=AFQjCNGgVXRHVJM7alNik11aQoO_7zYxog

BUT, the Linux client VPN seems to be deprecated and no longer supported, as my own experience, it should be better to use the OpenSwan VPN to connect throught an Checkpoint VPN gateway under linux.

Improve this answer
1
  • Link is broken by now as well... Commented May 31, 2021 at 14:31
0

IPSEC pure clients only work if the firewall admin has configured the functionality. In a corporate setting, usually they dont, as Windows and Macs have specific client software.

From 2021 onwards, SNX on the command line is unfortunately not supported anymore.

You can connect via the mobile web portal upon installing SNX and the Java agent.

Or use my automatic setup script https://github.com/ruyrybeyro/chrootvpn

See https://unix.stackexchange.com/questions/450131/vpn-ssl-network-extender-in-firefox/709258 too, for more details.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.