The connection from Mac to my office VPN was something that required some time to work. Here it is how I manage to connect.
First step was to connect to my VPN site (the office one) using Firefox, because connecting to it via Safari or Chrome did not work, with that configuration the Java applet that my office requires to start to verify the system pre-requisites did not start and so I cannot get to the page to authenticate. Using Firefox the Java applet works and so I can get the login page.
From there the connection worked.
Before using Firefox I tried to manually install the SNX client with mixed success.
First download the latest release of SNX client from https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk41808#2, it’s one of the latest download link on the page
After that install it on the Max OSX. It requires to install it by executing a .sh file that creates the required files, including the update of SNX tool that it’s used to create the VPN connection.
Once the SNX client has been installed from the terminal you need to create a file named .snxrc in your home directory that contains all the informations required to connect, like the following (change the address of vpn server and the username according to your configuration):
server v<em>pnserver.domain.com</em>
username <em>youruserid</em>
reauth yes
debug yes 5Now run the SNX command and it should ask for your password, insert it, it should connect to the VPN.
snx
Check Point's Mac SNX
build 800005012
Please enter your password:
SNX - connected.
Session parameters:
===================
Office Mode IP : 192.168.1.173
DNS Server : 172.16.0.190
Secondary DNS Server: 172.16.0.191
Timeout : 12 hours
The first time I tried the second option it worked but was not able to find an IP address on the remote network, this can be verified giving the ifconfig and verify the result:
This configuration do not work because it do not assign an IP address to the checkpoint VPN interface:
ifconfig en7
en7: flags=8862<BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1350
ether 54:55:43:44:52:00
Check Point Virtual Network Adapter
After having made a lot of tests with different ifconfig option I resorted to a very sample solution: I changed the DHCP configuration to give me an address not in the same network of the IP assigned by the office (so using a different subnet) and everything worked fine.
I do not know what will happen if I connect from some hotel where I cannot change the DHCP configuration, I hope that the connection via Firefox works well.
UPDATE: after some further testing I’ve found that the SNX client described above do not work if you’ve updated your Mac to always boot in 64 bit mode (or, as far I know, if you have a new MacBook where the 64 bit option is enabled by default).
The error is:
Unable to open ‘/dev/vna0′: No such file or directory
Unable to open ‘/dev/vna0′: No such file or directory
Unable to open ‘/dev/vna0′: No such file or directory
While we wait for Checkpoint to release a new update supporting the new 64 bit option (if it will be ever released) the only way I’ve found to use it is to boot OSX in 32 bit mode. To do so boot OSX while keeping pressed the 3 and 2 button of your keyboard. After doing so the Checkpoint client works. Quite boring because you’ve to perform a reboot.
suresh on March 15th, 2011 at 08:14 says:
Hi Phil,
I am getting below error while running SNX.
Unable to open ‘/dev/vna0′: No such file or directory
Unable to open ‘/dev/vna0′: No such file or directory
Unable to open ‘/dev/vna0′: No such file or directory
Pedro Oliveira on April 13th, 2011 at 03:05 says:
Hi,
Your network key has changed. You should run snx as root like below:
sudo snx -s your.server.com -u your_user
Then enter your root password (should be your Mac password), accept the new key (‘y’) and type your VPN password. Passwords will not echo.
Bones on April 29th, 2011 at 00:52 says:
sudo does not fix the issue – it looks like it will work in 32 bit os 10.6x but not 64 bit os 10.6.x – anyone know how to resolve this in 64 bit mode of os x?