One of the systems I maintain requires access to a Checkpoint VPN. Until recently, this has meant that I needed a Windows laptop or vm when I traveled. The recipe to connect to the vpn using a command line client called \u201csnx\u201d seems obvious, but is not. Here is how I was able to connect a Fedora 29 Linux machine with version 800007075 of the snx command line client.<\/p>\n
Install the Oracle Java JRE<\/p>\n
Download Linux x64 RPM:<\/p>\n
https:\/\/www.java.com\/en\/download\/linux_manual.jsp<\/a><\/p>\n Use rpm at the command line instead of using the software installer gui.<\/p>\n (change version number as needed)<\/p>\n rpm -ivh jre-8u191-linux-x64.rpm<\/p>\n dnf install pkgconf-pkg-config<\/p>\n dnf install libcanberra-gtk2.i686<\/p>\n dnf install \/lib\/ld-linux.so.2 libX11.so.6 libpam.so.0 libstdc++.so.5 libnsl.so.1<\/p>\n According to this link:<\/p>\n https:\/\/unix.stackexchange.com\/questions\/450229\/getting-checkpoint-vpn-ssl-network-extender-working-in-the-command-line<\/a><\/p>\n versions of the snx command line client > 800007075 are not compatible with recent Linux kernels. So we will obtain a copy of that specific version of the SNX command line client:<\/p>\n [root@server etc]# cd ~desktop\/tmp\/ snx_install.sh 100%[====================>] 950.80K 378KB\/s in 2.5s<\/p>\n 2018-12-30 07:34:26 (378 KB\/s) – \u2018snx_install.sh\u2019 saved [973618\/973618]<\/p>\n and now we make the script executable:<\/p>\n [root@server tmp]# chmod 755 snx_install.sh<\/p>\n run the installation script:<\/p>\n [root@server tmp]# .\/snx_install.sh test a command line connection (use values appropriate for your username and vpnservername)<\/p>\n [root@server tmp]# snx -s vpnservername -u username@domain.com Session parameters: Some useful links:<\/p>\n https:\/\/www.java.com\/en\/download\/linux_manual.jsp<\/a><\/p>\n https:\/\/kenfallon.com\/checkpoint-snx-install-instructions-for-major-linux-distributions\/<\/p>\n https:\/\/kenfallon.com\/installing-snx-on-fedora-28\/<\/p>\n https:\/\/unix.stackexchange.com\/questions\/450229\/getting-checkpoint-vpn-ssl-network-extender-working-in-the-command-line<\/a><\/p>\n
\n[root@server tmp]# wget https:\/\/www.fc.up.pt\/ci\/servicos\/acesso\/vpn\/software\/CheckPointVPN_SNX_Linux_800007075.sh -O snx_install.sh
\n–2018-12-30 07:34:08– https:\/\/www.fc.up.pt\/ci\/servicos\/acesso\/vpn\/software\/CheckPointVPN_SNX_Linux_800007075.sh
\nResolving www.fc.up.pt (www.fc.up.pt)… 193.137.24.4
\nConnecting to www.fc.up.pt (www.fc.up.pt)|193.137.24.4|:443… connected.
\nHTTP request sent, awaiting response… 200 OK
\nLength: 973618 (951K) [application\/x-sh]
\nSaving to: \u2018snx_install.sh\u2019<\/p>\n
\nInstallation successful<\/p>\n
\nCheck Point’s Linux SNX
\nbuild 800007075
\nPlease enter your password:
\nSNX authentication:
\nPlease confirm the connection to gateway: *.domain.com
\nRoot CA fingerprint: XXX XXX XXXX XXX XXX XXXX XXXX XXX XXX XXXX
\nDo you accept? [y]es\/[N]o:
\ny
\nSNX – connected.<\/p>\n
\n===================
\nOffice Mode IP : x.x.x.x
\nDNS Server : x.x.x.x
\nSecondary DNS Server: x.x.x.x
\nDNS Suffix : domain.com
\nTimeout : 12 hours<\/p>\n