Checkpoint VPN client not connecting, Debian Wheezy











up vote
0
down vote

favorite












Edit: what I'm looking for here is help finding out what's going on at the OS level, so that I can find out for sure whether the problem is on my end or my workplace's end, or in between. I'm not really after help fixing the problem! Thanks :)



My employer provides a VPN service using a Checkpoint VPN product (uncertain exactly which); there are two routes into the network from a Linux machine, either using Checkpoint's SNX command line client, or using a web portal that runs a Java applet.



In the past, I was able to connect without any problem using the client, but it's recently ceased to work, giving me the following:



Check Point's Linux SNX

build 800007027

Please enter your password:

SNX: Cannot establish connection to SSL Network Extender gateway. Try to reconnect.


The result is that I now have to use the Java applet. The admins are sure that nothing's changed on their end, and I'm 95% sure that nothing's changed on mine. I'd much rather use the SNX client than have to have Java in my browser.



How can I go about tracking down where the fault lies? I am not well-versed in much more than the basics as far as networking goes.






linux networking debian vpn checkpoint







share|improve this question




























    up vote
    0
    down vote

    favorite












    Edit: what I'm looking for here is help finding out what's going on at the OS level, so that I can find out for sure whether the problem is on my end or my workplace's end, or in between. I'm not really after help fixing the problem! Thanks :)



    My employer provides a VPN service using a Checkpoint VPN product (uncertain exactly which); there are two routes into the network from a Linux machine, either using Checkpoint's SNX command line client, or using a web portal that runs a Java applet.



    In the past, I was able to connect without any problem using the client, but it's recently ceased to work, giving me the following:



    Check Point's Linux SNX
    
build 800007027
    
Please enter your password:
    
SNX: Cannot establish connection to SSL Network Extender gateway. Try to reconnect.


    The result is that I now have to use the Java applet. The admins are sure that nothing's changed on their end, and I'm 95% sure that nothing's changed on mine. I'd much rather use the SNX client than have to have Java in my browser.



    How can I go about tracking down where the fault lies? I am not well-versed in much more than the basics as far as networking goes.






    linux networking debian vpn checkpoint







    share|improve this question


























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      Edit: what I'm looking for here is help finding out what's going on at the OS level, so that I can find out for sure whether the problem is on my end or my workplace's end, or in between. I'm not really after help fixing the problem! Thanks :)



      My employer provides a VPN service using a Checkpoint VPN product (uncertain exactly which); there are two routes into the network from a Linux machine, either using Checkpoint's SNX command line client, or using a web portal that runs a Java applet.



      In the past, I was able to connect without any problem using the client, but it's recently ceased to work, giving me the following:



      Check Point's Linux SNX
      
build 800007027
      
Please enter your password:
      
SNX: Cannot establish connection to SSL Network Extender gateway. Try to reconnect.


      The result is that I now have to use the Java applet. The admins are sure that nothing's changed on their end, and I'm 95% sure that nothing's changed on mine. I'd much rather use the SNX client than have to have Java in my browser.



      How can I go about tracking down where the fault lies? I am not well-versed in much more than the basics as far as networking goes.






      linux networking debian vpn checkpoint







      share|improve this question















      Edit: what I'm looking for here is help finding out what's going on at the OS level, so that I can find out for sure whether the problem is on my end or my workplace's end, or in between. I'm not really after help fixing the problem! Thanks :)



      My employer provides a VPN service using a Checkpoint VPN product (uncertain exactly which); there are two routes into the network from a Linux machine, either using Checkpoint's SNX command line client, or using a web portal that runs a Java applet.



      In the past, I was able to connect without any problem using the client, but it's recently ceased to work, giving me the following:



      Check Point's Linux SNX
      
build 800007027
      
Please enter your password:
      
SNX: Cannot establish connection to SSL Network Extender gateway. Try to reconnect.


      The result is that I now have to use the Java applet. The admins are sure that nothing's changed on their end, and I'm 95% sure that nothing's changed on mine. I'd much rather use the SNX client than have to have Java in my browser.



      How can I go about tracking down where the fault lies? I am not well-versed in much more than the basics as far as networking goes.






      linux networking debian vpn checkpoint




      linux networking debian vpn checkpoint






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Apr 23 '14 at 19:45

























      asked Apr 23 '14 at 9:23









      Snewsley Pies

      35625




      35625






















          1 Answer
          1






          active

          oldest

          votes

















          up vote
          0
          down vote













          In general, googling your error message helps: have you seen this Web page, https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk30772?



          Don't be fooled by the disclaimer that it concerns a discontinued product, the page was last updated on march 13th, 2014. Basically, it is a matter of traffic on port 443 being blocked.



          As per your system admins claim that nothing changed on their side, did they really change nothing in OpenSSL? I find it hard to believe.






          share|improve this answer





















          • Yes, I've seen it, and it doesn't help - firstly, 443 isn't blocked on my end, and secondly, the web portal Java applet (which is what the support article is talking about) works fine for me. [edit: pressed enter too soon!] And yes, I'm not totally convinced by the claim nothing's changed on the host end either - what I'm asking is how I can go about pinning down where the fault lies.
            – Snewsley Pies
            Apr 23 '14 at 16:54












          • good thinking re: OpenSSL, though, but this started several months ago, so long before Heartbleed!
            – Snewsley Pies
            Apr 23 '14 at 17:03










          • @SnewsleyPies Try one of those services which will try to contact an IP address on a port you specify, and report whether the port is reachable or not, like canyouseeme.org
            – MariusMatutiae
            Apr 23 '14 at 17:06










          • How will that help? I'm not hosting any services; I'm trying to connect to one, and I know I can connect to it through the other client.
            – Snewsley Pies
            Apr 23 '14 at 17:19










          • @SnewsleyPies If you assume that the CLI and Java applet work exactly the same way, then obviously there is no solution to your problem. As port 443 being unreachable as the source of the precise error message you receive, it is Check Point page that says as much, not me.
            – MariusMatutiae
            Apr 23 '14 at 17:46











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f744965%2fcheckpoint-vpn-client-not-connecting-debian-wheezy%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          up vote
          0
          down vote













          In general, googling your error message helps: have you seen this Web page, https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk30772?



          Don't be fooled by the disclaimer that it concerns a discontinued product, the page was last updated on march 13th, 2014. Basically, it is a matter of traffic on port 443 being blocked.



          As per your system admins claim that nothing changed on their side, did they really change nothing in OpenSSL? I find it hard to believe.






          share|improve this answer





















          • Yes, I've seen it, and it doesn't help - firstly, 443 isn't blocked on my end, and secondly, the web portal Java applet (which is what the support article is talking about) works fine for me. [edit: pressed enter too soon!] And yes, I'm not totally convinced by the claim nothing's changed on the host end either - what I'm asking is how I can go about pinning down where the fault lies.
            – Snewsley Pies
            Apr 23 '14 at 16:54












          • good thinking re: OpenSSL, though, but this started several months ago, so long before Heartbleed!
            – Snewsley Pies
            Apr 23 '14 at 17:03










          • @SnewsleyPies Try one of those services which will try to contact an IP address on a port you specify, and report whether the port is reachable or not, like canyouseeme.org
            – MariusMatutiae
            Apr 23 '14 at 17:06










          • How will that help? I'm not hosting any services; I'm trying to connect to one, and I know I can connect to it through the other client.
            – Snewsley Pies
            Apr 23 '14 at 17:19










          • @SnewsleyPies If you assume that the CLI and Java applet work exactly the same way, then obviously there is no solution to your problem. As port 443 being unreachable as the source of the precise error message you receive, it is Check Point page that says as much, not me.
            – MariusMatutiae
            Apr 23 '14 at 17:46















          up vote
          0
          down vote













          In general, googling your error message helps: have you seen this Web page, https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk30772?



          Don't be fooled by the disclaimer that it concerns a discontinued product, the page was last updated on march 13th, 2014. Basically, it is a matter of traffic on port 443 being blocked.



          As per your system admins claim that nothing changed on their side, did they really change nothing in OpenSSL? I find it hard to believe.






          share|improve this answer





















          • Yes, I've seen it, and it doesn't help - firstly, 443 isn't blocked on my end, and secondly, the web portal Java applet (which is what the support article is talking about) works fine for me. [edit: pressed enter too soon!] And yes, I'm not totally convinced by the claim nothing's changed on the host end either - what I'm asking is how I can go about pinning down where the fault lies.
            – Snewsley Pies
            Apr 23 '14 at 16:54












          • good thinking re: OpenSSL, though, but this started several months ago, so long before Heartbleed!
            – Snewsley Pies
            Apr 23 '14 at 17:03










          • @SnewsleyPies Try one of those services which will try to contact an IP address on a port you specify, and report whether the port is reachable or not, like canyouseeme.org
            – MariusMatutiae
            Apr 23 '14 at 17:06










          • How will that help? I'm not hosting any services; I'm trying to connect to one, and I know I can connect to it through the other client.
            – Snewsley Pies
            Apr 23 '14 at 17:19










          • @SnewsleyPies If you assume that the CLI and Java applet work exactly the same way, then obviously there is no solution to your problem. As port 443 being unreachable as the source of the precise error message you receive, it is Check Point page that says as much, not me.
            – MariusMatutiae
            Apr 23 '14 at 17:46













          up vote
          0
          down vote










          up vote
          0
          down vote









          In general, googling your error message helps: have you seen this Web page, https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk30772?



          Don't be fooled by the disclaimer that it concerns a discontinued product, the page was last updated on march 13th, 2014. Basically, it is a matter of traffic on port 443 being blocked.



          As per your system admins claim that nothing changed on their side, did they really change nothing in OpenSSL? I find it hard to believe.






          share|improve this answer












          In general, googling your error message helps: have you seen this Web page, https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk30772?



          Don't be fooled by the disclaimer that it concerns a discontinued product, the page was last updated on march 13th, 2014. Basically, it is a matter of traffic on port 443 being blocked.



          As per your system admins claim that nothing changed on their side, did they really change nothing in OpenSSL? I find it hard to believe.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Apr 23 '14 at 16:45









          MariusMatutiae

          37.9k95195




          37.9k95195












          • Yes, I've seen it, and it doesn't help - firstly, 443 isn't blocked on my end, and secondly, the web portal Java applet (which is what the support article is talking about) works fine for me. [edit: pressed enter too soon!] And yes, I'm not totally convinced by the claim nothing's changed on the host end either - what I'm asking is how I can go about pinning down where the fault lies.
            – Snewsley Pies
            Apr 23 '14 at 16:54












          • good thinking re: OpenSSL, though, but this started several months ago, so long before Heartbleed!
            – Snewsley Pies
            Apr 23 '14 at 17:03










          • @SnewsleyPies Try one of those services which will try to contact an IP address on a port you specify, and report whether the port is reachable or not, like canyouseeme.org
            – MariusMatutiae
            Apr 23 '14 at 17:06










          • How will that help? I'm not hosting any services; I'm trying to connect to one, and I know I can connect to it through the other client.
            – Snewsley Pies
            Apr 23 '14 at 17:19










          • @SnewsleyPies If you assume that the CLI and Java applet work exactly the same way, then obviously there is no solution to your problem. As port 443 being unreachable as the source of the precise error message you receive, it is Check Point page that says as much, not me.
            – MariusMatutiae
            Apr 23 '14 at 17:46


















          • Yes, I've seen it, and it doesn't help - firstly, 443 isn't blocked on my end, and secondly, the web portal Java applet (which is what the support article is talking about) works fine for me. [edit: pressed enter too soon!] And yes, I'm not totally convinced by the claim nothing's changed on the host end either - what I'm asking is how I can go about pinning down where the fault lies.
            – Snewsley Pies
            Apr 23 '14 at 16:54












          • good thinking re: OpenSSL, though, but this started several months ago, so long before Heartbleed!
            – Snewsley Pies
            Apr 23 '14 at 17:03










          • @SnewsleyPies Try one of those services which will try to contact an IP address on a port you specify, and report whether the port is reachable or not, like canyouseeme.org
            – MariusMatutiae
            Apr 23 '14 at 17:06










          • How will that help? I'm not hosting any services; I'm trying to connect to one, and I know I can connect to it through the other client.
            – Snewsley Pies
            Apr 23 '14 at 17:19










          • @SnewsleyPies If you assume that the CLI and Java applet work exactly the same way, then obviously there is no solution to your problem. As port 443 being unreachable as the source of the precise error message you receive, it is Check Point page that says as much, not me.
            – MariusMatutiae
            Apr 23 '14 at 17:46
















          Yes, I've seen it, and it doesn't help - firstly, 443 isn't blocked on my end, and secondly, the web portal Java applet (which is what the support article is talking about) works fine for me. [edit: pressed enter too soon!] And yes, I'm not totally convinced by the claim nothing's changed on the host end either - what I'm asking is how I can go about pinning down where the fault lies.
          – Snewsley Pies
          Apr 23 '14 at 16:54






          Yes, I've seen it, and it doesn't help - firstly, 443 isn't blocked on my end, and secondly, the web portal Java applet (which is what the support article is talking about) works fine for me. [edit: pressed enter too soon!] And yes, I'm not totally convinced by the claim nothing's changed on the host end either - what I'm asking is how I can go about pinning down where the fault lies.
          – Snewsley Pies
          Apr 23 '14 at 16:54














          good thinking re: OpenSSL, though, but this started several months ago, so long before Heartbleed!
          – Snewsley Pies
          Apr 23 '14 at 17:03




          good thinking re: OpenSSL, though, but this started several months ago, so long before Heartbleed!
          – Snewsley Pies
          Apr 23 '14 at 17:03












          @SnewsleyPies Try one of those services which will try to contact an IP address on a port you specify, and report whether the port is reachable or not, like canyouseeme.org
          – MariusMatutiae
          Apr 23 '14 at 17:06




          @SnewsleyPies Try one of those services which will try to contact an IP address on a port you specify, and report whether the port is reachable or not, like canyouseeme.org
          – MariusMatutiae
          Apr 23 '14 at 17:06












          How will that help? I'm not hosting any services; I'm trying to connect to one, and I know I can connect to it through the other client.
          – Snewsley Pies
          Apr 23 '14 at 17:19




          How will that help? I'm not hosting any services; I'm trying to connect to one, and I know I can connect to it through the other client.
          – Snewsley Pies
          Apr 23 '14 at 17:19












          @SnewsleyPies If you assume that the CLI and Java applet work exactly the same way, then obviously there is no solution to your problem. As port 443 being unreachable as the source of the precise error message you receive, it is Check Point page that says as much, not me.
          – MariusMatutiae
          Apr 23 '14 at 17:46




          @SnewsleyPies If you assume that the CLI and Java applet work exactly the same way, then obviously there is no solution to your problem. As port 443 being unreachable as the source of the precise error message you receive, it is Check Point page that says as much, not me.
          – MariusMatutiae
          Apr 23 '14 at 17:46


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Super User!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.





          Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


          Please pay close attention to the following guidance:


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f744965%2fcheckpoint-vpn-client-not-connecting-debian-wheezy%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Сан-Квентин

          Image
          Сан-Квентин Местоположение Сан-Квентин, Калифорния Координаты 37°56′13″ с. ш. 122°29′20″ з. д. H G Я O L Текущий статус Действует Режим безопасности минимальный и максимальный Количество мест 3 302 Открытие Июнь 1852 Находится в ведомстве California Department of Corrections and Rehabilitation Начальник Mike Martel, начальник  Сан-Квентин на Викискладе Сан-Квентин (англ.  San Quentin ) — тюрьма, располагающаяся на 432 акрах (около 1,7 км²), на мысе Сан-Квентин, в округе Марин, штат Калифорния, США. Тюрьма штата Калифорния Сан-Квентин была открыта в июле 1852 года и является старейшей в штате. Она была построена заключёнными, которые проживали в течение строительства на тюремном судне Вабан. В Сан-Квентине отбывали наказание и мужчины, и женщины до 1934 года, когда построили женскую тюрьму в Техачапи и туда перевели всех заключённых женщин. В Сан-Квентине приводятся в исполнение смертные казни, для этого имеется газовая камера, но
          Read more

          Алькесар

          Image
          Муниципалитет Алькесар Alquézar Герб 42°10′16″ с. ш. 0°01′27″ в. д. H G Я O L Страна Испания   Испания Автономное сообщество Арагон Провинция Уэска Комарка Сомонтано-де-Барбастро Алькальд Хосе Марияно Альтемир Ласкорс (ИСРП) История и география Площадь 32,36 км² Высота НУМ 660 м Часовой пояс UTC+1, летом UTC+2 Население Население 313 человек ( 2010 ) Плотность 9,92 чел./км² Этнохороним alquezarano/-a Цифровые идентификаторы Телефонный код +34 974 Почтовые индексы 22112 Автомобильный код HU alquezar.org   (исп.) Показать/скрыть карты Алькесар Алькесар Алькесар  Аудио, фото и видео на Викискладе Алькесар (исп.  Alquézar ) — муниципалитет в Испании, входит в провинцию Уэска, в составе автономного сообщества Арагон. Муниципалитет находится в составе района (комарки) Сомонтано-де-Барбастро. Занимает площадь 32,36 км². Население — 321 челове
          Read more

          Josef Freinademetz

          Image
          San Ujöp (Giuseppe/Josef) Freinademetz Josef Freinademetz in abiti cinesi   Religioso e missionario   Nascita 15 aprile 1852 Morte 28 gennaio 1908 Venerato da Chiesa cattolica Beatificazione 1975 Canonizzazione 5 ottobre 2003 Ricorrenza 28 gennaio Manuale Ujöp Freinademetz noto anche come Giuseppe o Josef Freinademetz (Oies, 15 aprile 1852 – Taikia, 28 gennaio 1908) è stato un presbitero austriaco, membro della Società del Verbo Divino, fu missionario in Cina; è venerato come santo dalla Chiesa cattolica. .mw-parser-output .citazione-table{margin-bottom:.5em;font-size:95%}.mw-parser-output .citazione-table td{padding:0 1.2em 0 2.4em}.mw-parser-output .citazione-lang{vertical-align:top}.mw-parser-output .citazione-lang td{width:50%}.mw-parser-output .citazione-lang td:first-child{padding:0 0 0 2.4em}.mw-parser-output .citazione-lang td:nth-child(2){padding:0 1.2em} «Io amo la Cina e i cinesi; voglio morire in mezzo a loro, e tra loro
          Read more