Checkpoint firewall uninstall mac os

bubenkoff / checkpoint.sh

#! /bin/bash

#

# The reason of creating this script is that Endpoint Security VPN installs it’s own application firewall kext cpfw.kext

# which prevents for example PPTP connections from this computer, which is not appropriate if you need subj connection just

# from time to time

#

# Usage: ./checkpoint.sh

#

# The script checks if Enpoint Security VPN is running. If it is, then it shuts it down, if it is not, it fires it up.

# Or, make an Automator action and paste the script.

# You will need sudo power, of course

#

# To prevent Endpoint Security VPN from starting automatically whenever you restart your Mac, edit this file:

# `/Library/LaunchAgents/com.checkpoint.eps.gui.plist`

# And change the values of `RunAtLoad` and `KeepAlive` to `false`

# [Source](https://superuser.com/questions/885273)

SERVICE= ‘ Endpoint_Security_VPN ‘

if pgrep $SERVICE > /dev/null

then

# $SERVICE is running. Shut it down

[ -f /Library/LaunchDaemons/com.checkpoint.epc.service.plist ] && sudo launchctl unload /Library/LaunchDaemons/com.checkpoint.epc.service.plist

[ -d /Library/Extensions/cpfw.kext ] && sudo kextunload /Library/Extensions/cpfw.kext

[ -d ‘ /Applications/Check Point Firewall.app ‘ ] && open -W -n -a ‘ /Applications/Check Point Firewall.app ‘ —args —disable

killall $SERVICE

else

# $SERVICE is not running. Fire it up

[ -f /Library/LaunchDaemons/com.checkpoint.epc.service.plist ] && sudo launchctl load /Library/LaunchDaemons/com.checkpoint.epc.service.plist

[ -d /Library/Extensions/cpfw.kext ] && sudo kextload /Library/Extensions/cpfw.kext

[ -d ‘ /Applications/Check Point Firewall.app ‘ ] && open -W -n -a ‘ /Applications/Check Point Firewall.app ‘ —args —enable

[ -d ‘ /Applications/Endpoint Security VPN.app ‘ ] && open ‘ /Applications/Endpoint Security VPN.app ‘

fi

This comment has been minimized.

Copy link Quote reply

xeroply commented Dec 26, 2012

This is super helpful! Thanks for sharing! One minor modification: on the second to last line, «2>1 >» should probably be «&>» instead to direct all output (STDERR and STDOUT) to /dev/null. As written, this redirects STDERR to a file in the current working directory named «1».

This comment has been minimized.

Copy link Quote reply

vellori commented Jun 27, 2013

I’m deeply touched by this script. Thanks. Thank you very much. I can finally AirDrop (and much more) again from my Mac again.

You changed my life from now on, until I’ll have to deal with this VPN client.

This comment has been minimized.

Copy link Quote reply

holyjak commented Jan 16, 2014

BTW the process running on my Mac (with the client shut down) was /Library/Application Support/Checkpoint/Endpoint Connect/TracSrvWrapper (my version of the SW is, I believe, Endpoint Security VPN E80 something)

Источник

Checkpoint firewall uninstall mac os

Check Point and Alkira
Better Together!

Protect Endpoints from
Ransomware and Phishing Attacks

Try out the new
CheckMates Labs!

Check Point Acquires Avanan
Learn Why Avanan and Check Point are Better Together

CheckMates Go:
The Things They’re Missing

Premier Event for Securing Users & Access
12th October

• CheckMates
• :
• Products
• :
• Harmony
• :
• Remote Access VPN
• :
• Cannot re-install Check Point VPN macOS

• Subscribe to RSS Feed
• Mark Topic as New
• Mark Topic as Read
• Float this Topic for Current User
• Bookmark
• Subscribe
• Mute
• Printer Friendly Page

• Mark as New
• Bookmark
• Subscribe
• Mute
• Subscribe to RSS Feed
• Permalink
• Print
• Email to a Friend
• Report Inappropriate Content

I’m facing the issue that I cannot install (re-install) the latest checkpoint version (E80.89). I also tried to install older versions but I always get the same error message (see picture as well):

«Check Point Endpoint Security VPN can not be installed on this computer
Check Point Endpoint Security is installed on this computer. Please install the VPN blade as part of Endpoint Security.»

Before installing the latest version of Checkpoint Endpoint Security VPN, I have used the uninstaller located in /Library/Applications Support/Checkpoint.

I was already looking for files which could be part of the VPN application, but I could find anymore.

I hope that you guys can help me out, because I need to run this application.

• Mark as New
• Bookmark
• Subscribe
• Mute
• Subscribe to RSS Feed
• Permalink
• Print
• Email to a Friend
• Report Inappropriate Content

«Before installing the latest version of Checkpoint Endpoint Security VPN, I have used the uninstaller located in /Library/Applications Support/Checkpoint. » — and what was shown on the command line then ? Was the CheckPoint folder removed ?

You also should note the differences between Endpoint Security client for Mac and Endpoint Security VPN for Mac !

Источник

Checkpoint firewall uninstall mac os

Check Point and Alkira
Better Together!

Protect Endpoints from
Ransomware and Phishing Attacks

Try out the new
CheckMates Labs!

Check Point Acquires Avanan
Learn Why Avanan and Check Point are Better Together

CheckMates Go:
The Things They’re Missing

Premier Event for Securing Users & Access
12th October

• CheckMates
• :
• Products
• :
• Harmony
• :
• Endpoint
• :
• Uninstall Endpoint 84.30 on MAC

• Subscribe to RSS Feed
• Mark Topic as New
• Mark Topic as Read
• Float this Topic for Current User
• Bookmark
• Subscribe
• Mute
• Printer Friendly Page

• Mark as New
• Bookmark
• Subscribe
• Mute
• Subscribe to RSS Feed
• Permalink
• Print
• Email to a Friend
• Report Inappropriate Content

I’m trying to install new Endpoint Security on my Mac, I need to uninstall the old version first and can’t find how to do that.

I try the sudo uninstall but got error try remove folders and more nothing. The old version data is still there, I can see that by view policy.

• Mark as New
• Bookmark
• Subscribe
• Mute
• Subscribe to RSS Feed
• Permalink
• Print
• Email to a Friend
• Report Inappropriate Content

Try below. BUT, make sure you are doing it with actual admin account on mac, any other account will fail

• Mark as New
• Bookmark
• Subscribe
• Mute
• Subscribe to RSS Feed
• Permalink
• Print
• Email to a Friend
• Report Inappropriate Content

• Mark as New
• Bookmark
• Subscribe
• Mute
• Subscribe to RSS Feed
• Permalink
• Print
• Email to a Friend
• Report Inappropriate Content

I try all from this thread nothing working. This thread is from 2019 and CP changed the uninstall way to Endpoint Security.

Anything else that I can do?

• Mark as New
• Bookmark
• Subscribe
• Mute
• Subscribe to RSS Feed
• Permalink
• Print
• Email to a Friend
• Report Inappropriate Content

Try below. BUT, make sure you are doing it with actual admin account on mac, any other account will fail

• Mark as New
• Bookmark
• Subscribe
• Mute
• Subscribe to RSS Feed
• Permalink
• Print
• Email to a Friend
• Report Inappropriate Content

Thanks it worked!!

• Mark as New
• Bookmark
• Subscribe
• Mute
• Subscribe to RSS Feed
• Permalink
• Print
• Email to a Friend
• Report Inappropriate Content

Glad it did! By the way, there are really 2 things to remember if you ever encounter this issue again on another mac machine:

1) ALWAYS use admin account (so say you log in with account that does not have full admin privileges and run command I gave, it will proceed, but it will never fully uninstall)

2) In case it fails with admin account (which is literally not even 5% of the time), run same command with -f at the end of it, as that would force full removal of software

Источник

Question: Q: Connect to Checkpoint VPN?

I’ve googled this topic and searched through these forums, but almost ALL the threads I pull up are several years old (as in: 2004, 2005, etc.) At that time, there appeared to be several issues with connecting to Checkpoint.

I got approval to use my own MacBook at work instead of the old T42 the company gave me. My question is on the VPN: they use a Checkpoint VPN-1 Client for their Windows laptops. Will the built-in VPN client in Tiger effectively take the place of this for my MacBook?

If not, Checkpoint has a Mac OS X client — but I have found no thread on how well it works. Does anyone have any experience with it?

Thank you in advance for any guidance you can give me.

MacBook, Mac OS X (10.4.10), 2.16 Ghz, 2 GB, 160GB HDD, Superdrive

Posted on Sep 13, 2007 9:42 AM

All replies

Loading page content

Page content loaded

I don’t think so. My work uses Checkpoint VPN-1 (Certificates) as well. It is chiefly a Windoze shop but they tolerate a handful of Mac users. My IT guy gave me a copy of VPN Tracker 4.9 to use on my home desktop computer. It works.

Checkpoint also has their own Mac client that I believe is free download but you use it with one of those key fobs that you push the button and it kicks out a four digit code that you append onto the tailend of your user PIN. I don’t know enough about the VPN server side to know how, at the server level, you enable what methods of access. But both the Certificates method and the «key fob» method works on our Checkpoint VPN — we have to use the key fob version on our laptops. See if your company management and IT Dept would look into one or the other of those for you, depending on how they have their Checkpoint VPN configured.

Sep 15, 2007 5:33 PM

PS — one of my coworkers did run into a minor little configuration problem with the Checkpoint client — but between him and the IT guy, they got it worked out. The guy’s a tech writer, so he wrote up a small ≤1-pager about what he had to do to get the Checkpoint client to work. This is what he wrote up:

his email to me:
Maybe this has happened to you. I was stumped as to why my MacBook was not visible/pingable/accessible by other computers at (our work), or in my home network.
It turns out the problem was with the VPN client, Check Point SecureClient, which (our IT guy) is installing on Mac laptops these days.
The resolution turned out to be simple. I’ve attached a couple of paragraphs with graphics about how to work around the problem.

the attached document without the graphics:
Check Point comes with a firewall that by default is active even when you are not connected via VPN or knowingly running Secure Client. But actually, you are running Secure Client in the background as soon as you boot up. You can tell by its colorful little icon of teal padlock, gold key, and red «X» icon that appears in the menu bar.You can access other machines from your laptop with Check Point running, but other machines cannot see or access your laptop. Unless, you turn off the Check Point firewall.
1. Click the Check Point icon.
2. Select Tools > Disable Security Policy.
The teal padlock part of the Check Point icon disappears.It looks like the security policy (firewall) stays turned off if you reboot. However, I haven’t tested what happens when you actually try to connect to VPN. Connecting might re-activate the firewall.

Источник

How to uninstall a CheckPoint Hotfix after a failed installation

Since system crashed and no way for administrator to log in, what we could do is to log in to maintenance mode , either restore from previous backup / image (hopefully you have one, usually I will have a snapsot monthly and remote backup weekly), or uninstall the hotfix.

Usually uninstallation script will save your huge amounts of time from this awkward situation, the worst case is to get into maintenance mode to restore image you took before. Let me list all steps I experienced today:

1. System crushed during rebooting after applied a hotfix from Check Point

INIT: Entering runlevel: 3
Applying Intel CPU microcode update: [ OK ]
Starting sysstat: Calling the system activity data collector (sadc):
[ OK ]
Running UP accel driver check.
IP series driver not present
Starting background readahead: [ OK ]
Checking for hardware changes [ OK ]
Configuring ipv6 kernel support: [ OK ]
Starting kdump:[ OK ]
Inserting ipsctlmod.2.6.18.cp.i686: [ OK ]
CKP: Loading SecureXL: [ OK ]
CKP: Loading FW-1 IPv4 Instance 0: [ OK ]
CKP: Loading VPN-1 Instance 0: [ OK ]
CKP: Loading FW-1 IPv4 Instance 1: [ OK ]
CKP: Loading VPN-1 Instance 1: [ OK ]
FW1: Starting cpWatchDog
Starting wrp:
[ OK ]
Starting auditd: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
Fulcrum switch not installed
Update Interfaces in Database: 0 bindings were imported
[ OK ]
Generating vrfs: [ OK ]
Configuring NetAccess: [ OK ]
Generating NTP configuration: [ OK ]
Generating Time Zone configuration: [ OK ]
Generating domain name configuration: [ OK ]
Generating keyboard mapping configuration: [ OK ]
Generating hostname configuration: [ OK ]
Configuring Interfaces: [ OK ]
Generating /etc/monitor_mode: [ OK ]
Generating /etc/fonic_pairs: [ OK ]
Configuring NDP: [ OK ]
Generating hosts.conf: [ OK ]
Generating resolv.conf: [ OK ]
Generating dhclient.conf: [ OK ]
Generating pwcontrol.conf [ OK ]
Generating passwd + shadow [ OK ]
Generating group + gshadow [ OK ]
Generating routed.conf [ OK ]
Generating routed0.conf [ OK ]
Generating extended commands: [ OK ]
Generating MOTD: [ OK ]
Generating banner message: [ OK ]
Generating /etc/raddb/server: [ OK ]
Generating TACACS+ configuration: [ OK ]
Generating /etc/msmtp.conf: [ OK ]
Generating /etc/pam.d/system-auth: [ OK ]
Generating /etc/sysconfig/external.if: [ OK ]
Generating /etc/lldpd.conf: [ OK ]
Generating DHCP server configuration: Write DSTATE called
ServerConfigured = 1
DdnsConfigured = 0
[ OK ]
Generating /etc/adjust_radius: [ OK ]
Running /bin/arp_xlate: [ OK ]
Generating SNMP configuration: [ OK ]
Generating Job Scheduler configuration: [ OK ]
Updating general configuraion file: [ OK ]
Updating syslogd configuration: Reloading syslogd. [ OK ]
Reloading klogd. [ OK ]
[ OK ]
Updating httpd2 configuration: [ OK ]
Updating httpd-ssl configuration: [ OK ]
Applying NetFlow configuration [ OK ]
Configuring PPPoE: [ OK ]
CPshell initialization: [ OK ]
Initializing CP Process Manager..
Starting cp_pm_rl2: [ OK ]
Starting cp_pm_rl3: [ OK ]
Starting cp_pm_rl4: [ OK ]
Starting acpi daemon: [ OK ]
Starting sshd: [ OK ]
Starting arp:
Starting xinetd: [ OK ]
Starting bp_init: [ OK ]
Starting bypass_off: [ OK ]
Starting crond: [ OK ]
Starting cpri_d: cpridstart: Starting cprid
[1] 7382
[ OK ]
Starting cpboot: cpstart: Power-Up self tests passed successfully

cpstart: Starting product — SVN Foundation

SVN Foundation: cpWatchDog already running
SVN Foundation: Starting cpd
Multiportal daemon: starting mpdaemon
SVN Foundation started

cpstart: Starting product — VPN-1

FireWall-1: starting external VPN module — OK
cpwd_admin:
Process CPHAMCSET started successfully (pid=8208)
FireWall-1: Starting fwd

SecureXL disabled, cannot use affinity commands
SecureXL will be started after a policy is loaded.
FireWall-1: Fetching policy

Installing Security Policy Internet-CP-Cluster on [email protected]
wdt stop function not defined
Oops: 0000 [#1]
SMP
last sysfs file: /devices/pci0000:00/0000:00:00.0/class
Modules linked in: w83627ehf(U) hwmon_vid(U) hwmon(U) button(U) xfrm_nalgo(U) crypto_api(U) 8021q(U) wrpmodmod(PU) vpn_1(PU) fw_1(PU) vpn_0(PU) fw_0(PU) simmod(PU) bridge(U) llc(U) ipsctlmod(PU) parport_pc(U) lp(U) parport(U) sg(U) pcspkr(U) bypass_sb_gpio(U) i2c_i801(U) bypass_class(U) igb(U) i2c_core(U) e1000e(U) serio_raw(U) ip_srs_apic(U) dm_snapshot(U) dm_zero(U) dm_mirror(U) dm_mod(U) ata_piix(U) libata(U) sd_mod(U) scsi_mod(U) ext3(U) jbd(U) ehci_hcd(U) ohci_hcd(U) uhci_hcd(U)
CPU: 1
EIP: 0060:[ ] Tainted: P VLI
EFLAGS: 00010202 (2.6.18-92cp #1)
EIP is at cphwd_api_init+0x82b/0xe90 [simmod]
eax: 5505b527 ebx: 00000005 ecx: 00000000 edx: 00000080
esi: 00000001 edi: f1685580 ebp: f1683120 esp: e2e5b984
ds: 007b es: 007b ss: 0068
Process fw_full (pid: 8553, ti=e2e58000 task=ef452c70 task.ti=e2e58000)
Stack: f1441ac0 00000002 00000000 80405d5a f40e3c74 00000000 f40e3e80 00000000
f13be930 e2e5b9cc f40e3c74 00000000 f2d2eb97 e2e5b9cc f338ae30 00000060
00000202 f40e3e80 00000000 00000000 00000000 00000001 00000002 00000000
Call Trace:
[ ] [ ] common_interrupt+0x1a/0x20
[ ] [ ] cphwd_api_init+0x0/0xe90 [simmod]
[ ] [ ] cphwd_api_init_+0x97/0x100 [fw_0]
[ ] [ ] fwhamultik_validate_not_locked+0x0/0x90 [fw_0]
[ ] [ ] cphwd_start+0x2174/0x2cc0 [fw_0]
[ ] [ ] update_process_times+0x59/0x90
[ ] [ ] hmem_global_receive_returned_blocks+0x65/0xd0 [fw_0]
[ ] [ ] smp_apic_timer_interrupt+0x7a/0x80
[ ] [ ] apic_timer_interrupt+0x1f/0x24

2. Enter into Maintenance Mode

• Connect to the machine over console (serial).
• Reboot the machine (power cycle).
• During the boot, press a key on the «Press any key to see the boot menu» screen. This should open the Check Point Boot Menu. By default, user has only 5 seconds to press any key.
• Choose the «Start in maintenance mode» and press Enter.
• Enter the Admin credentials and press Enter.

3. Uninstall the hotfix from /opt/CPsuite-R77 folder

sh-3.1# fw ver
This is Check Point’s software version R77.10 — Build 243

sh-3.1# cpinfo -y
Error: ‘Couldn’t connect to /tmp/xgets: Connection refused
‘.
————————
Hotfix versions
————————
[FW1]
HOTFIX_R77_10
HOTFIX_R77_HF_HA10_005
HOTFIX_GYPSY_LTE_HF_001
[PPACK]
HOTFIX_R77_10
[SecurePlatform]
HOTFIX_R77_10_GAIA_GHOST_833
[CVPN]
HOTFIX_R77_10
[CPinfo]
No hotfixes..
[SmartLog]
HOTFIX_R77_10

sh-3.1# cd CPsuite-R77
sh-3.1# ls
CPinstall fw1_wrapper_HOTFIX_GYPSY_LTE_HF_001_bcp.tgz
LICENSE.TXT fw1_wrapper_HOTFIX_GYPSY_LTE_HF_001_bcp.tgz.new.txt
conf fw1_wrapper_HOTFIX_R77_HF_HA10_005_bcp.tgz
fg1 fw1_wrapper_HOTFIX_R77_HF_HA10_005_bcp.tgz.new.txt
fw1 uninstall_fw1_wrapper_HOTFIX_GYPSY_LTE_HF_001
fw1_wrapper uninstall_fw1_wrapper_HOTFIX_R77_HF_HA10_005

sh-3.1# ls -ali
total 122712
328062 drwxrwx—x 7 admin bin 4096 Mar 15 10:26 .
65537 drwxr-xr-x 19 admin root 4096 Aug 6 2014 ..
328064 drwxrwx— 2 admin bin 4096 Aug 6 2014 CPinstall
328066 -rwxrwx— 1 admin bin 38604 Jan 16 2014 LICENSE.TXT
328067 drwxrwx— 2 admin bin 4096 Aug 6 2014 conf
328069 drwxrwx— 9 admin bin 4096 Nov 9 01:37 fg1
328095 drwxrwx—x 30 admin bin 4096 Mar 15 12:35 fw1
852062 drwxr-x— 3 admin bin 4096 Apr 7 2014 fw1_wrapper
327694 -rw-rw—- 1 admin root 72317473 Mar 15 10:25 fw1_wrapper_HOTFIX_GYPSY_LTE_HF_001_bcp.tgz
327692 -rw-rw—- 1 admin root 763 Mar 15 10:24 fw1_wrapper_HOTFIX_GYPSY_LTE_HF_001_bcp.tgz.new.txt
329068 -rw-rw—- 1 admin root 53080782 Aug 6 2014 fw1_wrapper_HOTFIX_R77_HF_HA10_005_bcp.tgz
329067 -rw-rw—- 1 admin root 187 Aug 6 2014 fw1_wrapper_HOTFIX_R77_HF_HA10_005_bcp.tgz.new.txt
327700 -rwxr-x— 1 admin bin 18224 Nov 9 01:37 uninstall_fw1_wrapper_HOTFIX_GYPSY_LTE_HF_001
329069 -rwxr-x— 1 admin bin 18218 Apr 7 2014 uninstall_fw1_wrapper_HOTFIX_R77_HF_HA10_005

sh-3.1# ./uninstall_fw1_wrapper_HOTFIX_GYPSY_LTE_HF_001
Validating uninstall archive.
Do you want to proceed with uninstallation of
Security Gateway Power/UTM R77.10 GYPSY_LTE_HF_001 on this computer?
If you choose to proceed, uninstall will perform CPSTOP.
To proceed type y to cancel type n :
y
cpwd_admin: Failed to submit request to cpWatchDog
cvpnd: no process killed
dbwriter: no process killed
cvpnproc: no process killed
MoveFileServer: no process killed
CvpnUMD: no process killed
Mobile Access: Stopping MoveFileDemuxer service (if needed)
cpwd_admin: Failed to submit request to cpWatchDog
Mobile Access: MoveFileDemuxer is not running
Exception: connect() failed — Network is unreachable
Multiportal daemon is not running
Pinger: no process killed
Mobile Access: Successfully stopped Mobile Access services
cpwd_admin: Failed to submit request to cpWatchDog
SmartView Monitor: Unable to find CpWatchDog — run cpstart
FloodGate-1 is already stopped.
Unable to open ‘/dev/fw0’: No such file or directory
fw_syncn_set: failed to set off synchronization
cpwd_admin: Failed to submit request to cpWatchDog
Unable to open ‘/dev/fw0’: No such file or directory
Failed to notify kernel: No such file or directory
HA not stopped.
VPN-1/FW-1 stopped
Multi portal stopped
fw: Unable to open ‘/dev/fw0’: Unknown error 4294967295
fw: Set operation failed: failed to get parameter
fw: set: Operation failed: Unknown error 4294967295
SVN Foundation: cpd is not running
Multiportal daemon: mpdaemon is not running
cpwd_admin: Failed to submit request to cpWatchDog
SVN Foundation: cpWatchDog is not running
SVN Foundation stopped
Launching pre-uninstall utility
Removing gx.lf file from registry.
****************
Security Gateway Power/UTM R77.10
Security Gateway Power/UTM R77.10 GYPSY_LTE_HF_001
Uninstall completed successfully.
****************

Don’t forget to reboot the machine!!

sh-3.1# reboot
Preforming soft reboot
INIT: Sending processes the TERM signal
INIT: Starting killall: [ OK ]
Starting bypass_on: [ OK ]
Sending all processes the TERM signal.
Sending all processes the KILL signal.
Saving random seed:
Syncing hardware clock to system time
Turning off swap:
Unmounting file systems:
mount: /proc is busy
Please stand by while rebooting the system.
Restarting system.

4. Verify Hotfix uninstalled

[[email protected]:0]# cpinfo -y
————————
Hotfix versions
————————
[FW1]
HOTFIX_R77_10
HOTFIX_R77_HF_HA10_005
[SecurePlatform]
HOTFIX_R77_10_GAIA_GHOST_833
[PPACK]
HOTFIX_R77_10
[CVPN]
HOTFIX_R77_10
[CPinfo]
No hotfixes..
[SmartLog]
HOTFIX_R77_10
[rtm]
No hotfixes..

Источник