Hi all,
New to Checkpoint Firewalls here. I’m a systems administrator who is tasked with deploying the new VPN client for the cutover of our new Checkpoint Firewalls.
I use SCCM to push apps to employee computers. Is there a way i can add site configuration to the install process? Or, is there commands i can use to pre-define sites post install?
Thanks
If clients are already deployed or you are using initial client for deployment, another way is to copy the trac.config from a client you preconfigured:
If you are using a version below E80.71 you can follow this SK: sk89681
Otherwise follow this SK: sk122574
I have not deployed any packages yet. I tried copying the config but it was empty when it installed. I used a tool from checkpoint I found to create a MSI. I might of missed something though
Does this work for Sandblast?
No, sorry. Those SKs are specifically for the Endpoint Security VPN client.
With sba you can deploy with predefined vpn sites using the full package
Correct but I was having a permission issue on Windows when deploying the full package. Still working on it.
Sandblast agent, I was too lazy to type it out on mobile
What issue are you seeing?
Just to ensure, are you running the msi from an elevated command prompt?
Hi, it always says it needs administrator privileges even when logged in as the build-in local administrator.
Right, I’m asking if you ran cmd.exe as administrator then executed EPS.msi from the command line.
It requires that to install.
Ok in that case yes. However, if logged in as built-in administrator wouldn’t cmd launch with the same privileges?
With UAC enabled it launches as unprivileged. You have to right click cmd.exe and run as administrator.