I have released an update to this blog post: See CheckPoint SNX install instructions for major Linux distributions
It’s time for Ubuntu 11.10 and the obligatory how to get Checkpoint SSL extender VPN (SNX) working under it.
The first step is to get your username, password and ip address or host name of your snx server from your local administrator. Once you do that you can login and then press the settings link. This will give you a link to the various different clients. In our case we are looking for the “Download installation for Linux” link. Download that and then run it with the following command.
# sh +x snx_install.sh Installation successfull
This is the 64 bit version and I’m installing a 32 bit application, so you’ll need to install the 32 bit libraries and the older version of libstdc if you haven’t all ready.
# uname -p x86_64 # aptitude install ia32-libs libstdc++5
Now let’s check that the required libraries are loaded.
# ldd /usr/bin/snx | grep "not found" libpam.so.0 => not found
This is a new one so a quick check on Google found the answer in of all places the Citrix forum.
Combining the post from Stuart Johnston, and Israel Diaz you get:
# wget http://packages.ubuntu.com/km/precise/i386/libpam0g/download # mkdir tmp # dpkg -x libpam0g_1.1.3-7ubuntu2_i386.deb tmp # cd tmp/lib/i386-linux-gnu/ # cp libpam.so.0.83.0 /lib/i386-linux-gnu # cd /lib/i386-linux-gnu # ln -s libpam.so.0.83.0 libpam.so.0 # ldd /usr/bin/snx
You should now be able to type snx without errors. You only now need to accept the VPN Certificate by loging in via the command line and press “Y”.
user@pc:~$ snx -s my-checkpoint-server -u username Check Point's Linux SNX build XXXXXXXXXXXX Please enter your password: SNX authentication: Please confirm the connection to gateway: my-checkpoint-server VPN Certificate Root CA fingerprint: AAAA BBB CCCC DDD EEEE FFF GGGG HHH IIII JJJ KKKK Do you accept? [y]es/[N]o:
Finally you should be able to use the client and login.