Skip to content

Instantly share code, notes, and snippets.

@bubenkoff
Last active February 14, 2024 21:38
Show Gist options
  • Save bubenkoff/4043130 to your computer and use it in GitHub Desktop.
Save bubenkoff/4043130 to your computer and use it in GitHub Desktop.
Endpoint Security VPN FULL start/stop script for Mac OS X
#!/bin/bash
#
# The reason of creating this script is that Endpoint Security VPN installs it's own application firewall kext cpfw.kext
# which prevents for example PPTP connections from this computer, which is not appropriate if you need subj connection just
# from time to time
#
# Usage: ./checkpoint.sh
#
# The script checks if Enpoint Security VPN is running. If it is, then it shuts it down, if it is not, it fires it up.
# Or, make an Automator action and paste the script.
# You will need sudo power, of course
#
# To prevent Endpoint Security VPN from starting automatically whenever you restart your Mac, edit this file:
# `/Library/LaunchAgents/com.checkpoint.eps.gui.plist`
# And change the values of `RunAtLoad` and `KeepAlive` to `false`
# [Source](https://superuser.com/questions/885273)
SERVICE='Endpoint_Security_VPN'
if pgrep $SERVICE > /dev/null
then
# $SERVICE is running. Shut it down
[ -f /Library/LaunchDaemons/com.checkpoint.epc.service.plist ] && sudo launchctl unload /Library/LaunchDaemons/com.checkpoint.epc.service.plist
[ -d /Library/Extensions/cpfw.kext ] && sudo kextunload /Library/Extensions/cpfw.kext
[ -d '/Applications/Check Point Firewall.app' ] && open -W -n -a '/Applications/Check Point Firewall.app' --args --disable
killall $SERVICE
else
# $SERVICE is not running. Fire it up
[ -f /Library/LaunchDaemons/com.checkpoint.epc.service.plist ] && sudo launchctl load /Library/LaunchDaemons/com.checkpoint.epc.service.plist
[ -d /Library/Extensions/cpfw.kext ] && sudo kextload /Library/Extensions/cpfw.kext
[ -d '/Applications/Check Point Firewall.app' ] && open -W -n -a '/Applications/Check Point Firewall.app' --args --enable
[ -d '/Applications/Endpoint Security VPN.app' ] && open '/Applications/Endpoint Security VPN.app'
fi
@xeroply
Copy link

xeroply commented Dec 26, 2012

This is super helpful! Thanks for sharing! One minor modification: on the second to last line, "2>1 >" should probably be "&>" instead to direct all output (STDERR and STDOUT) to /dev/null. As written, this redirects STDERR to a file in the current working directory named "1".

Copy link

ghost commented Jun 27, 2013

I'm deeply touched by this script. Thanks. Thank you very much. I can finally AirDrop (and much more) again from my Mac again.

You changed my life from now on, until I'll have to deal with this VPN client.

Big Kudos!

@holyjak
Copy link

holyjak commented Jan 16, 2014

I love you! :-)

BTW the process running on my Mac (with the client shut down) was /Library/Application Support/Checkpoint/Endpoint Connect/TracSrvWrapper (my version of the SW is, I believe, Endpoint Security VPN E80 something)

@kamusin
Copy link

kamusin commented Mar 3, 2014

Thank you!

@srohatgi
Copy link

this script is awesome- got connected to my apple tv!!

thanks a bunch

@sevketarslan
Copy link

I can't sign in to our MS Lync when I'm on Checkpoint VPN E80.42 835017303 but when I'm not on VPN, it just connects smoothly. I tried to use this instead but still no luck :/
How did you guys make it work?

@oskarszoon
Copy link

Awesome, worked like a charm on the corporate Macbook

@marcodejongh
Copy link

Yes, this is super awesome!

@phoob
Copy link

phoob commented Mar 9, 2015

Check my fork at https://gist.github.com/phoob/671e65332c86682d5674 – then you don't need "load" or "unload" :) I put this in an Automator app.

@wazum
Copy link

wazum commented May 3, 2017

This should be
/Applications/Endpoint\ Security\ VPN.app/Contents/MacOS/Endpoint_Security_VPN > /dev/null 2>&1 &

@signal-09
Copy link

To avoid redirection (&>/dev/null) and background (&) control operator: open "/Applications/Endpoint Security VPN.app"

@Bombe
Copy link

Bombe commented Nov 16, 2018

For me (macOS 10.13.6, Checkpoint version Ihavenoideaandisureashellwontstartitupagainjusttofindout) it was /Library/Extensions/cpfw.kext, no /System.

@putchi
Copy link

putchi commented Apr 2, 2019

Check my fork at https://gist.github.com/phoob/671e65332c86682d5674 – then you don't need "load" or "unload" :) I put this in an Automator app.

Awesome Thanks! this is working great!

@bubenkoff
Copy link
Author

@phoob updated to your version, thanks

@rradoychev
Copy link

rradoychev commented Jun 1, 2020

Thank you for this. It works like a charm. I needed it because I couldn't mount with NFS (vagrant).

@FrancescoBorzi
Copy link

This is exactly what I needed. Many thanks

@redzumi
Copy link

redzumi commented Aug 10, 2020

Awesome, dude, thanks!

(expo wont work, cuz cpfw block access in lan)

@TNTrocket
Copy link

thanks,guy

@homburg
Copy link

homburg commented Nov 26, 2020

I just upgraded to macOS

But then this scripts does not work anymore and probably needs a new strategy.

For reference I can disable the firewall by disabling the fw network service in network preferences:

Screenshot 2020-11-26 at 10 11 21

But I couldn't find a way to automate it from the command-line (Tried networksetup and systemextensionsctl)

@osteinhauer
Copy link

osteinhauer commented Nov 26, 2020

open -W -n -a /Applications/Check\ Point\ Firewall.app --args --disable
open -W -n -a /Applications/Check\ Point\ Firewall.app --args --enable

or

open -W -n -a /Applications/Check\ Point\ Firewall.app --args --uninstall
open -W -n -a /Applications/Check\ Point\ Firewall.app --args --install

seems to work

@homburg
Copy link

homburg commented Nov 26, 2020

open -W -n -a /Applications/Check\ Point\ Firewall.app --args --disable
open -W -n -a /Applications/Check\ Point\ Firewall.app --args --enable

or

open -W -n -a /Applications/Check\ Point\ Firewall.app --args --uninstall
open -W -n -a /Applications/Check\ Point\ Firewall.app --args --install

seems to work

Works perfectly! Thanks 👍 @osteinhauer

@bubenkoff
Copy link
Author

@osteinhauer updated, thanks

@ptzz
Copy link

ptzz commented Jan 2, 2021

Thanks! I had to fix a missing space on line 25:

[ -d '/Applications/Check Point Firewall.app']

should be

[ -d '/Applications/Check Point Firewall.app' ]

@bubenkoff
Copy link
Author

@ptzz thanks, fixed

@gmonte
Copy link

gmonte commented Jan 12, 2021

You saved my life! Thank you!

@privaloops
Copy link

You saved my life too, thanks a lot ❤️

@DES-Destry
Copy link

@bubenkoff, that was very helpful. Thank you)

@samelm
Copy link

samelm commented Aug 29, 2023

Thank you for this script. But what to do if it keeps asking for password when connecting?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment