Endpoint Security VPN FULL start/stop script for Mac OS X

checkpoint.sh

#!/bin/bash
#
# The reason of creating this script is that Endpoint Security VPN installs it's own application firewall kext cpfw.kext
# which prevents for example PPTP connections from this computer, which is not appropriate if you need subj connection just
# from time to time
#
# Usage: ./checkpoint.sh
#
# The script checks if Enpoint Security VPN is running. If it is, then it shuts it down, if it is not, it fires it up.
# Or, make an Automator action and paste the script.
# You will need sudo power, of course
#
# To prevent Endpoint Security VPN from starting automatically whenever you restart your Mac, edit this file:
# `/Library/LaunchAgents/com.checkpoint.eps.gui.plist`
# And change the values of `RunAtLoad` and `KeepAlive` to `false`
# [Source](https://superuser.com/questions/885273)

SERVICE='Endpoint_Security_VPN'

if pgrep $SERVICE > /dev/null
then
    # $SERVICE is running. Shut it down
    [ -f /Library/LaunchDaemons/com.checkpoint.epc.service.plist ] && sudo launchctl unload /Library/LaunchDaemons/com.checkpoint.epc.service.plist
    [ -d /Library/Extensions/cpfw.kext ] && sudo kextunload /Library/Extensions/cpfw.kext
    [ -d '/Applications/Check Point Firewall.app' ] && open -W -n -a '/Applications/Check Point Firewall.app' --args --disable
    killall $SERVICE
else
    # $SERVICE is not running. Fire it up
    [ -f /Library/LaunchDaemons/com.checkpoint.epc.service.plist ] && sudo launchctl load /Library/LaunchDaemons/com.checkpoint.epc.service.plist
    [ -d /Library/Extensions/cpfw.kext ] && sudo kextload /Library/Extensions/cpfw.kext
    [ -d '/Applications/Check Point Firewall.app' ] && open -W -n -a '/Applications/Check Point Firewall.app' --args --enable
    [ -d '/Applications/Endpoint Security VPN.app' ] && open '/Applications/Endpoint Security VPN.app'
fi

Check my fork at https://gist.github.com/phoob/671e65332c86682d5674 – then you don't need "load" or "unload" :) I put this in an Automator app.

This should be
/Applications/Endpoint\ Security\ VPN.app/Contents/MacOS/Endpoint_Security_VPN > /dev/null 2>&1 &

To avoid redirection (&>/dev/null) and background (&) control operator: open "/Applications/Endpoint Security VPN.app"

For me (macOS 10.13.6, Checkpoint version Ihavenoideaandisureashellwontstartitupagainjusttofindout) it was /Library/Extensions/cpfw.kext, no /System.

Check my fork at https://gist.github.com/phoob/671e65332c86682d5674 – then you don't need "load" or "unload" :) I put this in an Automator app.

Awesome Thanks! this is working great!

@phoob updated to your version, thanks

Thank you for this. It works like a charm. I needed it because I couldn't mount with NFS (vagrant).

This is exactly what I needed. Many thanks

Awesome, dude, thanks!

(expo wont work, cuz cpfw block access in lan)

thanks，guy

I just upgraded to macOS

• Big Sur 11.0.1
• Checkpoint version E84.30 (Early Availability)

But then this scripts does not work anymore and probably needs a new strategy.

For reference I can disable the firewall by disabling the fw network service in network preferences:

But I couldn't find a way to automate it from the command-line (Tried networksetup and systemextensionsctl)

open -W -n -a /Applications/Check\ Point\ Firewall.app --args --disable
open -W -n -a /Applications/Check\ Point\ Firewall.app --args --enable

or

open -W -n -a /Applications/Check\ Point\ Firewall.app --args --uninstall
open -W -n -a /Applications/Check\ Point\ Firewall.app --args --install

seems to work

open -W -n -a /Applications/Check\ Point\ Firewall.app --args --disable
open -W -n -a /Applications/Check\ Point\ Firewall.app --args --enable

or

open -W -n -a /Applications/Check\ Point\ Firewall.app --args --uninstall
open -W -n -a /Applications/Check\ Point\ Firewall.app --args --install

seems to work

Works perfectly! Thanks 👍 @osteinhauer

@osteinhauer updated, thanks

Thanks! I had to fix a missing space on line 25:

[ -d '/Applications/Check Point Firewall.app']

should be

[ -d '/Applications/Check Point Firewall.app' ]

@ptzz thanks, fixed

You saved my life! Thank you!

You saved my life too, thanks a lot ❤️

@bubenkoff, that was very helpful. Thank you)

Thank you for this script. But what to do if it keeps asking for password when connecting?