search

ancwrd1 / snx-rs

Open Source Linux Client For Check Point VPN Tunnels
GNU Affero General Public License v3.0
116 stars 8 forks source link

Mismatched IP address in the ID payload #35

Closed insidesecurity-yhojann-aguilera closed 3 months ago

insidesecurity-yhojann-aguilera commented 3 months ago

When try connect to VPN says an error:

sudo ./snx-rs -m info -s ...;
Supported tunnel protocols:
    IPSec
    SSL
    L2TP
Available login types:
    vpn_Username_Password (Username Password)
sudo ./snx-rs --user-name ... --password ... --server-name ... --login-type vpn_Username_Password;
Error: Mismatched IP address in the ID payload, expected: ...
sudo ./snx-rs --user-name ... --password ... --server-name ... --login-type vpn_Username_Password;
Error: IPSec authentication failed, status: 0

What is Mismatched IP address in the ID payload, expected and how to see the requests? have a verbose option?

insidesecurity-yhojann-aguilera commented 3 months ago

Thanks, but I'm suspicious. I don't see the source code for that and it has a completely generic name, so I get the impression that it could be malware.

ancwrd1 commented 3 months ago

Hello, you can run it with --log-level trace to see the trace logs. Perhaps the server sends a different address in the identity protection reply. I can disable this check if it causes some issues.

ancwrd1 commented 3 months ago

Should be fixed in version 2.4.1. I have removed this check, it seems to cause some issues with the users.