search

ruyrybeyro / chrootvpn

Checkpoint R80+ VPN client chroot wrapper
Apache License 2.0
135 stars 21 forks source link

SSL Network Extender VPN Auto Closes after Connecting on Ubuntu 22.04.1 LTS #9

Closed vunhattruong closed 1 year ago

vunhattruong commented 1 year ago

Hi @ruyrybeyro, Thanks for your effort to bring the checkpoint VPN to Ubuntu OS.

I'm facing an issue with auto close pop-up SSL Network Extender windows when VPN has just expired and re-connect again, If you click on "connect" the pop-up of the network-extender opens, and it shows "initializing" and after a few seconds the window disappears and you can click on connect again.

But this will be resolved if you restart the laptop/PC and then this will happen again if the connection is expired.

Do you know how to fix this?

Thanks @ruyrybeyro.

ruyrybeyro commented 1 year ago

Hi @vunhattruong,

When it happens, instead of a system restart, try the command:

vpn.sh restart

Try also using browser's Incognito mode. Perhaps it's a cached session issue.

Regards

ruyrybeyro commented 1 year ago

Try also using browser's Incognito mode. Perhaps it's a cached session issue.

vunhattruong commented 1 year ago

Hi @ruyrybeyro,

I have tried the command vpn.sh restart and used the browser's Incognito mode but it's not working :(

ruyrybeyro commented 1 year ago

I suspect the issue being on the Checkpoint side.

Can you get the last vpn.sh at https://raw.githubusercontent.com/ruyrybeyro/chrootvpn/main/vpn.sh and maybe the last lines of the output of the following command hopefully will hold a clue:

vpn.sh log
vunhattruong commented 1 year ago

Yep, I got the latest vpn.sh and the last lines of the log as below: `14/12/2022 10:36:33 INFO [global] (Log log) [CShell] Initialized successfully 14/12/2022 10:36:33 SEVERE [CpComponent] (CpComponent run) Failed to get response from SNX. java.io.EOFException at java.base/java.io.DataInputStream.readUnsignedByte(DataInputStream.java:295) at PaddedReader.readInt(PaddedReader.java:52) at PipeMessage.readMessage(PipeMessage.java:44) at CpComponent.run(CpComponent.java:208) at java.base/java.lang.Thread.run(Thread.java:829)

14/12/2022 10:36:34 INFO [CShellHTTPHandler] (CShellHTTPHandler proceedHandleRequest) Method name: get_is_connected 14/12/2022 10:36:34 INFO [CShellHTTPHandler] (CShellHTTPHandler proceedHandleRequest) Method name: get_finished ` Hope this help, do you want more lines of the log for the details?

ruyrybeyro commented 1 year ago

per the logs, snx died for some reason.

Whilst I still suspect it is not on the client side, would it happen if you delete and reinstall everything again?

Try these commands and let's see if it happens again.

vpn.sh uninstall
vpn.sh -i
vunhattruong commented 1 year ago

Hi @ruyrybeyro, I have reinstalled it as you mention above but the issue is still the same. Then I restarted the system again and it worked :). Not sure what happen.

The latest log: `14/12/2022 11:07:57 INFO [global] (Log log) [Launcher] Launching env 14/12/2022 11:07:57 INFO [global] (Log log) [CShell] Initiated applications data base successfully 14/12/2022 11:07:57 INFO [CShellHTTPHandler] (CShellHTTPHandler proceedHandleRequest) Method name: Initialize 14/12/2022 11:07:57 INFO [global] (Log log) [CShell] Initializing... (for SNX=true) 14/12/2022 11:07:57 INFO [global] (Log log) [Director] Selected Client is SNX Network Mode 14/12/2022 11:07:57 INFO [global] (Log log) [Director] SNX Network Mode will be used 14/12/2022 11:07:57 INFO [global] (Log log) [Component] Checking local version. 14/12/2022 11:07:57 INFO [global] (Log log) [Component] Version file or exe file not found 14/12/2022 11:07:57 INFO [global] (Log log) [Launcher] Launching /usr/bin/snx -h 14/12/2022 11:07:57 INFO [global] (Log log) [Component] Component already installed, no need to d/l 14/12/2022 11:07:57 INFO [global] (Log log) [SNXNetMode] Checking communication to SNX Network Mode 14/12/2022 11:07:57 INFO [CpComponent] (CpComponent initPipe) Trying to create socket to 127.0.0.1:7776 14/12/2022 11:07:57 WARNING [CpComponent] (CpComponent initPipe) Could not connect java.net.ConnectException: Connection refused (Connection refused) at java.base/java.net.PlainSocketImpl.socketConnect(Native Method) at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:412) at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:255) at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:237) at java.base/java.net.Socket.connect(Socket.java:609) at java.base/java.net.Socket.connect(Socket.java:558) at CpComponent.initPipe(CpComponent.java:100) at SNXNMComponent.initPipe(SNXNMComponent.java:421) at SNXNMComponent.checkCommunications(SNXNMComponent.java:499) at SNXNMComponent.checkCommunications(SNXNMComponent.java:477) at CpComponent.connect(CpComponent.java:138) at ClientDirector.InstallAndConnectClient(ClientDirector.java:151) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at CpIs$1.run(CpIs.java:779) at java.base/java.security.AccessController.doPrivileged(Native Method) at CpIs.runPrivilegedMethod(CpIs.java:773) at StandAloneCShell.InitializeCShell(StandAloneCShell.java:696) at StandAloneCShell.InitializeCShell(StandAloneCShell.java:660) at StandAloneCShell.Initialize(StandAloneCShell.java:653) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at CShellServerUtils$3.run(CShellServerUtils.java:94) at java.base/java.security.AccessController.doPrivileged(Native Method) at CShellServerUtils.runPrivilegedMethodUnsafely(CShellServerUtils.java:89) at CShellHTTPHandler.proceedHandleRequest(CShellHTTPHandler.java:116) at CShellHTTPHandler.mabHandle(CShellHTTPHandler.java:57) at MabHandler.handle(MabHandler.java:27) at org.eclipse.jetty.server.handler.HandlerList.handle(HandlerList.java:52) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) at org.eclipse.jetty.server.Server.handle(Server.java:459) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:281) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:232) at org.eclipse.jetty.io.AbstractConnection$1.run(AbstractConnection.java:505) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:607) at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:536) at java.base/java.lang.Thread.run(Thread.java:829)

14/12/2022 11:07:57 INFO [CpComponent] (CpComponent initPipe) Trying to create socket to 127.0.0.1:5555 14/12/2022 11:07:57 WARNING [CpComponent] (CpComponent initPipe) Could not connect java.net.ConnectException: Connection refused (Connection refused) at java.base/java.net.PlainSocketImpl.socketConnect(Native Method) at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:412) at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:255) at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:237) at java.base/java.net.Socket.connect(Socket.java:609) at java.base/java.net.Socket.connect(Socket.java:558) at CpComponent.initPipe(CpComponent.java:100) at SNXNMComponent.initPipe(SNXNMComponent.java:425) at SNXNMComponent.checkCommunications(SNXNMComponent.java:499) at SNXNMComponent.checkCommunications(SNXNMComponent.java:477) at CpComponent.connect(CpComponent.java:138) at ClientDirector.InstallAndConnectClient(ClientDirector.java:151) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at CpIs$1.run(CpIs.java:779) at java.base/java.security.AccessController.doPrivileged(Native Method) at CpIs.runPrivilegedMethod(CpIs.java:773) at StandAloneCShell.InitializeCShell(StandAloneCShell.java:696) at StandAloneCShell.InitializeCShell(StandAloneCShell.java:660) at StandAloneCShell.Initialize(StandAloneCShell.java:653) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at CShellServerUtils$3.run(CShellServerUtils.java:94) at java.base/java.security.AccessController.doPrivileged(Native Method) at CShellServerUtils.runPrivilegedMethodUnsafely(CShellServerUtils.java:89) at CShellHTTPHandler.proceedHandleRequest(CShellHTTPHandler.java:116) at CShellHTTPHandler.mabHandle(CShellHTTPHandler.java:57) at MabHandler.handle(MabHandler.java:27) at org.eclipse.jetty.server.handler.HandlerList.handle(HandlerList.java:52) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) at org.eclipse.jetty.server.Server.handle(Server.java:459) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:281) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:232) at org.eclipse.jetty.io.AbstractConnection$1.run(AbstractConnection.java:505) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:607) at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:536) at java.base/java.lang.Thread.run(Thread.java:829)

14/12/2022 11:07:57 INFO [global] (Log log) [SNXNetMode] Could not connect to SNX Network Mode, probably not installed. 14/12/2022 11:07:57 INFO [global] (Log log) [Launcher] Launching /usr/bin/snx -Z 14/12/2022 11:07:58 INFO [CpComponent] (CpComponent initPipe) Trying to create socket to 127.0.0.1:7776 14/12/2022 11:07:58 INFO [global] (Log log) [SNXNetMode] Successfully connected to SNX Network Mode. 14/12/2022 11:07:58 INFO [global] (Log log) [SNXNetMode] Connection to SNX Network Mode is ok .... 14/12/2022 11:08:03 INFO [TunnelChecker] (TunnelChecker start) Do not start Tunnel Checker for Legacy Portal
14/12/2022 11:08:03 INFO [CpComponent] (CpComponent run) Client is connected 14/12/2022 11:08:04 INFO [CShellHTTPHandler] (CShellHTTPHandler proceedHandleRequest) Method name: get_used_client 14/12/2022 11:08:04 INFO [CShellHTTPHandler] (CShellHTTPHandler proceedHandleRequest) Method name: get_office_mode_ip 14/12/2022 11:08:04 INFO [CShellHTTPHandler] (CShellHTTPHandler proceedHandleRequest) Method name: get_server_cn `

ruyrybeyro commented 1 year ago

The new logs seem fine.

Maybe some component was badly installed due to flaky connections or a firmware update on the Checkpoint side installed new SNX/CShell versions.

Glad to know it is fixed.

vunhattruong commented 1 year ago

Yay, thanks @ruyrybeyro a lot!