GET CONNECTED, NOT INFECTED
Get snx, either by going to your Checkpoint site, clicking
Manual Download for Linux, and running the bash script downloaded, or by going to the
Checkpoint website listed under Links and following the instructions there.
To get snx working properly, we will need to install some prerequisites by doing:
sudo apt-get install icedtea-7-plugin openjdk-7-jre ia32-libs libpam0g:i386
To connect to your Checkpoint site, run
snx -s <your_checkpoint_server> -u <username>, where
<your_checkpoint_server> is the IP (i.e.
192.192.192.66) or DNS name (i.e.
checkpointserver.example.org) of the Checkpoint server, and
<username> is your domain login.
Once connected, you should be able to type
ifconfig, and see a new interface called tunsnx with your VPN IP. You will probably need to remember the IP of at least one computer on the other side of the VPN in order to SSH - your company/school/whatever DNS probably won't resolve to right IP when you connect over VPN. I usually ssh to a "homebase" computer on the other side of the VPN, then ssh to other places as needed.
ssh me@192.192.192.67 - YES ----> ssh me@myworkserver - YES
ssh me@myworkdestop - DOUBTFUL
To disconnect, simply do
sudo ifconfig tunsnx down; sudo pkill snx
For better disconnection, use
snx -d ,as mentioned by
kholis in the comments - thanks!
LINKS
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk65210
http://kenfallon.com/check-point-ssl-network-extender/