Failed to generate the rulebase Operation ended with. ENDPOINT SECURITY. The Topology information must be configured for object Security. Supported any more). 4.0/4.1, Ports used by Check Point VPN-1/FireWall-1 4.x (not supported any more). R54/R55, Installation fails on patched Sun Solaris 8 or 9. R70, Endpoint Connect cannot download Topology.
i am using a Checkpoint R6 HFA_70 Cluster with a lot of VPN Clients.I use both the Apple VPN client (L2TP over IPSec in Network preferences) and Checkpoint Endpoint Security client to connect to work.
I installed Yosemite last night and today I can not connect to work using VPN. It connects to the server but fails.
The Checkpoint software gives a bit more feedback: 'Connection Failed: Enforce Firewall Policy failed'. This occurs after authentication of my username/password.
Both clients work fine on my MacBook which still has Mavericks.
Suggestions?
Mac mini, OS X Yosemite (10.10)
I think the unerlying issue is that Yosemite will not load kext (kernel extensions) unless they are signed by an authorized kernel extension developer. However in 10.8 and earlier, kexts could not be signed and signed kexts for 10.9+ will not load in <10.9.
I experienced the same issue loading unsigned tuntaposx for the vpnc cisco client.
You can override this behavior and allow the cpfw.kext to load in Yosemite by putting your computer into kext developer mode. This essentially reverts to the 10.9 behavior by allowing unsigned kexts to load.
Now reboot and your kext should load.
You can revert by doing this:
According to the debug logs this is related to a problem with loading /System/Library/Extensions/cpfw.kext
Deleting the site and re-creating it does not fix this problem.
Uninstalling and re-installing the Check Point Endpoint Security client (version E75.01) worked for me too and I am using a static IP (not DHCP) on my mac mini.
Note about uninstalling the Endpoint Security client E75.x and newer: Open the original DMG package you used to install the client and launch the Uninstaller shown. If you get an error message about your security settings not allowing non-appstore apps or untrusted applications from launching, hold down the Control key and then click on the Uninstaller. Selecting Open at this point will allow the Uninstaller to run.
I did confirm the uninstall removed and the reinstall did create a new /System/Library/Extensions/cpfw.kext file. Windows server 2008 remote desktop license crack. I did not have to reboot but note I did shutdown the client before running the uninstaller.
However this may be a temporary fix as there is a Checkpoint Forum entry about another person who has also encountered this problem and has fixed it by uninstalling and installing but on a reboot the problem came back for them. That person tried versions E80.41 and E80.42. See https://forums.checkpoint.com/forums/thread.jspa?threadID=21491&tstart=0
Another Check Point Mac VPN Yosemite thread is reporting similar issues where some claim their client still works after a reboot but others, including the author of the above thread, who continue to see the problem return after a reboot: https://forums.checkpoint.com/forums/thread.jspa?threadID=21181&tstart=0
Version 80.60 has been released by Checkpoint. It works for me so far.
Download from: Endpoint Security VPN for Mac E80.60
Brian's answer regarding kext developer mode also worked.
I set my Wifi to DHCP instead of static IP, then VPN worked for me.
I completly removed Check Point Endpoint Security client (version E80.42), rebooted computer and installed it again. Now it works ok. My WiFi is getting IP from router via DHCP.
I just re-installed Endpoint Security E75.01 after closing it (not un-installing it) and it worked correctly again.
Same thing is happening here. L2TP VPN fails if I have a static IP. If I switch to DHCP it works. I'm connecting to a Sonicwall NSA4500.
Fun bug, Apple. Hope it gets resolved in 10.10.1.
I tried the suggested solutions and they did not correct my issue. I reinstalled Yosemite to get my Apple IPSec client to work. The issue returned so I also turned off automatic updates for the OS and all applications. So far the issue has not returned for a third visit.
As of Yosemite 10.10.2 it seems Apple fixed the bug.
Thank you for your interest in this question. Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).
Would you like to answer one of these unanswered questions instead?