Tuesday, September 25, 2012

E75.x Endpoint Connect Client: decrypting config file

Endpoint Connect is quite different from SecureClient, you know that. Latter has VPN site configuration in users.C file, and by default it is stored as cleartext.

E75.X client stores VPN configuration on Trac.conf file, and it is encrypted by default. If you are trying to troubleshoot some site creation issues or just curious, it might be interesting to be able to decrypt the configuration file.

This is what you need to do:

1. Login to your laptop as an administrator and locate E75.X files. Usually they are under %Program Files/CheckPoint/Endpoint Connect/ folder. Find there Trac.defaults file

2. Stop VPN client (close GUI) and then stop Check Point Endpoint Security VPN service

3. Open Trac.defaults file to edit, find OBSCURE_FILE parameter and change its value from 1 to 0.

4. Start VPN service and then the client. Trac.config file is now readable.

9 comments:

  1. Any change this blogpost was triggered due to issues of endpoint E75 corrupting Trac.config ?

    I've had 4 cases during the past 2 weeks where this has happened on osx clients.

    ReplyDelete
  2. No. This entry is just working notes, like others in this blog. If there is a specific issue related to any of them, I mention it explicitly.

    ReplyDelete
  3. You rock!!! Thanks a lot!!! Now I just need to find out how to use it with Shrew

    ReplyDelete
  4. have you managed to setup Shrew? how can we extract the cert from Endpoint Connect Client so we can use an alternative client?

    ReplyDelete
    Replies
    1. you cannot replace endpoint connect with a third party. you can forget shrew with check point.

      Delete
  5. Good day,

    I am using vr. R73 and something wrong with the partition of my Laptop HD so we cannot open the windows even we go in safe mode.
    We send the Internal HD to the recovery center but they cannot see any files in the HD and I remember if u going to remove the HD in the laptop its automatic encrypted. So what I need to do is to Decrypt the HD to get files inside my Laptop HD.

    ReplyDelete
    Replies
    1. Hi Mark, the best is to address your issue to Check Point support right away.

      Delete
  6. Very informative and It was an awesome post. I love reading your fantastic content. Thanks for sharing it with us. We are so greatful to your sharing.VPN Client Pro v1.00.80

    ReplyDelete