Monitoring and Troubleshooting

Collecting Logs

Each client can collect its logs into a CAB file.

To collect logs on a client:

  1. Click the client icon from the menu bar, and select VPN Options.

  2. Open the Advanced tab.

  3. Make sure Enable Logging is selected.

  4. Reproduce the issue.

  5. Click Collect Logs. This takes some time.

    When the log collection is complete, a Finder window opens with the log location. As an alternative, you can find the log file in /private/tmp.

Endpoint Security VPN Files

Some files in the Endpoint Security VPN installation directory can be useful in troubleshooting. Notice filenames that include trac: Total Remote Access Client. Endpoint Security VPN is a trac version.

Filename

Description

Notes and Location

Endpoint Security VPN.app

Endpoint Security VPN application GUI

In /Applications

cpfw.kext

The Firewall kernel extension bundle.

In /System/Library/Extensions

trac.log*

Logs of the client service actions.

Numbered files are logs saved from the log-roll. The highest number is the oldest. The trac.log file without a number is the latest.

In /var/log

desktop_policy.ini

The desktop policy.

In /Library/Application Support/Check Point/Endpoint Connect/

user_group.ini

Groups that the authenticated user belongs to.

If a user has an issue with permissions, open this file and check the groups listed. The client restricts access if the user belongs to a group with restrictions.

If a user belongs to multiple groups, the policy rules are matched in order. If group A limits permissions of group B, and rule 1 blocks traffic for group A before rule 2 allows that traffic, the user matches rule 1 and that traffic is blocked.

In /Library/Application Support/Check Point/Endpoint Connect/

helpdesk.log

Log of basic actions of the client service.

Logged events include: connect, disconnect, idle, upgrade, and equivalent client actions.

In /Library/Application Support/Check Point/Endpoint Connect/

trac_fwpktlog.log

Log of firewall activity with rule number.

Display firewall packet drops and accepts logs.

In - /Library/Application Support/Check Point/Endpoint Connect/

collect_logs.sh

Collects logs.

If the Collect Logs action did not work (for example, if the computer was shut down before the logs finished collecting), run this script on a client to run the collection and see the verbose output of the log collections.

This script expects one parameter to reflect the resulting archive file name.

In /Library/Application Support/Check Point/Endpoint Connect/

LangPack1.xml

Translated resource files.

If you want to change the language of the client GUI, you can edit this XML file.

The change is applied after the client restarts.

You cannot add more languages to the list of supplied translations, but you can overwrite a language that is not necessary with a different one. For example, below French, you can put Portuguese strings.

In Library/Application Support/Check Point/Endpoint Connect/