Support Center > Search Results > SecureKnowledge Details
Mobile Access Blade's SMS OTP feature does not work after upgrade to Gaia R75.40 when configured to work via e-mail Technical Level
  • Mobile Access Blade's SMS OTP feature does not work after upgrade to Gaia R75.40 when configured use an email interface ('mail: ...').

  • SmartView Tracker shows the following logs:

    Type: Log 
    Action: Reject 
    Product: Mobile Access 
    Reason: Failed to send an SMS with a verification code. 
    Mobile Access Category: Session 
    Authentication Method: Undefined 
    Authentication Status: Failure

The feature uses Linux's sendmail command-line utility.

On SecurePlatform OS, there is only one copy of the utility - located in $FWDIR/bin/.

On Gaia OS, there are two copies of the utility, which have different incomatible syntax:

  • one copy is located in $FWDIR/bin/
  • second copy is located in /usr/sbin/, which has higher priority in the path lookup order


This problem was fixed. The fix is included in:

Check Point recommends to always upgrade to the most recent version (upgrade Security Gateway / upgrade VSX / upgrade Security Management Server / upgrade Multi-Domain Security Management Server).


In R75.40 version, as an immeditated workaround, modify the $CVPNDIR/bin/sendsms script to explicitly use the $FWDIR/bin/sendmail:

  1. Connect to command line on Mobile Access gateway running on Gaia R75.40 (over SSH, or console).

  2. Log in to Expert mode.

  3. Backup the current '$CVPNDIR/bin/sendsms' script:

    [Expert@HostName]# cp -v $CVPNDIR/bin/sendsms  $CVPNDIR/bin/sendsms_ORIGINAL

  4. Edit the current '$CVPNDIR/bin/sendsms' script:

    [Expert@HostName]# vi $CVPNDIR/bin/sendsms

  5. Add the following line as the second line of the script:


  6. Change the following line:

    printf "$format\n" | sendmail -t "$SMTPSERVER" -s "$SUBJECT" -f "$FROM" "$TO"
    printf "$format\n" | "$SENDMAIL" -t "$SMTPSERVER" -s "$SUBJECT" -f "$FROM" "$TO"
  7. Save the changes and exit from Vi editor.

  8. There is no need to restart any services, or install the policy.


Related solution: sk56701 ('internal_sendmail' command does not work as expected when configured in 'Run UserDefined script' fields in SmartDashboard 'Global Properties').

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.
This solution is about products that are no longer supported and it will not be updated
Applies To:
  • 00261760 , 00895008 , 00895753

Give us Feedback
Please rate this document