Search Results

Agent error code #CHKP002 indicates that the Knocknoc agent opened a connection to the Check Point gateway but could not establish a trusted TLS session. The gateway's certificate was not accepted by the agent host. Common causes include: The gateway presents...

Agent error code #CHKP003 indicates that the Check Point gateway rejected the shared secret the Knocknoc agent presented to the Identity Awareness Web API. The gateway returned an explicit "wrong password" response. This is distinct from #CHKP004, where the se...

Agent error code #CHKP004 indicates that the Check Point gateway recognised the shared secret but refused the request because the agent connected from an IP address the Identity Web API client does not accept. The Identity Web API enforces a source-IP allow-li...

Agent error code #CHKP005 indicates that the Check Point gateway refused the request with a bare HTTP 404 or 403 and no specific error code in the body. The gateway gives the same response whether the shared secret is wrong or the agent's source IP is not auth...

Agent error code #CHKP050 indicates that the Knocknoc agent's request to register a user's identity on the Check Point gateway was rejected, and the rejection did not match a more specific cause. This is the generic "push failed" code. When Knocknoc can identi...

Agent error code #CHKP051 indicates that the Knocknoc agent's request to remove a user's identity from the Check Point gateway was rejected on grant revocation or logout. A "not found" response on removal is not treated as this error. If the identity is alread...

Agent error code #CHKP052 indicates that the Access Role configured on the Knoc does not correspond to an Access Role object on the Check Point gateway. Knocknoc never creates or modifies Access Roles. It only assigns an existing role to authenticated user IPs...

Agent error code #CHKP053 indicates that the Check Point gateway's response showed the Identity Awareness blade is not active. Without that blade the Identity Web API is not served, so Knocknoc cannot register identities. A bare 404 or 403 without a clear "ide...

Agent error code #CHKP054 indicates that the per-identity session timeout Knocknoc sent with the identity was below the minimum the Check Point gateway will accept. The gateway rejected the registration as a result. When Knocknoc registers an identity it sets ...

Agent error code #CHKP400 indicates that the Knocknoc agent received a response from the configured endpoint that it could not parse as an Identity Web API reply. This almost always means the Gateway Hostname or its port is pointing at something that is not th...

Agent error code #CHKP401 indicates that the Check Point gateway returned a server error (HTTP 5xx) in response to an Identity Web API request. The request reached the API but the gateway failed to process it on its side. Unlike the 4xx-class errors, this is a...

Knocknoc 26.06 is one of our largest releases yet! Six new platform integrations, a native iOS app, improved CGNAT handling, SAML validation for Admins along with admin-group provisioning, smarter self-healing orchestration agents for less-reliable control lay...

Knocknoc can refuse a grant when threat intelligence flags the connecting IP address. When that happens the grant is recorded as blocked rather than granted, and the user is told their access was refused. An administrator who trusts the connection can override...