06-26-2024 01:58 AM
Apple Firewall:
Global Protect HIP:
06-26-2024 03:52 PM
Can you check what report is generated by the GP and then what is being sent to the firewall?
Take any user using that MAC version, and generate a dump report on the firewall CLI. Compare that with the previous MAC OS version, and notice the difference between the report generated and the report sent.
As such, I am not seeing anything reported yet, so once you have done the comparison and are convinced that this might be a bug, open a case and attach the collected logs and reports there.
Below are a few KB articles that you can follow:
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClshCAC
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000boP1CAI
06-26-2024 04:17 PM - edited 06-26-2024 04:19 PM
Keep in mind that Sequoia is in beta and GlobalProtect isn't officially supported on this version of macOS yet. PAN will need to make some changes to facilitate this change, but if you open a support ticket you'll likely end up with the same response that I just gave you. For stuff like this, reaching out to your account team is what I personally find more useful so they can work internally to make sure engineers are aware of the issue without filtering through layers of support to just be told that betas aren't fully supported.
Should likely add, this is reproducible and isn't limited to you.
07-23-2024 12:43 AM
Thanks for the article links, I will check them.
07-23-2024 06:57 AM
FWIW I was able to manually work around the firewall check but I haven't been able to figure out a way to work around the packet filter check. For the firewall, if you have an old copy of the alf plist file (/Library/Preferences/com.apple.alf.plist) you can manually set the global state flag as that is what global protect looks for it appears. I would love to figure out how to get around the packet filter but so far no luck.
10-22-2024 03:00 PM
All sorts of issues with Sequoia's Firewall. SSL/DNS/RDP/TimeMachine Backups - Google it. Looks like it has been resolved in Mac OS 15.1 RC (24B82).
I know because I have just upgraded to that and the issues are no longer there.
You need to enable beta updates on the Mac to get the RC or wait for the official release.
Oh and no word of acknowledgment from Apple.
Adrian.
10-23-2024 01:21 AM
Hi Losdelrock
thank you for sharing this.
I will try this today
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
