Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

GlobalProtect client for macOS 12 Monterey

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

GlobalProtect client for macOS 12 Monterey

L0 Member

Anyone know if/when there will be support of GlobalProtect running on macOS 12/Monterey?

13 REPLIES 13

L5 Sessionator

As of guidance last week, we are targeting Monterey for late 5.2.10 (ish) release. 

 

That would put you in the end of December early January timeframe. Usual disclaimer applies of this isn't a promise etc.

Help the community! Add tags and mark solutions please.

Cyber Elite
Cyber Elite

@remillet,

Outside of it being officially supported by PAN, the current 5.2.8 agent is working on our macOS Monterey clients without any issues. 

Agree with @BPry ,

 

So var we have only one user running MacOS 12, but without issues for 5.2.7 and 5.2.8 - well except for the known bug with HIP report and ARM chips - GPC-13870

L1 Bithead

Hello mates.

 

 Unfortunately a bunch of my users (and me, too) suffer from sudden lack of connectivity on macOS 12 with GP 5.2.8-23. It seems like the issue occurs after longer period of user inactivity ( > 8 hours). I haven't found any issue on PAN-OS side and the only solution for time being is to reboot a mac 😞 The issue is not permanent and not repeatable.  

I created a support ticket with a lot of debug logs, screenshots, etc. I hope support will find a solution 😞

M

@MarcinSt 

Just generally curious, but why do you have situations where you have a tunnel staying inactive for greater than eight hours without being cleared on the firewall or closed by the agent? 

@BPry 

 I meant lack of user's activity on a mac.

BTW a few minutes ago I opened a lid of my macbook and even if I was able to connect to Internet suddenly it suddenly died. However, this time I change of GW was sufficient to bring it to life again.... 😕

I use one of my macs with newest OS however the second one (which is more important) is usually updated long after release. Unfortunately this time I had to reinstall macos and I did it to Monterey, too....**bleep** happens 😞

M

5.2.10 has been released.  I don't see any explicit statements in the fixes for either Monterey or Windows 11.  Any thoughts?

Nevermind, I answered my own question.  The compatibility matrix has been updated.  Yay!

Where Can I Install the GlobalProtect App? (paloaltonetworks.com)

L1 Bithead

Hello everybody.

 

 I wanted to share that even if I migrated to 5.2.10 same issue still occurs. I found a user who is disconnected once-twice daily (win10). Then during chat with another user he was disconnected twice. GP logs collected, support ticket re-opened 😕

 

M

L1 Bithead
Hello, is there a solution for this?, we have some clients with the same problem in 5.2.10 with monterey

L1 Bithead

Hello @jmsepulveda 

 I recently closed a support ticket in this case. 

Information I have got from PANW:

- there is no official bug id for this issue,

- the issue is known and affected versions are from 5.2.8 (as I correctly remember),

- it affects not only macOS but Windows machines, too,

- it is connected to packet fragmentation with in certain circumstances and unfortunately is experienced randomly,

- exact triggering events are not known in details,

- a workaround to this is to DISABLE split tunneling for video traffic (and pray it won't happen 😉 ),

- it will be fixed in 5.2.11 which should be released end of March 2022.

 

In my infrastructure the issue vanished without any specific reasons. Somehow I connect it to macOS update (12.2.1) but I am unable to confirm and say it for sure.

 

@jmsepulveda I will be happy to share more information in Zoom or other VC solution if you would like to discuss the case. Just send a message to me.

 

Regards everybody.

M

hello thanks for the information, they did not tell you if this was solved in version 6?, I understand that it is not a preferred version yet, but it can be an alternative

L1 Bithead

Hello mates 🙂

GP 5.2.11 was released. I have just installed this and testing.

After reviewing the release notes I have to say it is sooooo huge release: a lot of important fixes especially for functionality of handling DNS, macos, MFA, SAML, split tunneling, local networking....

And they declare they fixed this:

 

GPC-14453 Fixed an issue where the TCP Option lookup for IP fragmented TCP packets caused the endpoint to lose access to internal resources.

 

It is not direct solution to the issue I experienced ("internal" not "any" resources) but I hope it will solve this, too.

Share your opinions, plz.

 

Regards 🙂 

M
  • 14939 Views
  • 13 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!