Unfortunately a bunch of my users (and me, too) suffer from sudden lack of connectivity on macOS 12 with GP 5.2.8-23. It seems like the issue occurs after longer period of user inactivity ( > 8 hours). I haven't found any issue on PAN-OS side and the only solution for time being is to reboot a mac 😞 The issue is not permanent and not repeatable.
I created a support ticket with a lot of debug logs, screenshots, etc. I hope support will find a solution 😞
I meant lack of user's activity on a mac.
BTW a few minutes ago I opened a lid of my macbook and even if I was able to connect to Internet suddenly it suddenly died. However, this time I change of GW was sufficient to bring it to life again.... 😕
I use one of my macs with newest OS however the second one (which is more important) is usually updated long after release. Unfortunately this time I had to reinstall macos and I did it to Monterey, too....**bleep** happens 😞
I recently closed a support ticket in this case.
Information I have got from PANW:
- there is no official bug id for this issue,
- the issue is known and affected versions are from 5.2.8 (as I correctly remember),
- it affects not only macOS but Windows machines, too,
- it is connected to packet fragmentation with in certain circumstances and unfortunately is experienced randomly,
- exact triggering events are not known in details,
- a workaround to this is to DISABLE split tunneling for video traffic (and pray it won't happen 😉 ),
- it will be fixed in 5.2.11 which should be released end of March 2022.
In my infrastructure the issue vanished without any specific reasons. Somehow I connect it to macOS update (12.2.1) but I am unable to confirm and say it for sure.
@jmsepulveda I will be happy to share more information in Zoom or other VC solution if you would like to discuss the case. Just send a message to me.
Hello mates 🙂
GP 5.2.11 was released. I have just installed this and testing.
After reviewing the release notes I have to say it is sooooo huge release: a lot of important fixes especially for functionality of handling DNS, macos, MFA, SAML, split tunneling, local networking....
And they declare they fixed this:
GPC-14453 Fixed an issue where the TCP Option lookup for IP fragmented TCP packets caused the endpoint to lose access to internal resources.
It is not direct solution to the issue I experienced ("internal" not "any" resources) but I hope it will solve this, too.
Share your opinions, plz.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!