FDESetup popup after Global Protect client update on macOS

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

FDESetup popup after Global Protect client update on macOS

L1 Bithead

Hello everyone,

 

After users update the Global Protect VPN client from version 6.2.4 to 6.2.5, all users get "fdesetup" popup on their macOS devices, please see the attached.

 

It does not matter if the user clicks OK or "Don't Allow", the popup comes back again and again and it is annoying. And by clicking OK, it actually does not encrypt the drive or do anything.

 

Looks like the command "fdesetup" is deprecated by Apple.

 

The only fix so far is to downgrade the client app back to 6.2.4.

 

Reference to the "fdesetup" command: 

https://support.apple.com/guide/deployment/manage-filevault-with-mdm-dep0a2cb7686/web

 

Please advise.

 

Thanks,

Otar

 

 

 

 

1 accepted solution

Accepted Solutions

L1 Bithead

We decided to update the GP client to version 6.3 and it resolved an issue. Looks like 6.2.5 has a bug and in later versions it is fixed.

View solution in original post

9 REPLIES 9

L1 Bithead

Additional screenshot for the process

Cyber Elite
Cyber Elite

@Otar_Chomakhidze,

This appears to be a bug in GlobalProtect that you might want to report just so that they're getting more tickets about it and therefore more eyes onto the matter. So far, I've only been able to replicate the issue if you have FileVault disabled for some reason. I haven't had reports of this popping up when FileVault is enabled and I haven't been able to replicate on any FileVault enabled machines.

That is correct, we are getting complaints only from the users who do not have FileVault enabled. 

L0 Member

Could this be the issue / fix in 6.2.6:
GPC-21247: Fixed an issue where GlobalProtect HIP set the Filevault encryption status to unencrypted on macOS running devices, which denied access to the end-point machines.

L1 Bithead

MacOS GlobalProtect upgraded 6.1.4 to 6.2.5.

 

I also encountered the same problem. ==It does not matter if the user clicks OK or "Don't Allow", the popup comes back again and again and it is annoying. And by clicking OK, it actually does not encrypt the drive or do anything.

 

 

Future

L1 Bithead

We decided to update the GP client to version 6.3 and it resolved an issue. Looks like 6.2.5 has a bug and in later versions it is fixed.

Could be. We did not test that 6.2.6 version, we decided to go with version 6.3 and it resolved the issue, no more fdesetup popups since the update.

L0 Member

This solution does not work for me. The only download is from our company portal where 6.2 is the download. There doesn't appear to be anywhere to download an old build or force download 6.3.

 

Is there any other resolution to this? I have no control over the company portal.

 

Any way to download 6.3 directly? Any change to a config file somewhere to stop it checking for FileVault???

I would recommend to ask your Cyber or Network team (whoever has access to the Palo Alto portal) and provide you with the 6.3 version or ask them to push 6.3 version via the portal update.

  • 1 accepted solution
  • 4366 Views
  • 9 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!