11-01-2024 02:46 PM
Hello everyone,
After users update the Global Protect VPN client from version 6.2.4 to 6.2.5, all users get "fdesetup" popup on their macOS devices, please see the attached.
It does not matter if the user clicks OK or "Don't Allow", the popup comes back again and again and it is annoying. And by clicking OK, it actually does not encrypt the drive or do anything.
Looks like the command "fdesetup" is deprecated by Apple.
The only fix so far is to downgrade the client app back to 6.2.4.
Reference to the "fdesetup" command:
https://support.apple.com/guide/deployment/manage-filevault-with-mdm-dep0a2cb7686/web
Please advise.
Thanks,
Otar
11-18-2024 05:17 AM
We decided to update the GP client to version 6.3 and it resolved an issue. Looks like 6.2.5 has a bug and in later versions it is fixed.
11-01-2024 03:00 PM
This appears to be a bug in GlobalProtect that you might want to report just so that they're getting more tickets about it and therefore more eyes onto the matter. So far, I've only been able to replicate the issue if you have FileVault disabled for some reason. I haven't had reports of this popping up when FileVault is enabled and I haven't been able to replicate on any FileVault enabled machines.
11-01-2024 03:17 PM
That is correct, we are getting complaints only from the users who do not have FileVault enabled.
11-14-2024 12:22 AM
Could this be the issue / fix in 6.2.6:
GPC-21247: Fixed an issue where GlobalProtect HIP set the Filevault encryption status to unencrypted on macOS running devices, which denied access to the end-point machines.
11-17-2024 08:31 PM
MacOS GlobalProtect upgraded 6.1.4 to 6.2.5.
I also encountered the same problem. ==It does not matter if the user clicks OK or "Don't Allow", the popup comes back again and again and it is annoying. And by clicking OK, it actually does not encrypt the drive or do anything.
11-18-2024 05:17 AM
We decided to update the GP client to version 6.3 and it resolved an issue. Looks like 6.2.5 has a bug and in later versions it is fixed.
11-18-2024 05:22 AM
Could be. We did not test that 6.2.6 version, we decided to go with version 6.3 and it resolved the issue, no more fdesetup popups since the update.
12-16-2024 09:06 AM
This solution does not work for me. The only download is from our company portal where 6.2 is the download. There doesn't appear to be anywhere to download an old build or force download 6.3.
Is there any other resolution to this? I have no control over the company portal.
Any way to download 6.3 directly? Any change to a config file somewhere to stop it checking for FileVault???
12-16-2024 11:37 AM
I would recommend to ask your Cyber or Network team (whoever has access to the Palo Alto portal) and provide you with the 6.3 version or ask them to push 6.3 version via the portal update.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
