This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Global Protect not working MacOS with Xfinity

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Global Protect not working MacOS with Xfinity

IamgROOT
L0 Member

‎12-08-2023 08:49 AM

Hello,

 

I have a few users who have MacOS where GP works everywhere else except on their home Xfinity network, including me on my own Mac when I didn't believe them at first. From what I can tell from the small amount of users, it only affects newer Mac's running Ventura or Sonoma. I have tried 2 different versions of GP clients, 5.2.x (Ventura) and 6.1.x(Ventura and Sonoma). The client says connected but users are unable to connect to any resources through the VPN. I tried looking at debug/dump logs but ill admit I am not sure what I need to be looking at exactly to identify why this only occurs on Xfinity home networks.

 

I tried changing the MTU, using a new version of the client, making sure there were no other VPN's, and Xfinity Advanced security was turned off. 

 

Any Help Appreciated.

0 Likes Likes
2 REPLIES 2

reaper
Cyber Elite
Cyber Elite

‎12-12-2023 01:42 AM

have you been able to capture traffic on both sides?

is xfinity (sorry we dont have xfinity here) on IPv6 by any chance? I had an issue with a local provider that put users on ipv6 and then NAT64'd them breaking out to the internet

have you tried putting those users on an ssl only profile to see if that changed anything?

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization
0 Likes Likes

IamgROOT
L0 Member

‎01-10-2024 12:23 AM

I figured out the problem, but will post a different request for a solution. Essentially, the VPN and the xfinity home network are both using the same subnet. MacOS X is using the default gateway because of the same subnet. The easy solution was to change my gateway IP, which worked. The problem now is that is not convenient for troubleshooting users who cannot just go and change their home network gateway IP. There must be a way to have Mac's auto default to the VPN's gateway when identifying resources, like how Windows devices do.

0 Likes Likes
  • 1534 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks