This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

GP issues with MACOS Sequoia

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

GP issues with MACOS Sequoia

UtkarshKumar
L3 Networker

‎12-10-2024 05:00 PM

Hello Team

We have a user who recently upgraded their MAC to OS Sequoia and since have issues browsing any website when connected to Global Protect Agent 6.2.6.

 

We have tried multiple browsers with no change in behavior.


++ Verified that DNS is being resolved correctly.
++ No issues if we try to ping yahoo.com using the terminal
++ Client initially downloaded 6.3.1 but since it is not compatible they have since downgraded to 6.2.6 GP agent version -- still no change in behavior.
++ There are no issues connecting to GP bit nothing works after the user is connected to GP and try to browse any website -- they have split tunneling in place but for example, yahho.com should not be routed via the Firewall and should go out directly via Client's internet.
++ Suspecting SSL to be an issue -- we checked with CURL and cannot see any issues with SSL Connection
++ Tried Chrome, Safari, and Firefox -- still no change.
++ Permissions have been given to GP on MACOS while reinstalling 6.2.6
++ Even traffic coming to the firewall is being allowed and we see no drops, the tunnel stays connected on the new MACOS.

Is there anything we can check or if anyone faced a similar issue? Not sure if this is already a known issue with newer GP versions and MAC.

GlobalProtect 

GlobalProtect
Thumbnail of GlobalProtect
Palo Alto Networks
GlobalProtect
Network Security
View on Product Page
0 Likes Likes
2 REPLIES 2

arusharma
L3 Networker

‎12-10-2024 08:20 PM

What type of connection you are using IPSEC or SSL? Are you using IPV6? What is the MTU set on the portal try reducing it lower value. For further clarity, we need to see the pcap when the traffic leaves the pangp interface for those websites.

0 Likes Likes

BPry
Cyber Elite
Cyber Elite

‎12-11-2024 02:49 PM

@UtkarshKumar,

Do you know the specific version number that they're running. There were a lot of VPN issues with 15.0 proper that were somewhat helped with 15.0.1. I haven't had any issues reported on 15.1.1 or 15.2 (just released today). It kind of sounds like they may be running 15.0 where these issues were pretty common and could be fixed by disabling the macOS firewall (but now you really should just update to 15.1.1/15.2).

0 Likes Likes
  • 136 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks