Hi! I've recently had someone complain that the native macOS/OSX VPN client wouldn't connect to the VPN (PANOS 8.0.6). Turns out that they were using an unsupported macOS version, and weren't using the globalprotect client 'because it didn't work'. The official response to them is a) get a supported version of macOS b) use the GlobalProtect client. But it got me curious. Way back when we replaced a very crufty VPN box with the Palo Altos, I spent some time testing various VPN clients and the macOS native VPN client worked fine. Does anyone know if Apple have 'done something' to break it? Know of a fix? I'm suspecting it's Apple to blame here - 3rd party VPN clients such as Linux (Fedora Core 26) vnpc, Android (vpnzilla), and iOS (reportedly) all work fine. The experience on a macOS device is that the VPN client successfully connects, but no packets appear to flow either way. ✓ msm@TrwynMochyn» ifconfig utun1
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
options=6403<RXCSUM,TXCSUM,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
inet 148.197.84.55 --> 148.197.84.55 netmask 0xffffffff
✓ msm@TrwynMochyn» netstat -in | grep utun1
utun1 1280 <Link#15> 0 0 0 0 0
utun1 1280 148.197.84.55 148.197.84.55 0 - 0 - -
✓ msm@TrwynMochyn» ping 148.197.84.55
PING 148.197.84.55 (148.197.84.55): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
Request timeout for icmp_seq 5
Request timeout for icmp_seq 6
^C
--- 148.197.84.55 ping statistics ---
8 packets transmitted, 0 packets received, 100.0% packet loss
... View more