Skip to main content

Hey folks, does anyone have any experience so far deploying Netskope Steering Agent to macOS in versions above 15?  

Our Jamf policies that have worked for some time have stopped. Specifically the VPN configuration profile fails to deploy with the error:

The ‘VPN Service’ payload could not be installed. The VPN service could not be created.

 

This continues to work on anything below 15. Anyone needed to update their Jamf policies in order to get this to work? And by policies I mean the configuration profiles?

Hey ​@sean.clowes - beginning with the 15.1.1 release of Sequoia, JAMF configuration profiles require a password to be entered in the VPN payload. It does not matter what you put in; literally anything will work. 

Netskope is aware of this and working to determine if this is a JAMF specific issue or the result of changes in 15.1.1.


Did the enrollment work using the password? I’m having the same issue with Netskope and Sequoia. 

Thanks. 


@secproceo yes it works as long as you put something in the password box of the VPN payload in the configuration profile. 

 

I've worked with JAMF and they confirmed it is a net new issue introduced into JAMF Pro 11.11. No eta on a resolution from them, though. 


Excellent! Thanks for the update. 🙂 I will let my JAMF admin know about this issue. I need to get the latest version of the Netskope client 120.x.x.x deployed to all the Macs. It looks like the deployment stopped working on 11/7. Are the instructions for configuring JAMF with Netskope listed here https://docs.netskope.com/en/jamf correct? I want to make sure we are not missing anything.


Good morning, everyone.

Has anyone been able to get the Netskope Client successfully deployed using JAMF with Sequoia?


@secproceo  I’ve gotten this to work in my lab and we have organizations deploying Netskope with JAMF on Sequoia.  Are you encountering an error or behavior that prevents the deployment?

 


Correct. It appears the client deploys successfully but it will not enroll. Any idea what could prevent the client from enrolling? 

Error:

“Unable to verify Organization name”

Please verify and try again.

unkn - ERR_IDP_CONFIG_NOT_FOUND”


I think we found the issue. It appears the deployment was looking for the IDP when it needed to look for the “plist” file in the JAMF configuration. 

 

Does this configuration support the new secure enrollment?


What’s the ETA updating the documentation around VPN profile? 
 https://docs.netskope.com/en/jamf


So far, we are using the instructions provided in the link https://docs.netskope.com/en/jamf. We followed every step. I’m not sure if there is anything that needs to be updated. I will keep everyone updated if we get the deployment to work.


Reply