So we have the agent deployed out to our widows and Macs in our environment. We have followed the Best practice guides for bypassing the VPN traffic with Netskope but we are still having issues connecting to the VPN on the Mac's. Anyone else run into this issue?
Solved
Global Protect on Mac's
+2Best answer by mkoyfman
@cmaulding the bug in Big Sur GP client is not address until 5.2.5. I have verified that on 5.2.5-66 things are running just fine.
This topic has been closed for replies.
+12@cmaulding To confirm, when you have the Netskope Client enabled, your VPN will not connect to its intended destination? Can you share what type of VPN and also, are you using the Client for Netskope Private Access or CASB/SWG or both?
+2Hey Bob that is correct. We are using the PaloAlto Global protect, and we are using it for SWG/CASB and NPA. Currently. We have the agent on Windows Machine with the global Protect VPN and those were just fine. It is only the Mac's that do not work.
+12Hi @cmaulding are you running on Catalina? If so there is a PAN bug with Catalina and GlobalProtect, where split-tunneled domains/IPs are not functioning when running GlobalProtect 5.1 or 5.2.
You can read more on PAN's website: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HBqECAW&lang=en_US%E2%80%A9
@cmaulding feel free to send me a private message here and we can take a look at this together. Can you also please confirm the version of GP client you're running?
+2@mkoyfman we are running GP 5.2.3-22 and I sent you an email per the private message. I appreciate your help.
@cmaulding the bug in Big Sur GP client is not address until 5.2.5. I have verified that on 5.2.5-66 things are running just fine.
+2@mkoyfman I have upgraded to the latest client version 5.2.6-87. Now I am able to get the VPN to connect but as soon as it does the Netskope agent goes Red. Disconnect the VPN and it comes back online. Would this have to do with the bypass configuration that I mentioned before?
I have this same exact issue on Windows machines. The guidance for adding split tunneling via IP addresses have been done as well.
On Windows, we are experiencing the same exact issue where when we connect to VPN, the Netskope agent goes red and then a disconnect/reconnect fixes the issue for a period of time. It's very intermittent. I have a ticket opened with Netskope Support but no clear fix.
GP Version: 5.2.6
+7We had this exact same issue. I had to add the addresses of our GlobalProtect gateways into a Network Location group. I then added that group as an exception in our Steering Configuration. After that, everything was stable.
thanks for sharing, @jeremywc . @ddrake did you also read and follow this article? https://support.netskope.com/hc/en-us/articles/360023155053-Best-Practice-for-coexistence-of-Netskope-client-and-third-party-VPN-clients-on-Windows-and-Mac-endpoints
This is what @jeremywc is talking about
Sorry @mkoyfman - I apparently don't get notifications on comments I make. I'll DM you the ticket number.
+19Hey there @ddrake! Normally you would receive notifications on comments if you were the original conversation author, but in this case, if you are interested in a conversation you can subscribe to the RSS Feed to receive email updates on further comments.
Check out our resource on Subscribing to Community Boards & Labels, if you ever have any questions or need help please reach out to me directly!
Happy posting! 🖖
Sign up
Already have an account? Login
Sign in or register securely using Single Sign-On (SSO)
Employee Continue as Customer / Partner (Login or Create Account)Login to the community
Sign in or register securely using Single Sign-On (SSO)
Employee Continue as Customer / Partner (Login or Create Account)Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.