Netskope Community
10-04-2021 04:30 PM
10-06-2021 01:32 PM
Good afternoon! Is this only impacting Catalina Macs? What happens if you try to go to that federated domain in the browser rather than the Global Protect client? Do you happen to have the Netskope client logs or a packet capture?
10-07-2021 06:06 AM
10-07-2021 06:08 AM
10-06-2021 02:33 PM
So the issue is specific to Duo? What was working before, what is the "federated domain" in your context, and would be good to exactly understand the changes you made. You don't have to give the real domain, feel free to obfuscate, but knowing what worked and what you did to break it would be helpful.
At the same time, would be good to verify that our Best Practices for co-existence were followed: https://support.netskope.com/hc/en-us/articles/360023155053-Best-Practice-for-coexistence-of-Netskop...
10-07-2021 06:12 AM
No the issue is specific to Catalina. I had our federated domain in the client steering exception to bypass. I need to move that to the tenant level because I need to whitelist the Netskope IP's at our SasS vendors. When I did that Catalina users were not able to get to Global Protect (VPN). They just get a black Global Protect screen. I'm aware of the best practices and will be implementing split tunneling but really don't think that is my issue here. Windows and Mojave (Mac) were fine with my change.
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below
Sign In