New Sophos Support Phone Numbers in Effect July 1st, 2023

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 13 subscribers
  • Views 3462 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Network Extension Crashing on MacOS

Sophos User6833

We've been using Sophos with our macos fleet and have lately realized the network extension seems to be crashing a lot on macos monterey devices , and it'll bring the whole network stack with it. 

Anyone else observing similar behaviour? Any recommendations anyone has for circumventing the issues? I'm having a hard time even finding any logs for the network extension itself, but have just noticed a common theme of the users having this issue also indicating the extension is marked as not running when looking at the sophos controls on their machine.



This thread was automatically locked due to age.
  • 0

    Hi Sophos User6833,

    Thanks for reaching out to the Sophos Community Forum. 

    I suggest checking the status of system extensions by running the following command. 
    - systemextensionsctl list 

    There is some chance that a new version of the extension may have been loaded and the old one is waiting to be cleared. If you can provide the output you receive when running this command I may be able to advise further. 

    A reboot may also help, but I suggest opening the Endpoint Self Help tool on one of the affected devices to see if there are any suggested actions present under the "Prerequisites" tab. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • 0

    Same problem here .... after updating computers from macOS 12.5.1 to 12.6 we have some computers with no problems and some with the message/status: "Not started: Sophos Network Extension".

    Rebooting does not help and I do not see anywhere an option to reactivate the 'allow' for this extension.

  • 0 in reply to Jozef Dresselaers

    Are any additional options available when opening the "Endpoint Self Help" tool via the Finder? I suggest checking the "Prerequisites" tab. 

    Let me know what you see when running the following command.

    Qoosh said:
    - systemextensionsctl list 

    In the security and privacy window, the option to allow this should appear as shown below.

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • 0 in reply to Qoosh

    Hello

    This is the output of that command

      ~ sudo systemextensionsctl list 

    Password:

    2 extension(s)

    --- com.apple.system_extension.network_extension

    enabled active teamID bundleID (version) name [state]

    * * 2H5GFH3774 com.sophos.endpoint.networkextension (10.4.0/7) networkextension [activated enabled]

    --- com.apple.system_extension.endpoint_security

    enabled active teamID bundleID (version) name [state]

    * * 2H5GFH3774 com.sophos.endpoint.scanextension (10.4.0/7) com.sophos.endpoint.scanextension [activated enabled]

     

    The perquisites tab says that the transparent proxy isn't running, clicking 'fix' doesn't seem to do anything. I'm quite certain everything is whitelisted properly on our MDM as a newly installed machine doesn't have any errors without any intervention. 


  • 0 in reply to Qoosh

    Hello

    Sorry this might be a double post

    output of the command

      ~ sudo systemextensionsctl list 

    Password:

    2 extension(s)

    --- com.apple.system_extension.network_extension

    enabled active teamID bundleID (version) name [state]

    * * 2H5GFH3774 com.sophos.endpoint.networkextension (10.4.0/7) networkextension [activated enabled]

    --- com.apple.system_extension.endpoint_security

    enabled active teamID bundleID (version) name [state]

    * * 2H5GFH3774 com.sophos.endpoint.scanextension (10.4.0/7) com.sophos.endpoint.scanextension [activated enabled]

    There isn't an additional request for the extension in System Preferences

  • 0 in reply to Sophos User6833

    Hi ,

    Thanks for the update. In that Security and Privacy window, please click the lock icon in the bottom left, and enter your Administrator password to unlock the settings.

    Once unlocked, see if you'll have the "Allow" option. If you don’t, then click the Advanced button. In some cases, the Allow may show up in this Window.

    Let me know how it goes.

    Gladys Reyes
    Global Community Support Engineer
    Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • 0

    same issue here, suggested answer did not help.

  • 0

    We seem to experience the same error. Is there a way to simply delete the extension and disable web-filtering completely?

  • 0 in reply to Alexander Harm

    The following recommended read article explains how to manually remove system extensions. 
    - HOW TO: Remove System Extensions

    When checking the Endpoint Self-Help tool and selecting "Fix" on any problematic extensions, what options are shown? 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Unfiltered HTML