Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

no heartbeat from 10.5.0 Mac Endpoint on macOS Sonoma 14.0

We have one device that is using this software combination and the device is not sending heartbeat to the firewall, nor does it show correct information in Sophos Central.

No HP packets arrive from the device for IP 52.5.76.173 as can be seen with tcpdump, if the user does a telnet to that IP and HB Port 8347, it appears in heartbeat.log on the firewall. Of course not successful.

In Central it does also not show the actual IP address. It shows the correct User and recent events but not the correct IP.

are there suggestions about how to fix that?

where is a heartbeat log located on MAC?



This thread was automatically locked due to age.
Parents
  • Hello  ,

    Thank you for reaching out to the community forum. 

    We have raised this one to our internal team, and they have confirmed that this issue that you're currently observing concerning Sonoma Mac OS is a known issue caused by Apple, and they are now working to get this issue sorted out. 
    However, we still don't have an ETA for the fix. We'll keep this community post update once an update has been shared. 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Thank you  

    Of course this situation is not good. Sophos Endpoint on Mac seems nor very reliable in the recent past and (re-)enabling required security features on the Mac is an administrative nightmare.

    Is it possible to list that known issue in the KIL, please?

    doc.sophos.com/.../index.html

  • Thank you as well for sharing this feedback with us. 

    We have already updated the KIL for the No heartbeat issue for MAC OS 14 Sonoma under reference number MACEP-6842. We'll keep you posted for more developments on the said issue. 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • the description is not matching to the actial issue, though - the client is not getting HB at all.

Reply Children
  • In the end it was due to the Sophos uninstaller for Mac did not remove some configs and properties of a previous Endpoint installation. By manual removal with GES engineer, a fresh installation re-enabled heartbeat from the endpoint again.

    Hoping that these findings find their way into the uninstallation logic of further versions.

  • and today again, the client had massive problems getting no heartbeat, after the Sophos Endpoint updates messed up something. Will you get it in a stable situation some day?

    I wonder why fixing heartbeat as core component as no high prio. Still looking that different HB clients that come with the same IP mess it all up. Like in SSL VPN. Some said that it was fixed in Firewall 19.5.3 SFOS.

    It's known for weeks now that it's not working properly. Not only on Mac.