Skip to main content
Jamf Nation, hosted by Jamf, is a knowledgeable community of Apple-focused admins and Jamf users. If you like what you see, join us in person at the ninth annual Jamf Nation User Conference (JNUC) this October for three days of learning, laughter and IT love.

Casper Remote does not work

Hello Guys!

We use McAfee EndPoint Security for Mac 10.2.1, and we have to disable the firewall to allow screen share via casper. Is anyone facing this issue or can somebody assist?. It is not professional or against our policy to disable the mcafee firewall....looking for a solution.


Like Comment
Order by:
SOLVED Posted: by dpertschi

If you don't need the Firewall, App protection, and Web Control nonsense; your ePO admin can download just the Threat Protection package for you.

SOLVED Posted: by mm2270

The reason it doesn't work is because McAfee's crappy Firewall blocks SSH access, which Casper Remote uses to SSH into the Mac and turn on ScreenSharing and create the connection back to your console (among other things)

As @dpertschi mentioned, I would talk to your ePO admin(s) and see if they are OK with just using Threat Protection. McAfee's Stateful Firewall is a load of garbage. Your life will be much easier without it if you can swing that, though still no walk in the park (it IS McAfee after all!)
If they aren't willing to remove that, then make the case that you can't do your job and use the tools your organization paid good money for unless they loosen up the firewall rules to allow SSH and open some ports at a minimum. Few people want to be labeled as the cause of someone being unable to use a paid product, though security admins tend to be of a breed that is more resilient to shame and doing the right thing. Sometimes they just don't give a damn.

FWIW, we're using just Threat Protection here too, thank goodness. I hope our security admins never force us to use all that other nonsense. Talk about making a Mac into a useless brick.

SOLVED Posted: by Cornoir

We use McAfee and aside from the obvious hate that comes from using McAfee there are some issues obviously with their EndPoint product.
There are 2 installers for McAfee EPO;
The McAfee Standalone package which installs the 3 modules (firewall, web control and App protection).
The that installs the EPO agent.
If for some reason the does not install properly or some other reason the EPO agent can not communicate to the EPO backend server the modules installed will be enabled for everything by default.
If the EPO agent can communicate with the EPO server it receives it's configurations set by the EPO admin (including allowing SSH port access).
You might want tom verify with your EPO admin(s) that the Macs are infact communicating to the EPO server and what are the McAfee Firewall settings for SSH are.