Skip to main content
Jamf Nation, hosted by Jamf, is a dynamic and knowledgeable community of Apple-focused IT admins and Jamf Pro users. Join us in person, in October, for the annual Jamf Nation User Conference (JNUC) to discover new and better ways to manage Apple devices.

Casper Remote does not work

Hello Guys!

We use McAfee EndPoint Security for Mac 10.2.1, and we have to disable the firewall to allow screen share via casper. Is anyone facing this issue or can somebody assist?. It is not professional or against our policy to disable the mcafee firewall....looking for a solution.

Regards,
Meren

Like Comment
CCA Badge
SOLVED Posted: 9/13/17 at 8:18 AM by dpertschi

If you don't need the Firewall, App protection, and Web Control nonsense; your ePO admin can download just the Threat Protection package for you.

Like
CCA Badge
SOLVED Posted: 9/13/17 at 10:20 AM by mm2270

The reason it doesn't work is because McAfee's crappy Firewall blocks SSH access, which Casper Remote uses to SSH into the Mac and turn on ScreenSharing and create the connection back to your console (among other things)

As @dpertschi mentioned, I would talk to your ePO admin(s) and see if they are OK with just using Threat Protection. McAfee's Stateful Firewall is a load of garbage. Your life will be much easier without it if you can swing that, though still no walk in the park (it IS McAfee after all!)
If they aren't willing to remove that, then make the case that you can't do your job and use the tools your organization paid good money for unless they loosen up the firewall rules to allow SSH and open some ports at a minimum. Few people want to be labeled as the cause of someone being unable to use a paid product, though security admins tend to be of a breed that is more resilient to shame and doing the right thing. Sometimes they just don't give a damn.

FWIW, we're using just Threat Protection here too, thank goodness. I hope our security admins never force us to use all that other nonsense. Talk about making a Mac into a useless brick.

Like
CSE Badge
SOLVED Posted: 9/13/17 at 11:40 AM by Cornoir

We use McAfee and aside from the obvious hate that comes from using McAfee there are some issues obviously with their EndPoint product.
There are 2 installers for McAfee EPO;
The McAfee Standalone package which installs the 3 modules (firewall, web control and App protection).
The install.sh that installs the EPO agent.
If for some reason the install.sh does not install properly or some other reason the EPO agent can not communicate to the EPO backend server the modules installed will be enabled for everything by default.
If the EPO agent can communicate with the EPO server it receives it's configurations set by the EPO admin (including allowing SSH port access).
You might want tom verify with your EPO admin(s) that the Macs are infact communicating to the EPO server and what are the McAfee Firewall settings for SSH are.

Like