Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

No network access to Mac Pro??

rgetter

rgetter

macrumors member
Original poster
Sep 20, 2008
47
25
Portland, Oregon
This is almost embarrassing because I'm one of the Mac sysadmins where I work and the length of time I've been supporting Macs can best be measured in decades.

My Mac Pro 2013 at work will not accept any sort of incoming network connection, TCP, Screen Sharing, ssh, ping, port scans, you name it. The firewall is off (and I even did the turn on, reboot, turn off, reboot cycle I read about. I hardwired it to another Mac and put them on the same IP range, so I know there's nothing in the LAN blocking things. Terminal queries confirm that the firewall is off.

There was nothing obvious showing in a tcpdump to and from the system. It seems to be hearing Screen Sharing requests:

12:29:16.265863 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 64)​
10.12.21.250.51161 > 10.12.21.97.5900: Flags *** cksum 0x669c (correct), seq 903855621, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 711431099 ecr 0,sackOK,eol], length 0)​

(*** There was an S in square brackets after Flags but it was being interpreted as a markup command)

But when I listen to a response to those requests on the other system, crickets. (nothing)

What is even more amazing that I had the same problem on the 2012 Pro tower that I migrated from (sans settings, of course). I do have Checkpoint on this system, but it is not set to launch automatically and I can't see any of its services running in the Activity Monitor.

I'm beyond expecting a solution from anywhere, but would be grateful for any troubleshooting steps you can recommend.

Thanks!
Ric
 
When I've had issues previously removing and re-adding the network interface worked.

System Preferences > Network > Click on the minus button in the bottom left to delete the interface > hit the plus and re-add.
 
As sometimes happens, talking about it helps.

"Checkpoint" was the magic word. I decided to go down that path after I posted this and discovered that our shop's Checkpoint VPN install also included the Checkpoint Firewall, which was apparently set up in fortress mode. (It was possibly just the installer I had.) Even if the VPN product was only set to run on demand, apparently the firewall is enabled as long as Checkpoint is running anywhere. There are no controls. It is automatically launched at startup and requires shutting down the client to turn off the firewall, which will turn back on again with the next startup. The only way to disable it is to uninstall it, which I did, until I can talk to our Checkpoint admin to find out what is going on.

Even if one is not the brightest bulb in the chandelier, persistence does pay off eventually.
 
  • Like
Reactions: hg.wells
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back