PSB blocking SMB connection in Finder

wm_mattias
wm_mattias W/ Alumni Posts: 11 Security Scout

I recently noticed that the PSB firewall blocks connections through SMB. How do I allow SMB connections in Finder? This happens in macOS 10.15.7 and 11.1. PSB version is 17.10.

Answers

  • MonikaL
    MonikaL W/ Alumni Posts: 206 W/ Former Staff

    Hi,

    You may enable the following Firewall Rules under Profiles in F-Secure PSB portal. Enter the required information (e.g. Local IP address, Remote IP address, port numbers) for each of the rules.


    Allow SMB over TCP inbound from file servers (Allow In)

    Allow SMB over UDP inbound from file servers (Allow In).

  • wm_mattias
    wm_mattias W/ Alumni Posts: 11 Security Scout

    Hi @MonikaL,

    From what I can see, those kind of rules doesn't seem to be possible for Mac profiles.

    And I just noticed that there was an update for the Mac client published yesterday that supposedly solves this problem. https://community.f-secure.com/en/discussion/114459/computer-protection-for-mac-change-log#Comment_125310

    Do you know if windows profile kind of firewall rules are in the workings in PSB for mac?

  • MonikaL
    MonikaL W/ Alumni Posts: 206 W/ Former Staff

    Hi @wm_mattias

    Yes, it was actually broken previously and it is fixed in the latest release of CP for Mac. If you are using an older version, could you upgrade to the latest version and check it again? By right, you could enable the firewall feature and there is no need to even create a firewall rule to allow such connection as it should not be blocked by the latest version of CP for Mac product.

    Other than that, you could also consider to create a rule by entering a bundle identifier of "com.apple.NetAuthSysAgent" and team identifier of "APPLE".

    Bundle identifier: "com.apple.NetAuthSysAgent"

    Team identifier: "APPLE"

    You may also refer to below article:

    https://help.f-secure.com/product.html#business/psb-portal/latest/en/task_BB65B04DC5984FFC8C255CCCBCB8FAF9-psb-portal-latest-en

This discussion has been closed.