CylanceGATEWAY known issues
CylanceGATEWAY
known issuesAccess control list (ACL)
The ACL tab is not displayed in the Cylance Endpoint Security console immediately after CylanceGATEWAY is enabled for the tenant. (BIG-7059)
Workaround : Log out of the Cylance Endpoint Security console, and log in again. |
Network connections
If the component that is handling active connections through the CylanceGATEWAY Connector is restarted within the BlackBerry Infrastructure , the number of active connections for the connector may not return to zero when the connector is disabled. (BIG-8614) |
Restricted apps can't open loopback sockets when "Block network traffic from restricted apps" is set to "No" in the CylanceGATEWAY service policy, for Windows devices. (BIG-7593) |
The Intel Killer Prioritization Engine may drop CylanceGATEWAY traffic. (BIG-5527)
Workaround : Give BlackBerryGatewayService.exe a priority of "1" in the Killer Prioritization Engine console. |
If a device's local network IP range (for example, a home Wi-Fi network) overlaps with the customer's private network, CylanceGATEWAY work mode does not allow access to the private network resources for the IPs that fall in the overlap range. For example, if a user’s home Wi-Fi network range uses 10.0.0.0/24 and the customer’s private network uses 10.0.0.0/8, the user will not be able to access 10.0.0.100 on the private network as it falls under 10.0.0.0/24 and will be routed to the local network. (BIG-5389)
Workaround : Complete one of the following actions:
|
Device
When environments are configured for device posture validation, macOS users receive an error message when they try to enable work mode if the CylancePROTECT Mobile app is installed but not activated. The CylanceGATEWAY agent log file logs a 403 and the following error message: "error":"NotEntitled","detail":"Endpoint requires protect". (BIG-7848)
Workaround : Complete the following steps:
|
Users may experience connectivity issues when the CylanceGATEWAY agent is installed on a computer running Windows Subsystem for Linux (WSL) due to a known issue where WSL does not accommodate the MTU of the network interfaces in Windows. (BIG-5509)
Workaround : Users with WSL2 can work around this issue using the following commands.
|
Agent
Windows users only receive the Connection Blocked notification popup message the first time they try to access a blocked website. (BIG-8578) |