Just installed a Firewalla purple in router mode this weekend. My work mac uses Cisco Umbrella roaming client to connect, and in the past it would connect once or twice per day and I could use corporate websites perfectly fine. Now, the client reconnects every minute or 2 and I constantly get the “error: network change detected” in my browser and it will force me to reload the page and I lose progress on anything I was working on. Does anyone have any ideas? I tested it by using my phone hotspot and it went back to connecting once and working just fine, on the firewalla it’s back to disconnnecting every minute.
Tap on devices->find the device doing Umbrella->turn on emergency access. See if this improves anything. If it doesn’t, turn off DoH or any filtering DNS, and see if things will get better. Likely the Umbrella client is looking for a specific environment … The network change may be DNS, or even multiple WAN … (if you have multiple WAN, turn that off too)
Does this issue occur after your connected to anyconnect vpn?
I don’t have any answers but I can say that I use a Mac for work with AnyConnect and Umbrella (DNS only, not web) and I have had no issues with it staying connected for days or weeks at a time behind either a FWG or a FWP.
En0 should never be assigned 127.0.0.1, no DHCP server should ever hand out that address and the Mac should never assign a loopback IP to anything other than a loopback adapter. Have you checked to make sure you are on the latest version of the Cisco clients? What Mac version are you running? I’m hesitating to nave to 13 for a little bit, so am still on 12 (latest version). Also, are you Apple Silicon or Intel based?
Has anyone found a solution to this yet?
Exactly the same thing happens to us as well, only on Mac books (iMacs and Windows computers work fine) and only in our office network.
If the users connect to another wifi, the Umbrella client is working fine.
I turned on emergency access and it didn’t change anything. DoH is off. I did see in the results from the diagnostic tool of the Umbrella client that I got multiple “DNSUpdater.m:1714 - Network Change Callback : a nic dns address has changed : nic: en0 : {( “192.168.229.1” )} → {( “127.0.0.1” )}”. and it alternates from 192.168.229.1 to 127.0.0.1 and then back to 192.168.229.1 . The computer is a Mac
We are using SIG Essentials. Since we implemented some user report that they get occasional wireless disconnects. We can recreate the error when unplugging from a docking station and the laptop switches from Lan to Wifi. It will connect and then about 10 seconds later it will disconnect again. about 30 seconds later it will re-connect. Any ideas?
Could this be something else installed? Does your machine have emm or mdm installed? When emergency access is on, all blocks are bypassed. I am pretty sure dns can’t get changed one or two min …
Umbrella client is supposed to set DNS to 127.0.0.1 so the agent can intercept it and redirect it to Umbrella resolvers. That’s normal.
But the cycling isn’t right. Sometimes this happens if there’s an incompatible VPN agent on the computer also trying to change the DNS settings.