Lulu breaks Microsoft Remote Desktop on macOS Sequoia

[Hawkedon]

When enabling Lulu, after about 15 seconds with Microsoft Remote Desktop, I received the following error message:

Your session ended because of a data encryption error. If this keeps happening, contact your network administrator for assistance.

Error code: 0x407

Disabling Lulu fixed the problem. I never encountered this problem on macOS before Sequoia. Seems some updates in macOS Sequoia break Lulu.

[xorxoxor]

I am having similar Problems since the update with SSH connections. I'm randomly getting disconnects. Yesterday I also had issues with stalling downloads via https. I can also confirm your RDP Issues.

[Hawkedon]

Seems there are quite a bit of change for network filtering in Sequoia. For example, this initializer has been deprecated

LuLu/LuLu/Extension/FilterDataProvider.m

Line 82 in 69b51f8

networkRule = [[NENetworkRule alloc] initWithRemoteNetwork:nil remotePrefix:0 localNetwork:nil localPrefix:0 protocol:NENetworkRuleProtocolAny direction:NETrafficDirectionOutbound];

and replaced with

https://developer.apple.com/documentation/networkextension/nenetworkrule/4360323-initwithremotenetworkendpoint

[wastez]

The problem seems to be related to the internal firewall of sequoia.

Just disable the internal firewall until apple will fix that.

[anarchy89]

I am getting drops for ssh (mac/linux), vnc(mac) and Remote Desktop for windows as well.

[sammcj]

Out of interest - if you temporarily disable macOS's inbound firewall - does it resolve the issue?

[jdwhite]

Out of interest - if you temporarily disable macOS's inbound firewall - does it resolve the issue?

Yes, it does. It very much does.

Name of this issue should be renamed to "Lulu breaks networking on macOS Sequoia" except it's not really Lulu. Point is it's not just Remote Desktop. I first noticed it with SSH. Then my Zoom calls were dropping several seconds of audio randomly while others sharing the same internet pipe were entirely unaffected.

[sammcj]

Ok, I’m not surprised. I have a theory that Apple hosed something in the packet filtering stack and it’s causing problems for a lot of applications.

I can reproduce the problems without any third party packet filter - as I can the workaround.

[got3nks]

It's an issue with the firewall in MacOS Sequoia.

https://discussions.apple.com/thread/255759412

[FideliusFalcon]

I have simular issues with MacOS Sequoia, but it's general DNS resolve issues mostly in Firefox.
It seems like the solution is either disabling LuLu (and other network filtering tools) or disabling the build in Firewall on MacOS.

[andrey-admin]

any fix available?

[FideliusFalcon]

@andrey-admin Disable LuLu or Host Firewall until Apple fixes this

[hellpf]

Just use ethernet instead of wifi + off firewall and it works just fine 🤷‍♂️ (for me)

[objective-see]

This has now been confirmed, to yes, be due to an Apple bug in macOS 15, that is widely impacting many 3rd-party security tools, that then in turn causes macOS networking to break.

This has been reported to Apple (and was so before macOS 15 was released), who have confirmed the issue and are hopefully working on a fix.

More info: "Apple’s new macOS Sequoia update is breaking some cybersecurity tools"

[jdwhite]

Just use ethernet instead of wifi + off firewall and it works just fine 🤷‍♂️

If I'm correcting parsing this as use (ethernet + enabled firewall) instead of (wifi + disabled firewall), then no -- it does not work just fine.

Obviously, I can only speak for me but the network interface I used on my M1 MPB did not matter. I tried WiFi, an external 10GB adapter (OWC), and even the virtual interfaces between my host and guest machines in UTM! SSH connections on any of these interfaces would fail miserably. FYI/FWIW.

[iplotin]

Yes, APPLE left everyone in 15.x without a firewall, even their own. Looks like apple is not on the side of security and this was done intentionally. Apple does not equal security.