Mac devices experience issues with establishing tunnel with Global Protect

• Global Protect does not establish due to port 4767 failure.
• From PANGPA.log we can see the error:

P1163-T35079 Jul 25 13:03:57:533903 Error( 78): Failed to connect to server at port:4767
P1163-T35079 Jul 25 13:03:57:533912 Error( 216): Cannot connect to service, error: 61
P1163-T35079 Jul 25 13:04:00:562248 Info ( 212): InitConnection ...
P1163-T35079 Jul 25 13:04:00:562292 Debug( 57): fd still open before connect
P1163-T73731 Jul 25 13:04:00:562708 Debug( 438): SelectProc started.

• PANOS 8.1.9
• PA-5260
• Global Protect  5.0.3
• macOS

• Port 4767 failure could be related to Global Protect not able to connect to pangps service or services may not  be running.

1. Check if this service is loaded by running the following command in your Mac terminal

"launchctl load /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist"


Example:

xxxxxxxxxxxxMac:~ xxxxxxx$ launchctl load /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist
/Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist: service already loaded
xxxxxxxxxxxxMac:~ xxxxx$

service already loaded indicates service is running.

2. If the service is running, then remove Global Protect and re-instal as the root admin on the Mac
3. Before re-installing. It is important to allow 3rd party apps to run.
4. Uninstall Global Protect.
5. Log in as the admin user.
6. Reinstall Global Protect
7. Once Global Protect is re-installed, head back over to the "Security and Privacy" settings. A prompt message should pop up which asks if Global Protect is allowed to run on this machine.
8. Click "YES"
9. From Mac, click on System Preference > Security and Privacy > General > allow apps download from: 
10. Select Anywhere