Bizarre Issue with Approved Kernel Extensions Config Prof blocking ICMP Ping Replies


Spent hours upon hours trying to work out why my Screen Sharing wouldn't work. Starting with a simple ping from device to device, I found that the device would not reply.

I asked our network manager to check firewalls, network connection, proxy etc. nothing.
We then installed WireShark on the troublesome device and found that it was indeed receiving the ICMP Ping packets, it just didn't want to reply. Netstat had "icmp address mask responses are disabled" buried in the logs, and I tried all suggestions on Google re Firewall, Stealth Mode etc. All were already switched off but we tried toggling etc no luck.

So I then completely removed the device from JAMF, sudo jamf removeFramework
Reboot, and of course it starts working, replying to pings and screen sharing working 100%

I then began the tedious process of removing all Profile and Policies and re-scoping one by one. Of course I started with all the Network related ones, Wi-Fi certs, DNS settings etc etc again no luck. Murphy's law in full swing, the very last policy/profile I tried...

Finally, the least expected Approved Kernel Extensions profile I use to 'whitelist' approved developers to limit the amount of user interaction on installs and what not. I removed this profile, reboot and all of a sudden... PING RESPONSES!

I can't tell you which entry in the profile is the exact issue, or if it is even related to a single entry. Just hoping to save someone the time that I have spent chasing an invisible needle in a haystack. 86247bae319043aaa08e302d4f2f8626