This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
RayP
Contributor
‎2026-01-27 12:52 AM
Jump to solution

Failed to stop Harmony SASE when upgrading from 12.1.0.9079 to 12.4.0.10709

Hi all,

 

We're using Microsoft Intune for App deployment of Harmony SASE 12.4.0.10709 to our endpoints.

All our endpoints are Windows 11 (10.0.26100.7623)

Users are using the same profile within Harmony SASE.

 

The command we're using for Transparent Interne Access Installation is:

msiexec /quiet /i "Harmony_SASE_12.4.0.10709.msi" REGION="EU" TENANT_TOKEN="********"

 

A lot of devices (about 15%)  shows the following:

CustomActions.dll)INFO: PollDriverFlags: Perimeter81Netfilter2 polled flag value is 0x1
(CustomActions.dll)INFO: PollDriverFlags: Perimeter81Netfilter2 polled flag value is 0x1
(CustomActions.dll)INFO: PollDriverFlags: Perimeter81Netfilter2 polled flag value is 0x1
(CustomActions.dll)INFO: PollDriverFlags: Perimeter81Netfilter2 polled flag value is 0x1
(CustomActions.dll)INFO: PollDriverFlags: Perimeter81Netfilter2 polled flag value is 0x1
(CustomActions.dll)INFO: PollDriverFlags: Perimeter81Netfilter2 polled flag value is 0x1
(CustomActions.dll)INFO: PollDriverFlags: Perimeter81Netfilter2 polled flag value is 0x1
(CustomActions.dll)INFO: PollDriverFlags: Perimeter81Netfilter2 polled flag value is 0x1
MSI (s) (0C!D0) [09:27:13:425]: Product: Harmony SASE -- Failed to stop Harmony SASE. Please retry later.

Failed to stop Harmony SASE. Please retry later.
CustomAction CheckNetfilterDriverUnloadable returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)
Action ended 09:27:13: CheckNetfilterDriverUnloadable. Return value 3.
Action ended 09:27:13: INSTALL. Return value 3.
MSI (s) (0C:C4) [09:27:13:425]: Product: Harmony SASE -- Installation failed.

It looks like the installations command can't stop the services of Harmony SASE.

All the devices with this behaviour of not being able to upgrade have Harmony SASE 12.1.0.9079 installed. 

 

0 Kudos
1 Solution

Accepted Solutions
RayP
Contributor
2 weeks ago
In response to the_rock
Jump to solution

We solved it by using a pre-script:

 

Start-Transcript -Path "C:\DeployLogs\StopSASE-Service.log"
Write-Host '******************************'

# Script to stop the Perimeter81 services before an update is started (the update failes sometimes because it fails to stop the Service).

# Check if the "Perimeter81.Service" Service exists
$chkperi = Get-Service -Name "Perimeter81.Service" -ErrorAction Ignore
If($chkperi -ne $null) {
Write-Host 'Changing the Recovery options of the "Perimeter81.Service" Service'
Write-Host '******************************'
cmd /c 'sc.exe failure "Perimeter81.Service" reset=0 actions= ""'
Write-Host 'Stopping the "Perimeter81.Service" Service'
$getPIDserv = (Get-Process | Where-Object { $_.Name -like "*Perimeter81.se*" }).Id
Stop-Process -Id $getPIDserv -Force
Write-Host '******************************'
}
Else {
Write-Host 'The "Perimeter81.Service" Service was not found, nothing to do.'
Write-Host '******************************'
}


# Check if the "Perimeter81.HelperService" Service exists
$chkperihelp = Get-Service -Name "Perimeter81.HelperService" -ErrorAction Ignore
If($chkperihelp -ne $null) {
Write-Host 'Stopping the "Perimeter81.HelperService" Service'
$getPIDhelp = (Get-Process | Where-Object { $_.Name -like "*Perimeter81.help*" }).Id
Stop-Process -Id $getPIDhelp -Force
}
Else {
Write-Host 'The "Perimeter81.HelperService" Service was not found, nothing to do.'
}

Stop-Transcript

 

View solution in original post

11 Replies
the_rock
MVP Diamond
MVP Diamond
‎2026-01-27 08:27 PM
Jump to solution

I have harmony sase lab, can check on this tomorrow morning. Not using intune myself, but happy to have a look.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
RayP
Contributor
‎2026-01-27 11:28 PM
In response to the_rock
Jump to solution

Thnx Andy, please let me know.

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2026-01-28 03:35 AM
In response to RayP
Jump to solution

Of course, no worries. I will test it in a bit.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2026-01-28 05:05 AM
In response to RayP
Jump to solution

Just tested it, no issues for me.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
RayP
Contributor
‎2026-01-28 05:08 AM
In response to the_rock
Jump to solution

Did you test with an upgrade or a new installation of the harmony sase client?

 

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2026-01-28 05:10 AM
In response to RayP
Jump to solution

Upgrade method.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2026-02-01 07:39 AM
Jump to solution

Hey @RayP 

Any luck with this?

If not, I definitely suggest opening P81 case for it.

https://help.perimeter81.com/support/home

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
bleyers
Explorer
4 weeks ago
Jump to solution

Have the same  issue ...
Also Intune

After some searching i found this page
https://support.perimeter81.com/docs/windows-agent-release-notes

Windows agent 12.5.0.11894 (Beta)

February 9th, 2026

Resolved Issues:

  • P81-100329 – Agent uninstall using management tools triggers the anti-tampering mechanism

 



0 Kudos
the_rock
MVP Diamond
MVP Diamond
4 weeks ago
In response to bleyers
Jump to solution

I would open P81 case for it.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
RayP
Contributor
2 weeks ago
In response to the_rock
Jump to solution

We solved it by using a pre-script:

 

Start-Transcript -Path "C:\DeployLogs\StopSASE-Service.log"
Write-Host '******************************'

# Script to stop the Perimeter81 services before an update is started (the update failes sometimes because it fails to stop the Service).

# Check if the "Perimeter81.Service" Service exists
$chkperi = Get-Service -Name "Perimeter81.Service" -ErrorAction Ignore
If($chkperi -ne $null) {
Write-Host 'Changing the Recovery options of the "Perimeter81.Service" Service'
Write-Host '******************************'
cmd /c 'sc.exe failure "Perimeter81.Service" reset=0 actions= ""'
Write-Host 'Stopping the "Perimeter81.Service" Service'
$getPIDserv = (Get-Process | Where-Object { $_.Name -like "*Perimeter81.se*" }).Id
Stop-Process -Id $getPIDserv -Force
Write-Host '******************************'
}
Else {
Write-Host 'The "Perimeter81.Service" Service was not found, nothing to do.'
Write-Host '******************************'
}


# Check if the "Perimeter81.HelperService" Service exists
$chkperihelp = Get-Service -Name "Perimeter81.HelperService" -ErrorAction Ignore
If($chkperihelp -ne $null) {
Write-Host 'Stopping the "Perimeter81.HelperService" Service'
$getPIDhelp = (Get-Process | Where-Object { $_.Name -like "*Perimeter81.help*" }).Id
Stop-Process -Id $getPIDhelp -Force
}
Else {
Write-Host 'The "Perimeter81.HelperService" Service was not found, nothing to do.'
}

Stop-Transcript

 

the_rock
MVP Diamond
MVP Diamond
2 weeks ago
In response to RayP
Jump to solution

Excellent, thanks for letting us know!

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events