Hi There,
I am using NETunnelProviderManager to configure and start a NEPacketTunnelProvider on macOS. Most of time, it works just fine, however, under some edge cases, NEPacketTunnelProvider will not start and NEVPNConnectionStatus changes directly from NEVPNStatusConnecting to NEVPNStatusDisconnected from the NEVPNStatusDidChangeNotification I received. What is the best way to handle this edge case? It seems like normally retry the startVPNTunnelWithOptions:andReturnError: shortly after would just fix the issue somehow.
Core logic to start the NEPacketTunnelProvider:
...
[manager
loadFromPreferencesWithCompletionHandler:^(NSError *loadError) {
[self observeConnection:manager.connection];
NSError *error;
BOOL success = [manager.connection
startVPNTunnelWithOptions:options andReturnError:&error];
NSLog(@"start tunnel succeeded: %d error: %@", success, error);
}];
...
- (void)vpnConnectionDidChange:(NSNotification *)notification {
NEVPNConnection *connection =
(NEVPNConnection *)notification.object;
NSLog(@"connection.status: %ld", (long)connection.status);
}
NEPacketTunnelProvider code to verify the provider is started
@implementation MyMacPacketTunnelProvider {
- (instancetype)init {
NSLog(@"tunnel init");
...
}
- (void)startTunnelWithOptions:(NSDictionary<NSString *, id> *)options
completionHandler:(void (^)(NSError *_Nullable error))completionHandler {
NSLog(@"startTunnelWithOptions called");
Logs when hitting edge case:
start tunnel succeeded: 1, andReturnError: (null)
connection.status: 2
connection.status: 2
connection.status: 1
connection.status: 1
connection.status: 1
Logs happy path:
start tunnel succeeded: 1, andReturnError: (null)
connection.status: 2
connection.status: 2
tunnel init
startTunnelWithOptions called
connection.status: 3
connection.status: 3
In case of an exception, it feels like the VPN service is not enabled. None of the init methods in MyMacPacketTunnelProvider are called.
This problem was reported by users. I tested various possible scenarios myself, but none of them reproduced. Users also only have this problem occasionally, and cannot reproduce it stably, nor can they capture related logs.
This doesn't look like a code logic problem, is this a bug in the iOS system? Under what circumstances will this problem occur? How can I solve it?
Please get back to me with this question ASAP, my client is waiting for me to fix this, thanks.
Post
Replies
Boosts
Views
Activity
Recently, I encountered an issue where some users have reported that the VPN cannot be connected. Even after uninstalling the app and reinstalling it, I cannot connect. I must restart my phone to successfully connect. IOS system.
Sometimes the vpn cannot start on iOS,the key logs :
15:24:30.262377+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)]: Received a start command from LenovoLink[2472]
15:24:30.262402+0800 nesessionmanager Registering session NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)]
15:24:30.262556+0800 nesessionmanager <NESMServer: 0x143e07e40>: Register Enterprise VPN Session: NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)]
15:24:30.262589+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)]: Successfully registered
15:24:30.262638+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)] in state NESMVPNSessionStateUpdating: received start message
...
15:24:51.343767+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)]: State timer (300 seconds) fired in state NESMVPNSessionStateUpdating
15:24:51.344305+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)] in state NESMVPNSessionStateUpdating: timed out
15:24:51.345617+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)]: Leaving state NESMVPNSessionStateUpdating
15:24:51.348733+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)]: Entering state NESMVPNSessionStateDisposing, timeout 5 seconds
15:24:51.349478+0800 nesessionmanager net.memenet.WeLine[426]: disposing
15:24:51.351587+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)]: status changed to disconnecting
15:24:51.357284+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)]: Resetting VPN On Demand
15:24:51.358434+0800 nesessionmanager net.memenet.WeLine[426]: Tearing down agent connection
15:24:51.359272+0800 nesessionmanager Found 0 (0 active) registrations for net.memenet.WeLine.provider (com.apple.networkextension.packet-tunnel)
15:24:51.360821+0800 nesessionmanager net.memenet.WeLine[426]: XPC connection went away
15:24:51.362919+0800 nesessionmanager NEVPNTunnelPlugin(net.memenet.WeLine[inactive]): Tearing down plugin connection
15:24:51.408596+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)]: Plugin is installed
15:24:51.408807+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)] in state NESMVPNSessionStateDisposing: plugin NEVPNTunnelPlugin(net.memenet.WeLine[inactive]) dispose complete
15:24:51.408936+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)] in state NESMVPNSessionStateDisposing: all plugins have disposed
15:24:51.409192+0800 nesessionmanager NEVPNTunnelPlugin(net.memenet.WeLine[inactive]): Tearing down plugin connection
15:24:51.409316+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)]: Leaving state NESMVPNSessionStateDisposing
15:24:51.409441+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)]: Entering state NESMVPNSessionStateIdle
15:24:51.409750+0800 nesessionmanager NESMVPNSession[Primary Tunnel:WeLine SDVN:9A1A565B-4DEA-4ED6-A954-11E04B44CFFC:(null)]: status changed to disconnected, last stop reason Stop command received
it seems the packet tunnel provider is not started because of a XPC error?
When I started to connect to the VPN on iOS, the following error occurred:
{
kind = 1;
new = "\n status = unsatisfied\n reasonCode = 2\n reason = Path was denied by NECP policy\n isViable = NO\n isExpensive = NO\n isConstrained = NO\n clientID = 46C17BDD-6CA1-422D-969C-F504D234E1D4\n mtu = 0";
old = "\n status = satisfied\n reasonCode = 0\n reason = Path is satisfied\n isViable = NO\n isExpensive = YES\n isConstrained = NO\n clientID = 46C17BDD-6CA1-422D-969C-F504D234E1D4\n mtu = 1450";
}
“Path was denied by NECP policy”,
What does this error mean?
In iOS, how to use code to turn on the system's hotspot?