Hello, I'm working on an app that offers a VPN tunnel (NEPacketTunnelProvider) meant to be released both in Developer ID builds and App Store builds. I've implemented an IPC mechanism using IPCConnection from the filtering network traffic example code. For the system extension it works fine. For the app extension, I just can't connect to the mach service. In both cases the app is not sandboxed, but the extension is. I'm trying to figure out how to troubleshoot the issue. The plist file for the system extension has this key: <key>NetworkExtension</key> <dict> <key>NEMachServiceName</key> <string>$(TeamIdentifierPrefix)com.company.system.extension.bundle.id</string> <key>NEProviderClasses</key> <dict> <key>com.apple.networkextension.packet-tunnel</key> <string>$(PRODUCT_MODULE_NAME).PacketTunnelProvider</string> </dict> </dict> Would the app network extension use the same NetworkExtension dictionary with a NEMachServiceName key for the mach service name? Any hints to help me debug this issue? I've tried using launchctl list to see if the mach service is up, but I'm not exactly sure what's a good way to use it. I've considered using sendProviderMessage to communicate with the tunnel from the main App, but the problem is that sometimes NEVPNManager.shared.connection as? NETunnelProviderSession is just nil (due to the cast), and I'm not sure why that's the case.