Hi,
TLDR: On iOS, when my PacketTunnel is running, can I exclude DNS requests from going into the tunnel?
I have a test app, using Apple's AsyncDNSResolver, that makes a DNS call and it works when the tunnel is not running.
If the tunnel is running it times out after 30 seconds and I get the error -65568.
Here's how I'm setting up the tunnel
func setup(tunnelRemoteAddress: String) {
let settings = NEPacketTunnelNetworkSettings(tunnelRemoteAddress: tunnelRemoteAddress)
settings.ipv4Settings = NEIPv4Settings(addresses: [tunnelRemoteAddress], subnetMasks: ["255.255.255.255"])
settings.ipv4Settings?.includedRoutes = [NEIPv4Route.default()]
let proxySettings = NEProxySettings()
proxySettings.httpEnabled = true
proxySettings.httpServer = NEProxyServer(address: ProxyServerConfiguration.host, port: ProxyServerConfiguration.port)
proxySettings.httpsEnabled = true
proxySettings.httpsServer = NEProxyServer(address: LocalProxyServerConfiguration.host, port: LocalProxyServerConfiguration.port)
proxySettings.excludeSimpleHostnames = true
proxySettings.exceptionList = nil
let dnsSettings = NEDNSSettings(servers: ["8.8.8.8"])
settings.dnsSettings = dnsSettings
settings.proxySettings = proxySettings
setTunnelNetworkSettings(settings) { error in
// ...
}
}
I've tried all combinations of setting/excluding the NEDNSSettings but the DNS call always fails when the tunnel is running.
Thanks for any help.
docfp
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
Post
Replies
Boosts
Views
Activity
Hi,
We made a MDM Capability request a few months ago and still haven't heard back. Is there a way to check what the status of the request is?
Thanks,
Dave
I added a PKCS12 file to the Certificates section of the mobileconfig using Apple Configurator. I've installed the profile on the device but I can't see how I can access this cert. I want to use it to response to a NSURLAuthenticationMethodClientCertificate challenge.
Is it possible for an iOS app to get access to the cert this way?
Hi,
I'm developing a Packet Tunnel VPN in destination IP mode. Can I have this installed and running if an MDM has already deployed a per-app VPN, i.e. will the Packet Tunnel VPN get all the traffic not claimed by the per-app VPN?
Thanks,
Dave
Hi,
I'm looking into the per-app VPN on iOS and I see its for managed apps installed from a MDM. Can it be used for Apple apps, i.e. Safari, so the traffic can be inspected to decide if it should go via the VPN backend or direct to the internet?
Thanks,
Dave