iOS14 personal vpn bug
The 90% unavailable part is what has me concerned. Usually if you were running into a bug this would fail 100% of the time. Is there any more information or logs that you can share when you run into a connection issue with NEVPNManager?but when connected through NEVPNManager in my app, 90% of the cases are Not available
Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
Multiline
The 90% unavailable part is what has me concerned. Usually if you were running into a bug this would fail 100% of the time. Is there any more information or logs that you can share when you run into a connection issue with NEVPNManager?
BlockQuote
After many tests, it was found that 90% of the expressions were not accurate. It should be 100% unable to access the Internet.
The newly discovered situation is that when I use NEVPNManager to connect to the VPN on a 4G network, I cannot access the Internet. I turn on the WiFi at this time, and then turn off the WiFi, after which the VPN can access the Internet.
After turning WiFi on and then turning off WiFi, the following log will be triggered. The previous NEVPNManager logs are the same, no matter if I turn on vpn in my app or turn on vpn in system settings.
Our IKEv2 profile is configured as "always on" for 4G and WiFi. It cannot switched on or off by the user. After the iOS 14 upgrade it is not possible to use the 4G network (VPN: Connecting...). As Qixin mentioned the workaorund that actually works is to use the WiFi connection (VPN: Connected), switch off WiFi and from that point on VPN on 4G is working as it is supposed to. The same procedure has to be repeated after rebooting.
Would be great to get some information on that issue.
In the logs it looks like your device starts off connected over the cellular interface, whether this is routing your VPN or not is another question. Then there is a an interface change to Wi-Fi and then from Wi-Fi back to cellular again. If you are seeing your VPN become reachable on the switch back from Wi-Fi to cellular then you need to look at the routing table to see what is configured for pdp_ip0 and tun{n} before and after the primary physical interface change. This will tell you what is happening and why the VPNs are in an unreachable state before the Wi-Fi flip. As to how to fix it may be another question. Does the cell carrier provide v4 and v6?11:19:57.283185+0800 nesessionmanager Changing primary physical interface: pdpip0 => en0
11:19:57.422416+0800 nesessionmanager Will update session NESMPathControllerSession[com.apple.commcenter.ne.cellularusage:624C6B62-7FF5-415A-82EA-150865FEA7B8] status to connected (fallback 0 non-default 1)
11:19:57.422532+0800 nesessionmanager Changing primary wifi interface: (null) => en0
11:19:57.422768+0800 nesessionmanager Session NESMPathControllerSession[com.apple.commcenter.ne.cellularusage:624C6B62-7FF5-415A-82EA-150865FEA7B8] status changing to connected after update
11:19:57.576920+0800 nesessionmanager Changing primary physical interface: en0 => pdpip0
11:19:57.595541+0800 nesessionmanager Will update session NESMPathControllerSession[com.apple.commcenter.ne.cellularusage:624C6B62-7FF5-415A-82EA-150865FEA7B8] status to connected (fallback 0 non-default 1)
11:19:57.597100+0800 nesessionmanager Changing primary wifi interface: en0 => (null)
Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
CFNetwork
Baseband
mDNSResponder (May not be needed)
Network Diagnostics
VPN (Network Extension)
Once you have the sysdiagnose there is a file in this archive called system_logs.logarchive. Using your timestamp checkout the logs in this file. The routing table should be visible here when a network interface change is made.
Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
created a vpn application. implemented a connection with parameters:
iPhone 7
iOS 14.0
NEVPNManager
ikev2 protocol
shared secret
wi-fi or lte
server ipv4
Moreover, if you create a configuration not through the application, but manually (with the same parameters), the connection is successful.
Reproduced 100 out of 100 cases.
I also tested it on a device with ios 13.7 - connecting to a similar server and with the same code is successful both from the application and when added manually.
still need your help!
console log
CALL LOAD TO PREFERENCES AGAIN...
NEVPNConnection: Disconnected
Starting VPN...
2020-09-24 22:38:37.049787+0300 VPN [22884:2923865] [connection] nwreadrequestreport [C1] Receive failed with error "Software caused connection abort"
NEVPNConnection: Connecting
2020-09-24 22:38:37.200825+0300 VPN [22884:2923865] Connection 2: received failure notification
2020-09-24 22:38:37.201898+0300 VPN [22884:2923865] [connection] nwflowaddwriterequest [C2.1 23.21.126.66:443 failed channel-flow (satisfied (Path is satisfied), viable, interface: en0, ipv4, dns)] cannot accept write requests
2020-09-24 22:38:37.201999+0300 VPN [22884:2923865] [connection] nwwriterequestreport [C2] Send failed with error "Socket is not connected"
2020-09-24 22:38:37.216222+0300 VPN [22884:2923865] [connection] nwreadrequestreport [C2] Receive failed with error "Socket is not connected"
2020-09-24 22:38:37.216349+0300 VPN [22884:2923865] Connection 2: write error 1:57
2020-09-24 22:38:37.218597+0300 VPN [22884:2923865] [connection] nwflowaddwriterequest [C2.1 23.21.126.66:443 failed channel-flow (satisfied (Path is satisfied), viable, interface: en0, ipv4, dns)] cannot accept write requests
2020-09-24 22:38:37.220645+0300 VPN [22884:2923865] [connection] nwwriterequestreport [C2] Send failed with error "Socket is not connected"
NEVPNConnection: Disconnecting
NEVPNConnection: Disconnected
If you open a bug report please follow up with the Feedback ID.
Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
I recently updated the iOS system to 14.0.1. After connecting to vpn, the network is available.
Apple fixed this issue?
Reproduce the issue. Note the timestamp. Trigger an iOS sysdiagnose.
Once you have the sysdiagnose there is a file in this archive called system_logs.logarchive. Using your timestamp checkout the logs in this file. The routing table should be visible here when a network interface change is made.
Unfortunately, this issue still exists in iOS 14.0.1 system
I followed the documentation and failed to trigger Sysdiagnose
The problem persists in 14.0.1 and 14.2 Beta.
Do you have a hint for what to look in the system_logs.logarchive?
After testing, I found that if after the first VPN connection, if the network is found to be interrupted, then turn on the airplane mode, and then immediately turn off the airplane mode, which is equivalent to the user manually disconnecting and reconnecting, then the VPN network is immediately available.
Code Block - iPhoneX - IPsec personal vpn - iOS 14.0/14.0.1 - Network Extension - NEVPNManager+NEVPNProtocolIPSec
In iOS14.0.1, occasionally personal VPN is unavailable, but it is available in most cases.
In iOS14.0, VPN is unavailable in most cases