Split traffic with IKEv2 VPN

I have a server set up that uses IKEv2 protocol. I want to allow sending some traffic through VPN and the rest through the regular interface. I was looking into Packet Tunnel Provider and routing traffic by destination IP (I cannot use MDM), but it looks like I need to implement custom VPN transport in that case?

You could reimplement IKEv2 as a packet tunnel provider but that’s a lot of work.

My understanding is that the built-in IKEv2 client supports this sort of thing out of the box. The trick is to configure your VPN server to vend specific routes to the client. I’m not an expert on doing this — DevForums is primarily about developer APIs and thus we don’t maintain expertise in admin issues — so I’m going to recommend that you ask over in Apple Support Communities, run by Apple Apple, and specifically the in Business and Education topic areas, where you’re more likely to find folks with relevant experience.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

I want to let users on the client decide whether they want full or split tunnel.

As far as I know our IKEv2 client doesn’t let you configure that client side. Certainly, there are no configuration options for this in the Personal VPN API. There may some way to set this up via a configuration profile but, again, that’s not really my field.

One alternative would be to stand up a web interface that lets your users configure this on the server side. That will be a lot easier than creating your own packet tunnel provider.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Split traffic with IKEv2 VPN
 
 
Q