Setup vpn settings for NEPacketTunnelProvider

App & System Services Networking
iandreyeu OP
Created Jan ’23
Replies 2
Boosts 0
Views 888
Participants 2

Hello everybody.

I need to implement DNS settings with on/off toggle (so that user would not have to go to the iPhone settings).

So far my research have pointed me to the direction of proxy/tunnel. And in the interface of NEPacketTunnelProvider I've discovered that it's settings contain vpnSettings property, just like NEDNSSettingsManager

So I've created a sample project (tunnel branch), and I've managed to get the vpn up and running, however I am unable to setup dns settings properly. Invoking NEPacketTunnelProvider.setTunnelNetworkSettings with any kind of config prevents the tunnel from starting.

I've used similar settings with my NEDNSSettingsManager , and it worked just fine.

My feeling is that I set invalid value into NETunnelProviderProtocol.serverAddress and NETunnelNetworkSettings.tunnelRemoteAddress, but I'm unable to verify that since I possess no access to any kind of infrastructure.

I am aware of MDM restrictions, and at this point I need to setup Google dns via packet tunnel with a on/off switch.

Thanks.

Replies  2
Boosts  0
Views  888
Participants  2
iandreyeu OP
Jan ’23

When trying something like

class PacketTunnelProvider: NEPacketTunnelProvider {
    override func startTunnel(options: [String : NSObject]?, completionHandler: @escaping (Error?) -> Void) {
        let networkSettings = NETunnelNetworkSettings(tunnelRemoteAddress: "127.0.0.1")
        setTunnelNetworkSettings(networkSettings) { error in
            debugPrint(error)
            completionHandler(error)
        }

I get the following error:

Error Domain=NETunnelProviderErrorDomain Code=1 \"NEPacketTunnelNetworkSettings must be used with NEPacketTunnelProvider\" UserInfo={NSLocalizedDescription=NEPacketTunnelNetworkSettings must be used with NEPacketTunnelProvider}

0
DTS Engineer OP
Apple
Jan ’23

Packet tunnel providers are intended to be used to implement VPN. Folks who attempt to use them for ‘off label’ task generally run into problems, to the point where one of my colleagues wrote TN3120 Expected use cases for Network Extension packet tunnel providers.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
Setup vpn settings for NEPacketTunnelProvider
First post date Last post date
 
 
Q