We set below rule for IKEv2 / IPSec / NETunnelProviderManager custom protocols. where trusted domain contains www.whatismyipaddress.com
and manually connected to VPN.
NEEvaluateConnectionRule *evalConnectionRule = [[NEEvaluateConnectionRule alloc] initWithMatchDomains:self.trustedDomains
andAction:NEEvaluateConnectionRuleActionNeverConnect];
NEOnDemandRuleEvaluateConnection *onDemandRule = [NEOnDemandRuleEvaluateConnection new];
onDemandRule.connectionRules = @[ evalConnectionRule ];
[activeRules addObject:onDemandRule];
[NEVPNManager sharedManager].onDemandRules = [evalConnectionRule];
[NEVPNManager sharedManager].onDemandEnabled = YES;
[NEVPNManager sharedManager].enabled = YES;
[[NEVPNManager sharedManager].connection startVPNTunnelAndReturnError:&connError];
www.whatismyipaddress.com
shows correct public IP address and www.whatismyip.com
shows correct VPN server address on Safari.
Above code snippet working fine on iOS / iPadOS on all bowsers but not on macOS browsers except Safari.
Is there something I'm missing here? Are there other settings that we have to configure in our NEVPNManager/NETunnelProviderManager for macOS specifically?
We are testing this in macOS Ventura.
Above code snippet working fine on iOS / iPadOS on all bowsers but not on macOS browsers except Safari.
The most common cause of such problems is that the browser is not using one of our connect-by-name APIs. iOS browsers use WebKit, and WebKit use a connect-by-name API. Likewise for Safari on macOS. Third-party browsers on macOS can, and typically do, use their own networking stack, typically based on BSD Sockets, and this has problems with connect-by-name.
I recommend that you find a browser that has this problem and is open source and look at how its networking stack works.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"