VPN auto reconnects after calling the cancelTunnelWithError method

App & System Services Core OS
jingyil OP
Created Mar ’24
Replies 3
Boosts 0
Views 517
Participants 2

Our VPN was implemented using the NEPacketTunnelProvider, in the case of back end permanent errors (e.g. permission denied), we would stop the VPN tunnel by calling the cancelTunnelVPNWithError method. This did stop the VPN, however the VPN would auto reconnect and enter an infinite loop of connecting and disconnecting due to the back end permanent error.

The VPN was turned on from the VPN settings. To completely disable the VPN, we need to either delete the VPN configuration, or manually tap on the toggle to disable.

Sample code:

- (void)PPNService:(PPNService *)PPNService didStopWithError:(nullable NSError *)error {
  SUBSPPNStatusData *ppnStatusData = [[SUBSPPNStatusData alloc] init];
  SUBSPPNToggleStatus *toggleStatus = [[SUBSPPNToggleStatus alloc] init];
  toggleStatus.ppnToggleStatus = SUBSPPNToggleStatus_PPNToggleStatus_Off;

  if (error) {
    [_ppnSessionManager logSessionEnd];
    [self cancelTunnelWithError:error];
    ppnStatusData.ppnStatus = SUBSPPNStatusData_PPNStatus_StoppedWithError;
    PPNStatusDetails *details = error.userInfo[PPNStatusDetailsKey];
}

Question: Why does the VPN auto reconnect after calling the cancel method? Any solutions to completely stop the VPN on permanent errors.

Replies  3
Boosts  0
Views  517
Participants  2
DTS Engineer OP
Apple
Mar ’24

How have you configured VPN On Demand?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
jingyil OP
Mar ’24

Yes, we have configured on demand, but even if we disabled the on demand, the VPN would still auto reconnect.

Code with on demand enabled:

 newManager.enabled = YES;
  [newManager setOnDemandEnabled:YES];
  newManager.onDemandRules = @[ alwaysOnRule ];

Code with on demand disabled:

newManager.enabled = YES;
  [newManager setOnDemandEnabled:NO];
0
DTS Engineer OP
Apple
Mar ’24

even if we disabled the on demand, the VPN would still auto reconnect.

Are you sure? I’m struggling to see any way that VPN can start without explicit user action unless VPN On Demand is set.

Please do the following:

  1. Update your code to set onDemandEnabled to false.

  2. Erase your test device.

  3. Install your app on that device and re-test.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
VPN auto reconnects after calling the cancelTunnelWithError method
First post date Last post date
 
 
Q