Internet not working when using NEPacketTunnelProvider

Hello, my goal is that when a request comes in with a specified ip using vpn, it sents to a localhost 8080 web server I created using gcdwebserver so I created NEPacketTunnelProvider and set some proxy server by using NEPacketTunnelProvider. However, when I configure it as below, and connect to the ip in the browser, it shows web server result I want but I can't access the other site like apple.com.

let settings: NEPacketTunnelNetworkSettings = NEPacketTunnelNetworkSettings(tunnelRemoteAddress: "77.77.77.77")

settings.dnsSettings = NEDNSSettings(servers: ["8.8.8.8", "8.8.4.4"])

let proxySettings: NEProxySettings = NEProxySettings()
proxySettings.httpServer = NEProxyServer(
    address: proxyHost,
    port: proxyPort
)
proxySettings.httpsServer = NEProxyServer(
    address: proxyHost,
    port: proxyPort
)
proxySettings.autoProxyConfigurationEnabled = false
proxySettings.httpEnabled = true
proxySettings.httpsEnabled = true
proxySettings.excludeSimpleHostnames = true
settings.proxySettings = proxySettings

let ipv4Settings: NEIPv4Settings = NEIPv4Settings(
    addresses: [settings.tunnelRemoteAddress],
    subnetMasks: ["255.255.255.255"]
)

ipv4Settings.includedRoutes = [NEIPv4Route.default()]

settings.ipv4Settings = ipv4Settings

So, I set includeRoutes to only allow specified ip (77.77.77.77) as below, and the internet works fine, but access to the the ip is failed. It shows "connection failed" in the browser. Am I trying something wrong?

ipv4Settings.includedRoutes = [
    NEIPv4Route(destinationAddress: "77.77.77.77", subnetMask: "255.255.255.255")
]

Your approach won’t work. The DNS and proxy settings associated with a tunnel configuration only work if your tunnel claims the default route. But once your claims the default route, it becomes responsible for handling all traffic to the wider Internet.

my goal is that when a request comes in with a specified ip using vpn, it sents to a localhost 8080 web server

Can you expand on this goal a little? Why are you trying to do this?

Most folks who ask questions like this are trying to use a packet tunnel provider to achieve something that the packet tunnel architecture was never intended to support. One of my colleagues wrote TN3120 Expected use cases for Network Extension packet tunnel providers to explain that issue.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Internet not working when using NEPacketTunnelProvider
 
 
Q