I have an iOS app with two network extension targets(tunnel1 and tunnel2) in it. Use case is explained below:-
- One target i.e Tunnel1 will be used for public traffic. Traffic not part of Tunnel2 will go through this tunnel
- Second target i.e Tunnel2 will be used for private traffic.This will be configured as per app vpn so that only those apps can have access to private resources.
MDMs can push two VPN profiles along with Provider Bundle Indentifier so that designated tunnel can start based on source app. So far this works well.
Issue:-
We have thousands of deployments already in place where VPN profiles did not contain Provider Bundle Indentifier because so far our app had just one tunnel target. Now , after upgrade to New App version(with two NE targets) , sometimes Tunnel1 starts , sometimes Tunnel2 . Its purely random and dont know logic behind it.
Question:-
Is there any way to always prefer Tunnel1 when there is no Provider Bundle Indentifier in MDM pushed VPN profile?
Is there any way to always prefer Tunnel1 … ?
At the code level, no. If you have multiple NE providers of the same type, it’s unspecified which one starts in the absence of the provider bundle identifier setting.
Honestly, I’m a little surprised it’s seemingly random, but I can see how that might come about.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"