I am implementing a custom SSL VPN App using NE and for some not well known reason I am not able to properly start my app-extension (NEPacketTunnelProvider) by invoking NETunnelProviderSession.startTunnelWithOptions: in the containing app. My device is running iOS 10.3.2 and I am using the latest XCode.
This is the interesting part of the log about the attempt to start the app-extension, but without success:
May 18 00:24:57 Robins-nest MyApp[526] <Notice>: Saving profile before attempting connection...
May 18 00:24:57 Robins-nest neagent(Foundation)[288] <Notice>: calling plugIn beginUsing:
May 18 00:24:57 Robins-nest pkd[137] <Notice>: allowing host 288 <private> to use plug-in <private>(<private>) uuid=D54BA293-CD8D-482A-AFE6-3BCBAF639397 at <private>
May 18 00:24:57 Robins-nest MyApp(NetworkExtension)[526] <Notice>: The configuration was not saved because it was unchanged from the previously saved version
May 18 00:24:57 Robins-nest nesessionmanager(NetworkExtension)[287] <Notice>: NESMVPNSession[host.com/host:A1454C48-6E12-4B11-860B-66B531F88CC6]: Received a start command from MyApp[526]
May 18 00:24:57 Robins-nest nesessionmanager(NetworkExtension)[287] <Notice>: NESMVPNSession[host.com/host:A1454C48-6E12-4B11-860B-66B531F88CC6]: status changed to connecting
May 18 00:24:57 Robins-nest neagent(PlugInKit)[288] <Notice>: connection to plug-in <private>(D54BA293-CD8D-482A-AFE6-3BCBAF639397) lost
May 18 00:24:57 Robins-nest neagent(PlugInKit)[288] <Error>: Hub connection error Error Domain=NSCocoaErrorDomain Code=4097 "connection to service named net.domain.cat.app.ext" UserInfo={NSDebugDescription=connection to service named net.domain.cat.app.ext}
May 18 00:24:57 Robins-nest neagent(Foundation)[288] <Notice>: PlugInKit error in beginUsing:
May 18 00:24:57 Robins-nest neagent(NetworkExtension)[288] <Error>: Failed to start extension net.domain.cat.app.ext: Error Domain=NSCocoaErrorDomain Code=4097 "connection to service named net.domain.cat.app.ext" UserInfo={NSDebugDescription=connection to service named net.domain.cat.app.ext}
May 18 00:24:57 Robins-nest neagent(Foundation)[288] <Notice>: killing invalid plugIn
May 18 00:24:57 Robins-nest neagent(libxpc.dylib)[288] <Notice>: Could not signal service net.domain.cat.app.ext: 113: Could not find specified service
May 18 00:24:57 Robins-nest neagent(Foundation)[288] <Notice>: completed calling plugIn beginUsing: for pid: 0
I know this is a problem that has been discussed in several threads already, however, I couldn't find any useful hint in any of them.
I checked the entitlements and NE seems to be properly setup in both the containing App and the app-extension.
The NETunnelProviderManager is loaded and then saved before attempting to start the tunnel.
What else could I check? Or is there any way to increase the verbosity of the neagent process in order to retrieve some more information?