7 Replies
      Latest reply on Feb 15, 2018 12:57 AM by eskimo
      k7-InAPP Level 1 Level 1 (0 points)

        Hi,

        I have t developed vpn application using ipsec protocol but network extension return throwing error like Error Domain=NEVPNErrorDomain Code=1 "Missing protocol or protocol has invalid type" UserInfo={NSLocalizedDescription=Missing protocol or protocol has invalid type}


        Same ipsec credentials  using create manual vpn profile it's working in iPhone

         

        My Code:

         

        private func initVPNTunnelProviderManager() {

                NETunnelProviderManager.loadAllFromPreferences { (savedManagers: [NETunnelProviderManager]?, error: Error?) in

                    if let error = error {

                        print(error)

                    }

                    if let savedManagers = savedManagers {

                        if savedManagers.count > 0 {

                            self.vpnManager = savedManagers[0]

                        }

                    }

                 

                    self.vpnManager.loadFromPreferences(completionHandler: { (error:Error?) in

                        if let error = error {

                            print(error)

                        }

                     

                        let df = NEVPNProtocolIPSec()

                        df.authenticationMethod = .sharedSecret

                       df.remoteIdentifier = "testuser"

                       let pwd = "empty".data(using: .utf8)

                        df.username = "user"

                        df.passwordReference = pwd

                        let shared = "TestV2".data(using: .utf8)

                        df.sharedSecretReference = shared

                        df.serverAddress = self.serverAddress

                        df.localIdentifier = "localVpn"

                        df.useExtendedAuthentication = true

                        df.disconnectOnSleep = true

         

                        self.vpnManager.protocolConfiguration = df

                     

                        self.vpnManager.localizedDescription = "NEPacketTunnelVPNDemoConfig"

                        self.vpnManager.isEnabled = true

                     

                        self.vpnManager.saveToPreferences(completionHandler: { (error:Error?) in

                            if let error = error {

                                print(error)

                            } else {

                                print("Save successfully")

                            }

                        })

                        self.VPNStatusDidChange(nil)

                    })

                }

            }

        • Re: Missing protocol or protocol has invalid type
          KMT Level 9 Level 9 (15,145 points)
            • Re: Missing protocol or protocol has invalid type
              k7-InAPP Level 1 Level 1 (0 points)

              I'm trying to save profile following line code return error messages.

               

              self.vpnManager.saveToPreferences(completionHandler: { (error:Error?) in

                                  if let error = error {

                                      print(error)

                                  } else {

                                      print("Save successfully")

                                  }

                              })

            • Re: Missing protocol or protocol has invalid type
              eskimo Apple Staff Apple Staff (12,335 points)

              It looks like you’re trying to use the built-in IPsec VPN transport (that is, Personal VPN).  Is that correct?

              If so, you’ve definitely got problems with your configuration code.  Personal VPN should be configured using the methods on NEVPNManager.  Specifically, start with NEVPNManager.shared and then call loadFromPreferences(completionHandler(_:) on that.  NETunnelProviderManager is only relevant if you’re configuring a custom VPN transport.

              Share and Enjoy

              Quinn “The Eskimo!”
              Apple Developer Relations, Developer Technical Support, Core OS/Hardware
              let myEmail = "eskimo" + "1" + "@apple.com"

                • Re: Missing protocol or protocol has invalid type
                  k7-InAPP Level 1 Level 1 (0 points)

                  Yes it's correct and fixed my issue and  another question is how will trace my packets and moniter packets in Personal vpn?

                    • Re: Missing protocol or protocol has invalid type
                      eskimo Apple Staff Apple Staff (12,335 points)

                      how will trace my packets and moniter packets in Personal vpn?

                      I’m not entirely sure what you mean, but my best guess is that you’re looking to do a packet trace, in which case you should check out the RVI mechanism described in QA1176 Getting a Packet Trace.

                      IMPORTANT RVI packet traces include the interface name in the packet metadata, which allows you to distinguish between VPN packets and normal packets.  The Q&A has links to more info on this.

                      Share and Enjoy

                      Quinn “The Eskimo!”
                      Apple Developer Relations, Developer Technical Support, Core OS/Hardware
                      let myEmail = "eskimo" + "1" + "@apple.com"

                  • Re: Missing protocol or protocol has invalid type
                    k7-InAPP Level 1 Level 1 (0 points)

                    Thanks for response,

                     

                    I am trying to develop a VPN App using Personal VPN - (NEVPNManager.shared without using tunnel concept)

                    My question : Is there any possibilty to track & fillter the packets through NEVPNManager - Personal VPN

                    Need For: Block URL (Malicious URL), Adult Content etc..,

                      • Re: Missing protocol or protocol has invalid type
                        eskimo Apple Staff Apple Staff (12,335 points)

                        VPN, both Personal VPN and a custom transport implemented using a Network Extension provider, was not designed to facilitate content filtering.  It’s possible to use it for that, but you are likely to run into obstacles.  For example, the user can easily disable VPN, allowing them to trivially bypass your filtering.

                        The recommended approach for content filtering is a Network Extension content filter provider.  The main drawback to that approach, however, is that it requires that the device be supervised.

                        If the restrictions imposed by a VPN-based solution are acceptable to you - namely that the user has to explicitly opt in — it is possible to implement something like this using VPN.  With Personal VPN you will have to do this filtering on the server side.  With a custom VPN transport you can do the filtering on the client but you’ll probably still need a VPN server to talk to (for an explanation as to why, see this thread).

                        Share and Enjoy

                        Quinn “The Eskimo!”
                        Apple Developer Relations, Developer Technical Support, Core OS/Hardware
                        let myEmail = "eskimo" + "1" + "@apple.com"