Hi,
We are using Network Extension Framework(tunnel provider) to build a VPN app and extension for Mac, and using Apple Configurator 2 to generate the VPN profile. But I got error "Failed to find the VPN app for plugin type ..." when I try to connect the vpn. Below is the logs and piece of VPN profile and entitlements:
Logs:
10:31:57.630458 -0800 nesessionmanager NESMVPNSession[MacTestVPN:F25915A2-BA33-4A0C-9194-9CD7D8FA6347]: Received a start command from mactestvpn[1457]
10:31:57.632121 -0800 nesessionmanager NESMVPNSession[MacTestVPN:F25915A2-BA33-4A0C-9194-9CD7D8FA6347]: status changed to connecting
10:31:57.632789 -0800 nesessionmanager subsystem: com.apple.securityd, category: storagemgr, enable_level: 0, persist_level: 0, default_ttl: 0, info_ttl: 0, debug_ttl: 0, generate_symptoms: 0, enable_oversize: 0, privacy_setting: 2, enable_private_data: 0
10:31:57.632858 -0800 nesessionmanager using system preferences
10:31:57.632944 -0800 nesessionmanager subsystem: com.apple.securityd, category: secpref, enable_level: 0, persist_level: 0, default_ttl: 0, info_ttl: 0, debug_ttl: 0, generate_symptoms: 0, enable_oversize: 0, privacy_setting: 2, enable_private_data: 0
10:31:57.634260 -0800 nesessionmanager subsystem: com.apple.securityd, category: integrity, enable_level: 0, persist_level: 0, default_ttl: 0, info_ttl: 0, debug_ttl: 0, generate_symptoms: 0, enable_oversize: 0, privacy_setting: 2, enable_private_data: 0
10:31:57.634302 -0800 nesessionmanager not switching as we're not in ~/Library/Keychains/: /Library/Keychains/System.keychain (0)
10:31:57.634349 -0800 nesessionmanager not switching as we're not in ~/Library/Keychains/: /Library/Keychains/System.keychain (0)
10:31:57.634602 -0800 nesessionmanager switching to keychain-db: /var/root/Library/Keychains/login.keychain-db from /var/root/Library/Keychains/login.keychain (0 1 0 0)
10:31:57.634746 -0800 nesessionmanager subsystem: com.apple.securityd, category: security_exception, enable_level: 0, persist_level: 0, default_ttl: 0, info_ttl: 0, debug_ttl: 0, generate_symptoms: 0, enable_oversize: 0, privacy_setting: 2, enable_private_data: 0
10:31:57.634786 -0800 nesessionmanager MacOS error: -25307
10:31:57.636331 -0800 nesessionmanager Unable to access keychain preference domain: 0. A default keychain could not be found.
10:31:57.644516 -0800 nesessionmanager subsystem: com.apple.SystemConfiguration, category: SCPreferences, enable_level: 0, persist_level: 0, default_ttl: 0, info_ttl: 0, debug_ttl: 0, generate_symptoms: 0, enable_oversize: 0, privacy_setting: 2, enable_private_data: 0
10:31:57.644614 -0800 nesessionmanager Failed to find the VPN app for plugin type com.mycompany.mac.testvpn
10:31:57.648089 -0800 nesessionmanager Failed to find the primary plugin (type = com.mycompany.mac.testvpn)
Profile:
<dict>
<key>IPv4</key>
<dict>
<key>OverridePrimary</key>
<integer>0</integer>
</dict>
<key>PayloadDescription</key>
<string>Configures VPN settings</string>
<key>PayloadDisplayName</key>
<string>VPN</string>
<key>PayloadIdentifier</key>
<string>com.apple.vpn.managed.D7C1A93F-009E-4486-8B6E-3A3FAF17F96C</string>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadUUID</key>
<string>E643B9CF-01D8-4B5D-9FCB-93A9FFFB5FDF</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>Proxies</key>
<dict>
key>HTTPEnable</key>
<integer>0</integer>
<key>HTTPSEnable</key>
<integer>0</integer>
</dict>
<key>UserDefinedName</key>
<string>mac test vpn</string>
<key>VPN</key>
<dict>
<key>AuthName</key>
<string>test</string>
<key>AuthenticationMethod</key>
<string>Certificate</string>
<key>PayloadCertificateUUID</key>
<string>CBFF90D2-A3B1-4812-B220-1866AA16A71E</string>
<key>ProviderType</key>
<string>packet-tunnel</string>
<key>RemoteAddress</key>
<string>vpn.mycompany.com</string>
</dict>
<key>VPNSubType</key>
<string>com.mycompany.mac.testvpn</string>
<key>VPNType</key>
<string>VPN</string>
<key>ProviderBundleIdentifier</key>
<string>com.mycompany.mac.testvpn.extn</string>
<key>VendorConfig</key>
<dict>
</dict>
</dict>
Entitlement:
<dict>
<key>com.apple.developer.networking.networkextension</key>
<array>
<string>packet-tunnel-provider</string>
</array>
<key>com.apple.developer.networking.vpn.api</key>
<array>
<string>allow-vpn</string>
</array>
<key>keychain-access-groups</key>
<array>
<string>com.apple.managed.vpn.shared</string>
</array>
</dict>