i am using the network extension to connecting my ikev2 server
but it always disconnect from server after I call the startVPNTunnal function , and the last connection error information shows like below
_lastDisconnectError NSError * domain: NEVPNConnectionErrorDomainPlugin- code: 7 0x0000000283a5da70
my code is like this
fileprivatefunc connect() {
DispatchQueue.main.asyncAfter(deadline: DispatchTime.now() + Double(Int64(1 * NSEC_PER_SEC)) / Double(NSEC_PER_SEC)) {
self.vpnManager.loadFromPreferences { (error) in
if let error = error {
print(error.localizedDescription)
self.delegate?.vpnConnectionStatusDidChanged(manager: self, status: .invalid)
return
}
do {
try self.vpnManager.connection.startVPNTunnel()
print("success")
} catch let error{
print("failed: " + error.localizedDescription)
self.delegate?.vpnConnectionStatusDidChanged(manager: self, status: .disconnected)
}
}
}
}
func savePassword(_ password: String, inKeychainItem: Data?) -> Data? {
guard let passwordData = password.data(using: String.Encoding.utf8, allowLossyConversion: false) else { return nil }
var status = errSecSuccess
if let persistentReference = inKeychainItem {
// A persistent reference was given, update the corresponding keychain item.
let query: [NSObject: AnyObject] = [
kSecValuePersistentRef : persistentReference as AnyObject,
kSecReturnAttributes : kCFBooleanTrue
]
var result: AnyObject?
// Get the current attributes for the item.
status = SecItemCopyMatching(query as CFDictionary, &result)
if let attributes = result as? [NSObject: AnyObject] , status == errSecSuccess {
// Update the attributes with the new data.
var updateQuery = [NSObject: AnyObject]()
updateQuery[kSecClass] = kSecClassGenericPassword
updateQuery[kSecAttrService] = attributes[kSecAttrService]
var newAttributes = attributes
newAttributes[kSecValueData] = passwordData as AnyObject?
status = SecItemUpdate(updateQuery as CFDictionary, newAttributes as CFDictionary)
if status == errSecSuccess {
return persistentReference
}
}
}
if inKeychainItem == nil || status != errSecSuccess {
// No persistent reference was provided, or the update failed. Add a new keychain item.
let attributes: [NSObject: AnyObject] = [
kSecAttrService : UUID().uuidString as AnyObject,
kSecValueData : passwordData as AnyObject,
kSecAttrAccessible : kSecAttrAccessibleAlways,
kSecClass : kSecClassGenericPassword,
kSecReturnPersistentRef : kCFBooleanTrue
]
var result: AnyObject?
status = SecItemAdd(attributes as CFDictionary, &result)
if let newPersistentReference = result as? Data , status == errSecSuccess {
return newPersistentReference
}
}
return nil
}
func connect(vpn_protocol:SGVPNProtocol, ip: String, username: String, password: String, psk: String) {
vpnManager.loadFromPreferences { (error) in
if error != nil {
print("Load error: \(error?.localizedDescription as String?)")
return
} else {
let configuration = NEVPNProtocolIKEv2()
configuration.username = username
configuration.passwordReference = self.savePassword(password, inKeychainItem: nil)
configuration.authenticationMethod = .none
configuration.useExtendedAuthentication = true
configuration.disconnectOnSleep = false
configuration.serverAddress = ip
configuration.remoteIdentifier = ip
configuration.localIdentifier = ""
self.vpnManager.protocolConfiguration = configuration
self.vpnManager.localizedDescription = "xxxx"
self.vpnManager.isEnabled = true
self.vpnManager.isOnDemandEnabled = false
self.vpnManager.saveToPreferences(completionHandler: { (error) in
if error != nil {
print(error!.localizedDescription)
self.delegate?.vpnConnectionStatusDidChanged(manager: self, status: SGVPNStatus.invalid)
return
}
self.vpnManager.loadFromPreferences(completionHandler: { error in
self.connect()
})
})
}
}
}
error information:
Printing description of self.vpnManager._connection->_lastDisconnectError:
Error Domain=NEVPNConnectionErrorDomainPlugin Code=7 "The VPN session failed because an internal error occurred." UserInfo={NSLocalizedDescription=The VPN session failed because an internal error occurred.}
(lldb)
i have done the capacities setting for Personer VPN and Network Extension