I have a VPN application which supports On-Demand L3 VPN profiles/configurations. For the on demand VPN profile we have few match domains as on demand rules to trigger the VPN when user accesses the matching resource.
Now, we have a situation where the match domains of the VPN profile may change in the VPN server. To support Split tunnelling In packet tunnel, we call a Rest API to get new match domains every time the VPN Packet Tunnel is launched on-demand.
Now, everything is fine except for that we are not able to update the VPN profile with new match domains (we have received in the packet tunnel extension) without opening the containing application. Since its an on-demand VPN, users are not expected to open the App for a long time. However, having stale match domains as on-demand rule is also not an ideal condition, either.
So, we thought of updating VPN profiles from packet tunnel extension. However, whenever I call the API to read the profiles from preferences, it simply crashes the packet tunnel. This gives me indication that it is not allowed to access VPN profiles from within the extension.
So my question is, whether it's allowed read and update VPN profiles inside packettunnel extension using `NETunnelProviderManager loadAllFromPreferencesWithCompletionHandler` API? If not, is there any other API to do it? Or is it simply not allowed?