User profile for user: ScottBonar
ScottBonar Author
User level: Level 1
4 points

VPN network extension not working after 15.1.1 upgrade

Our company has a VPN client that we develop and it works on 14.x and it was working on 15.x but ever since I have upgraded to 15.1.1, I do not see any traffic being sent to the TUN interface even though I have it configured as the default route. Can anyone provide guidance or insight into what might have changed around the Network Extensions that could have caused this?

Unfortunately I cannot tell if this was happening on 15.0.1. Some things I have tried, to no avail, is disable the firewall and uninstalling/installing of the VPN client. I have no other filters installed that could be interfering. When I try and ping an address I should be able to reach, I get "no route to host"


NOTE, networking works fine when the VPN client is not connected.

Posted on Dec 1, 2024 12:46 PM

Reply
8 replies
Sort By: 
User profile for user: IdrisSeabright
IdrisSeabright
User level: Level 10
176,903 points

Dec 3, 2024 8:19 AM in response to ScottBonar

ScottBonar wrote:

Our company has a VPN client that we develop and it works on 14.x and it was working on 15.x but ever since I have upgraded to 15.1.1, I do not see any traffic being sent to the TUN interface even though I have it configured as the default route. Can anyone provide guidance or insight into what might have changed around the Network Extensions that could have caused this?
Unfortunately I cannot tell if this was happening on 15.0.1. Some things I have tried, to no avail, is disable the firewall and uninstalling/installing of the VPN client. I have no other filters installed that could be interfering. When I try and ping an address I should be able to reach, I get "no route to host"

NOTE, networking works fine when the VPN client is not connected.

Your IT department may need to update something on their end. Have you talked to them yet?

Reply
User profile for user: Lawrence Finch
Lawrence Finch
Community+ 2025
User level: Level 10
221,452 points

Dec 3, 2024 9:16 AM in response to ScottBonar

when you install VPN it configures itself to the specific hardware, iOS version and network that the phone uses. If any of those change it can break the VPN. So any time you change any of these you may need to delete the VPN app and profile, restart your phone then add them back so it can configure itself to the new environment.

Reply
User profile for user: ScottBonar
ScottBonar Author
User level: Level 1
4 points

Dec 3, 2024 9:46 AM in response to Lawrence Finch

I guess I disagree with your premise. First of all, a Apple VPN client using the NE Packet Tunnel Provider System Extension, does not configure itself to specific hardware when it installs at least not a custom one. When you start the PTP tunnel the Apple OS creates a TUN interface that traffic is directed to via the routes and then the VPN client has the responsibility to send the packets out the correct outgoing interface. This is how it works on iOS and macOS. I am also the developer of this VPN client so I do know the inner workings of the client and how things are supposed to flow. The issue is that on 14.x, using Wireshark, I see packet flow to the TUN interface just fine and everything works but on 15.1.1 I do not. This worked initially on 15.0 so something has changed and I'm just trying to find out what. Also note iOS works just fine. I have uninstalled. I have rebooted. Nothing has worked.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

VPN network extension not working after 15.1.1 upgrade

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up