Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Question:

Question: iOS11 VPN Routing

I have seen a few articles or posts detailing the different VPN types, how and why they are used, and the options that are available. But nothing really pertaining to my specific question and I am having trouble finding any documentation on this specific matter.


In short, regardless of the VPN application or manual configuration I have configured, it appears some Apple related traffic and DNS queries are split-tunneling my active VPN session established. I am curious to why?

---


Expanded:

  • I have tested a wide range of third party VPN apps in my testing: IPA, Hotspot Shield, Betternet, TunnelBear, Checkpoint the list can go on...
  • I have also setup my own test VPN servers to test: IKEv2, IPsec, and L2TP
  • Regardless of the method, and regardless of the "Send All Traffic" option you have the ability to configure for certain VPN types, DNS quires and Apple specific traffic ignores the current established tunnel.
  • From the below knowledge base article: it appears the primary traffic is both


In short... has anyone else seen this? And why is this the default behavior?

Posted on

Reply

Mar 18, 2018 4:58 PM in response to J0RD@N In response to J0RD@N

J0RD@N wrote:


Hi LittleJob,


I'm very interested to know - did you end up getting any resolution or confirmation on this?


Kind regards,


Jordan

Direct from Apple;


This issue behaves as intended based on the following:

The primary reason is to not affect the performance (and therefore the user experience) of the various Apple services.

If you want *all* traffic to go through the VPN your only option is Always-On VPN.

We are now closing this bug report.


Kind of BS if you ask me...

Mar 18, 2018 4:58 PM

Reply Helpful

Mar 26, 2018 5:45 AM in response to J0RD@N In response to J0RD@N

I was referring when you manually define a L2TP connection under your iOS devices VPN options. There is a toggle switch that allows you to allegedly "send all traffic" through what I assume is the VPN host you are configuring..

Mar 26, 2018 5:45 AM

Reply Helpful (1)
User profile for user: LittleJob

Question: iOS11 VPN Routing