Customize and extend core networking features.
- iOS 8.0+
- macOS 10.10+
- Mac Catalyst 13.0+Beta
With the NetworkExtension framework, you can customize and extend the core networking features of iOS and macOS. Specifically, you can:
Change the system’s Wi-Fi configuration
Integrate your app with the hotspot network subsystem (Hotspot Helper)
Create and manage VPN configurations, using the built-in VPN protocols (Personal VPN) or a custom VPN protocol
Implement an on-device content filter
Implement an on-device DNS proxy
The NetworkExtension framework is available in macOS and iOS, but not all features are available on both platforms and some features have specific restrictions (for example, some features only work on supervised iOS devices). The documentation for each feature describes these restrictions.
Options for Implementing VPN
The NetworkExtension framework has extensive support for virtual private networks (VPN). A VPN is a form of network tunnel, where a VPN client uses the public Internet to create a connection to a VPN server and then passes private network traffic over that connection.
VPNs have many different uses. For example, an enterprise might set up a VPN to give remote employees access to enterprise network resources that are not available on the public Internet. Or a consumer wanting to access the Internet from an untrusted network, such as the free Wi-Fi at an airport, might set up VPN to secure their traffic.
iOS and macOS include a number of different VPN APIs, distinguished by the protocols they support:
Use Personal VPN to create and manage a VPN configuration that uses one of the built-in VPN protocols (IPsec or IKEv2).
Create a Packet Tunnel Provider to implement a VPN client for a packet-oriented, custom VPN protocol.
Create an App Proxy Provider to implement a VPN client for a flow-oriented, custom VPN protocol.