How exactly should the "tunnel_server" from the SimpleTunnel example behave when connected?

Question

Created Aug ’18

Replies 1

Boosts 0

Views 2.5k

Participants 2

I'm creating a per-app VPN client for MacOS by using the PacketTunnelProvider app extension and tunnel_server code from the simpleTunnel example apple provided to make to it work.

Once the client connects to the server, what behavior should I expect from apps I have included to connect on to the VPN server? For example, if the domain url www.google.com is supposed to go through the vpn and I try to google something, should the page be able to load? I thought I had read on other posts that this tunnel_server in particular wasnt set up to allow for clients to actually load content since its just an example.

Boost

Answer 1

DTS Engineer OP

Apple

Aug ’18

Once the client connects to the server, what behavior should I expect from apps I have included to connect on to the VPN server?

The expected behaviour varies by provider type:

If you connect using the app proxy provider, apps on the client should be able to access the wider Internet.
If you connect using the packet tunnel provider, apps on the client can only access resources on the server (that is, the Mac that’s running
```
tunnel_server
```
).

Clearly this second point is less than ideal. Alas, I know of no supported way around it. Various folks have come up with various ‘creative’ solutions for this, but I’m not aware of any solution that I’m prepared to stand by.

I’ll also note that most VPN developers aren’t targeting servers running on the Mac, and thus they use SimpleTunnel as an example of how to get things working, and then quickly move on to talking to the VPN server they actually care about.

Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

0