How can I disable onDemandRules from NEPacketTunnelProvider Extension?

I am trying to disable onDemanRules from within the NEPacketTunnelProvider extension, but when I try to load the NETunnelProviderManager I get this message in the logs:


NETunnelProviderManager objects cannot be instantiated from NEProvider processes


Does anyone know if there's a way I can disable onDemanRules from within the NEPacketTunnelProvider extension?

It seems odd that we can cancel the tunnel from the extension using cancelTunnelWithError(_:) but can't stop the system from trying to reconnect due to onDemandRules. Especially that in the documentation it says:


The Packet Tunnel Provider should call this method when an unrecoverable error occurs, such as the tunnel server going down or the VPN authentication session expiring.


^ How is it even useful to call this method when an unrecoverable error occurs, but cannot stop it from reconnecting. If the tunnel server is down, why would it even keep trying to reconnect forever? That would just block the internet connection from the phone, and for the user to gain access to the internet again they have to go to Settings > VPN > VPN Profile > Disable "Connect on Demand", which is a terrible user experience, we should just be able to disable it from the extension.

Up vote post of aboodmufti Down vote post of aboodmufti
2.2k views
Posted by
aboodmufti
Reply
Add a Comment

Replies

Does anyone know if there's a way I can disable 

onDemandRules
from within the 
NEPacketTunnelProvider
extension?

Right now that’s not possible. I’ve seen this reported by a bunch of developers, so it’s likely we already have an enhancement request on file about it, but I don’t have the bug number handy so I recommend that you file your own bug about this.

Please post your bug number, just for the record.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Thanks for the quick reply!


I just filed an enhancement report with this bug number: 50723668

Posted by
aboodmufti
Up vote reply of aboodmufti Down vote reply of aboodmufti
Add a Comment
Is there any update on this, also can you provide a link to the ticket?
Posted by
hunble
Up vote reply of hunble Down vote reply of hunble
Add a Comment

We're having the same problem that prevents us from using on-demand at all.

I've reported an improvement suggestion under FB12451642

Posted by
diegoreymendez
Up vote reply of diegoreymendez Down vote reply of diegoreymendez
Add a Comment

We're having this problem as well. The user is stuck in an indefinite reconnect loop when the VPN server is unavailable. Has anyone found a workaround yet?

Posted by
LightSide
Up vote reply of LightSide Down vote reply of LightSide
Add a Comment