VPN disconnecting immediately after connecting.

App & System Services Networking
il2be97@gmail.com
il2be97@gmail.com OP
Created Feb ’21
Replies 5
Boosts 0
Views 3.5k
Participants 2
I have vpn info, which I try to configure in my application. when I call startVPNTunnel my vpn connection status changed to: connecting, disconnecting - so I can't establish my vpn connection.
But when i configure my vpn info in settings->general manual configure vpn - it is work fine

I configured my NEVPNProtocol

Code Block   static func protocolConfiguration(_ account: VPNAccountInfo) -> NEVPNProtocol {
    let configuration = NEVPNProtocolIKEv2()
    configuration.authenticationMethod = .none
    keychain["vpn_server"] = account.server
    keychain["vpn_remote_id"] = account.remoteIdentifier
    keychain["vpn_username"] = account.username
    keychain["vpn_password"] = account.password
    configuration.serverAddress = keychain["vpn_server"]
    configuration.remoteIdentifier = keychain["vpn_remote_id"]
    configuration.username = keychain["vpn_username"]
    configuration.passwordReference = keychain[attributes: "vpn_password"]?.persistentRef
    configuration.useExtendedAuthentication = true
    configuration.disconnectOnSleep = false
    return configuration
  }


and try to connected

Code Block static func connectToVPNAccount(_ account: VPNAccountInfo) {
    guard !connectionState.value.isInProgress else {
      return
    }
    connectionState.value = .connecting
    // Legacy?
    // For no known reason the process of saving/loading the VPN configurations fails. On the 2nd time it works
    vpnManager.loadFromPreferences(completionHandler: { (error: Error?) in
      if (error != nil) {
        disconnectInternal()
        print("Could not load VPN Configurations")
        return
      }
      vpnManager.protocolConfiguration = protocolConfiguration(account)
      vpnManager.localizedDescription = "Onion VPN"
      vpnManager.isEnabled = true
      vpnManager.saveToPreferences(completionHandler: { (error:Error?) in
        if (error != nil) {
          disconnectInternal()
          print("Could not save VPN Configurations")
          return
        }
        do {
          try vpnManager.connection.startVPNTunnel()
          DispatchQueue.main.asyncAfter(deadline: .now() + 5, execute: {
            connectionState.value = .connected
          })
        } catch let error {
          disconnectInternal()
          print("Error starting VPN Connection \(error.localizedDescription)")
        }
      })
    })
  }

but it doesn't work

Answered by il2be97@gmail.com in 664488022
I have founded an error - I need set my ikeSecurityAssociationParameters.diffieHellmanGroup = .group2, it's veird (because as default this value is equal 2, but I need set it explicitly) now it's work
Replies  5
Boosts  0
Views  3.5k
Participants  2
Apple Staff, DTS Engineer
DTS Engineer OP
Apple
Feb ’21
Does the VPN work if you configure it in Settings? If so, create a configuration profile for that VPN and test that. Does that work?

The easiest way to create a configuration profile is using Apple Configurator.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
0
il2be97@gmail.com
il2be97@gmail.com OP
Feb ’21
I have only username, password and server address of my vpn, How I can create a configuration profile?
0
il2be97@gmail.com
il2be97@gmail.com OP
Feb ’21
I used to configure my profile - Imazing profile editor, and configured my profile - but it doesn't work too,
my vpn works, only when I press add VPN Configuration in my settings, set description, server name, remote id (the same value as the server name), username and password - in that case it works fine
0
Apple Staff, DTS Engineer
DTS Engineer OP
Apple
Mar ’21
If you can’t get the VPN to work from a configuration profile, getting it to work using NEVPNManager is going to be very hard. I’m not really in a position to advise you on VPN configuration profiles; that’s supported by Apple Support, not DTS.

However, my experience is that most folks trip over the security association parameters (in Configurator these are displayed as IKE SA Params and Child SA Params). When you set up VPN in Settings, the resulting configuration automatically negotiates the right parameters. In a configuration profile (and also in NEVPNManager) you have to explicitly set the right values.

Once you get the profile working, it’s likely that you’ll be able to plug the same values into NEVPNManager and things will just work. If not, post back here with the details and I’ll take another look.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
0
il2be97@gmail.com
il2be97@gmail.com OP
Mar ’21
Accepted Answer
I have founded an error - I need set my ikeSecurityAssociationParameters.diffieHellmanGroup = .group2, it's veird (because as default this value is equal 2, but I need set it explicitly) now it's work
0
VPN disconnecting immediately after connecting.
First post date Last post date
 
 
Q