When a device is connected to VPN using NEPacketTunnelProvider, and configured with encrypted custom DNS (NEDNSOverHTTPSSettings), some Apple Services (e.g. Siri) are unavailable. The same configuration but with clear text custom DNS (NEDNSSettings) works as expected.
Inspecting network traffic while using Siri revealed SSL shutdown packets and TCP termination packets.
Device: iOS 14.4.2
Network Extension APIs: NEPacketTunnelProvider, NEPacketTunnelNetworkSettings, NEDNSOverHTTPSSettings
Attachments:
Inspecting network traffic while using Siri revealed SSL shutdown packets and TCP termination packets.
Device: iOS 14.4.2
Network Extension APIs: NEPacketTunnelProvider, NEPacketTunnelNetworkSettings, NEDNSOverHTTPSSettings
Attachments: