NEProxySettings does not work.

Question

Created Oct ’22

Replies 7

Boosts 0

Views 1.2k

Participants 2

I use NEVPNManager to creat Personal VPN (IKEV2). It works well.But When I want to use NEProxySettings to add expectionList,it didn't work.I don't know why.I want some domain names to not use proxies,such as my own VPN App, because it will be very slow.My App server address name is "xxx.xxx.xx". VPN server IP is "yyy.yyy.yy, port is 500".Here is my code:

NEVPNProtocolIKEv2 *vpnProtocollIKEv2 = [[NEVPNProtocolIKEv2 alloc] init];

NEProxySettings *proxySettings = [[NEProxySettings alloc] init];

NEProxyServer *httpsServer = [[NEProxyServer alloc] initWithAddress:"yyy.yyy.yy" port:500];

proxySettings.HTTPSServer = httpsServer;

NEProxyServer *httpServer = [[NEProxyServer alloc] initWithAddress:"yyy.yyy.yy" port:500];

proxySettings.HTTPServer = httpServer;

proxySettings.autoProxyConfigurationEnabled = NO;

proxySettings.excludeSimpleHostnames = YES;

proxySettings.HTTPEnabled = YES;

proxySettings.HTTPSEnabled = YES;

proxySettings.exceptionList = @[@"xxx.xxx.xx",@"*.xxx.xxx.xx"];

vpnProtocollIKEv2.proxySettings = proxySettings;

Boost

Answer 1

DTS Engineer OP

Apple

Oct ’22

Accepted Answer

Does the VPN configuration returned by your server claim the default route?

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

1

Answer 2

zxkw OP

Oct ’22

So far it seems that there is a default route. What can I do to make the expectionList work when using NEVPNManager?

0

Answer 3

DTS Engineer OP

Apple

Oct ’22

In general, the system uses the proxy settings associated for the interface that the connection is using. So, if you want a VPN interface’s proxy settings to be used by default, that interface must become the default route.

If you ignore the Personal VPN API for the moment and instead try to create the same setup using a configuration profile, are you able to get the proxy setup working?

To create a configuration profile, use the Apple Configurator app. However, it won’t let you configure all the proxy settings, so I recommend that you use it to get started and then manually edit from there.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 4

zxkw OP

Nov ’22

I have a question I don't understand.Does NEProxyServer refer to vpn server or other proxy server?If it is another proxy server, how do I set up this proxy server?

0

Answer 5

DTS Engineer OP

Apple

Nov ’22

Does NEProxyServer refer to vpn server or other proxy server?

NEProxyServer is a ‘model level’ object. It’s there simple to hold a few values (address, port, and credentials). In Swift it’d be a struct.

The significance of NEProxyServer is based on where it’s used. In NE it’s only used in one place, within NEProxySettings for the HTTPServer and HTTPSServer properties. In that context it clearly refers to a proxy server.

In turn, NEProxySettings is used in two places:

When configuring a VPN tunnel, you can configure the proxy settings using the proxySettings property of NEVPNProtocol. Keep in mind that NEVPNProtocol is the super class of all the VPN configuration classes, including NETunnelProviderProtocol for custom VPN providers and NEVPNProtocolIPSec for the built-in VPN providers (aka Personal VPN).
In a custom VPN provider, you can apply proxies to your tunnel’s interface by setting the proxySettings property of NETunnelNetworkSettings.

However, keep in mind what I wrote earlier:

if you want a VPN interface’s proxy settings to be used by default, that interface must become the default route.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 6

zxkw OP

Nov ’22

Thanks!I'm using NEVPNManager to create persoal VPN,so I can only use NEProxySettings.What I want is for some apps not to use VPN by configuring the whitelist.But NEProxySettings don't work.Just like you said,"if you want a VPN interface’s proxy settings to be used by default, that interface must become the default route.",I really don't know how this works.Is it necessary to have a proxy server? If yes, how do I set up this proxy server.I have tried using GCDWebServer to set up the local server and configured the PAC file, but it still doesn't work.

0

Answer 7

DTS Engineer OP

Apple

Nov ’22

So what’s your high-level goal here?

Keep in mind that Apple’s proxy architecture is designed to help user’s connect to services. If the service is available directly, we do guarantee to send the request via the proxy.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0