Thanks for the response. Actually the only thing I was missing is the matchDomains property and now the DNS is hitting the local DNS forwarder. This is indeed for implementing a VPN tunnel, not filtering content. The DNS requirements are so that the queries are resolved and saved temporarily into a list in which then the VPN tunnel can perform conditional routing based on said IPs. I know it is working in development on device but is it against App Store guidelines to host a local listening DNS forwarder in the Network Extension?

Thanks for the explanation, I have recreated the Packet Tunnel Provider as a system extension. However I'm having trouble getting the system extension started. After hitting tunnel.connection.startVPNTunnel() on the main app, nothing really happens and no error is caught. Trying to attach the debugger as root also does not initiate, as it seems the extension is not started at all. I have followed your advice detailed at: https://developer.apple.com/forums/thread/725805 The app is now copied to /Applications upon build In the VPNManager, the providerBundleIdentifier is set to the bundleIdentifier of the system extension network extension. I've added os_log to the main.swift initiation point, but no log shows up in the console app filtered by the subsystem Any ideas where else to check?

I noticed whenever I hit connect the toggle UI element in the VPN profile of system preferences moves a little indicating the profile at least matches. In the console app I do not see any crash reports, but filtering on my PacketTunnelDesktop target, I see: "Found 0 registrations for com.example.desktop.PacketTunnel (com.apple.networkextension.packet-tunnel)" I'm guessing some identifier is not matching? Unfortunately googling "Found 0 registrations for" yields 0 results on Google :( The app bundle has the system extension packaged at Conents/Library/SystemExtensions/com.example.desktop.PacketTunnel .systemextension

It seems adding something to NSSystemExtensionUsageDescription in the info.plist has fixed it

I've taken a break from previous attempts at starting the system extension, but im still having the same issue. I'm wondering if the "Found 0 registrations for com.example.desktop.PacketTunnel" is a clue to the issue here? Furthermore, I'm wondering if there is a working demo code for a packet tunnel running as a system extension? That would help greatly trying to get this to work. default 12:16:23.219253-0400 nesessionmanager Found 0 registrations for com.example.desktop.PacketTunnel (com.apple.networkextension.packet-tunnel) default 12:16:23.219353-0400 nesessionmanager NEVPNTunnelPlugin(com.example.desktop[inactive]): Sending start command default 12:16:23.219362-0400 nesessionmanager com.example.desktop[inactive]: starting error 12:16:23.219872-0400 nesessionmanager com.example.desktop[602]: Tearing down XPC connection due to setup error: Error Domain=NEAgentErrorDomain Code=2 "(null)" default 12:16:23.219914-0400 nesessionmanager com.example.desktop[602]: XPC connection went away

In the same boat here, I've spent a few more weeks updating the design and adding some unique features, however I'm getting rejected in subsequent reviews (and the reviewer didn't even bother to login to the app and make a purchase). It seems like subsequent reviews are not in depth and I'm being rejected in less than 5minutes of review without even noticing the new features and design I've added. So what now?

I'm having the same issue with iOS Simulator 18.6. For some reason my other Mac does not have this issue, I wonder if it's because I didn't install Xcode 26 beta on that machine.