Hi, We are building a VPN application with a packet tunnel network extension. The NE (network extension) provides the VPN itself (obviously) alongside some VPN related functionalities. The VPN does not intends to capture all the network, instead it just give access to one or several remote network (aka we are only routing some subnet to the NE). The issue is that for some functionalities, we would need the NE to create network connection that might need to be routed through the tunnel. The issue is that the routes that we declared with the NE are not applied to the network traffic emanating from the NE itself. I do understand that this is a requirement to avoid VPN loop, moreover with VPN that capture all the traffic. But in our case we know we will avoid collision since we only route some networks. What solution do we have ? Is there an option somewhere to for the application of all route to the NE ?

Hi, I have an issue with a packet tunnel that have two ipv4 networks. The first network works well but the second does not, because when trying to reach any IP of the second network, the source IP used is one of the first network. Setup So, I have a NE (Network Extension), with a packet tunnel. Internally our application create two tunnels to access different resources. These tunnels are linked to two local networks. utun3 192.168.1.42/24 <===> tunnel 1 utun3 192.168.2.42/24 <===> tunnel 2 To clarify, I only have one NE, but two ipv4 network in it (configured via NEIPv4Settings) I also configured routes to tell the NE that both networks whould go through the tunnel. Problem and Investigations Trying to ping 192.168.1.1 does work, however, trying to ping 192.168.2.1 does not. Doing a bit of tcpdump on the interface shows that the source IP used is 192.168.1.42 instead of 192.168.2.42 Seeing that, I suspected some kind of routing issue, therefore I removed the routes from the NE and tried to add some by hand. I ended up adding the following : 192.168.1.0/24 via 192.168.1.42 192.168.2.0/24 via 192.168.2.42 With this it actually worked. Delighted by this quick resolution, I deleted any static route I had created, rushed back to my application and added theses routes into the NE. And it did not worked. Very surprised, I tried to find the difference between me adding the route manually with route add ... and the NE adding the route. But it got much weirder, as netstat -rn showed me that the created routes where identical. Digging through the internet I was unable to find many people with a similar issue. Also, I saw something about NE route and user added routes being different, but not many information, and not enough to help me out. In the end, I started suspecting an issue with the Network Extension. Moreover since the API does allow to add multiple ipv4 networks. Do you have any information on this topic ?