NeTestAppMapping not working as expected and gateway showing unknown IP address

App & System Services Networking
telestratum.net
telestratum.net OP
Created Feb ’22
Replies 2
Boosts 0
Views 422
Participants 2

I created a VPN profile configuration and tested my VPN app, it worked successfully. I modified the same profile into per-app VPN profile with safariDomains and used NetTestAppMapping in app plist based on profile’s VPNUUID. This time VPN turned on but there is no internet connection when app opened. I checked more on this and found out that the gateway interface used in per-app VPN in pdp_ip0 and gateway description showing [25.41.121.239:0, fe80::1:264e:48b10x0dp_ip00x0dp_ip0.0] . This gateway is nil when VPN is connected with normal configuration profile. Also we are not using any IP address 25.41.121.239 and I clearly don’t know from where this is getting called in gateway, but this is only happening when PayloadType is com.apple.vpn.managed.applayer in profile.

Below is the logs collected when per-app profile is used.

2022-02-16 10:49:56.428373+0530 VPNApp[17940:9421036] NetworkStatus: Available interface : pdp_ip0 2022-02-16 10:49:56.428443+0530 VPNApp[17940:9421036] NetworkStatus: Available interface : utun3 2022-02-16 10:49:56.432744+0530 VPNApp[17940:9421036] NetworkStatus: [25.41.121.239:0, fe80::1:264e:48b10x0dp_ip00x0dp_ip0.0] 2022-02-16 10:49:56.433010+0530 VPNApp[17940:9421036] NetworkStatus: Supports DNS : true 2022-02-16 10:49:56.433128+0530 VPNApp[17940:9421036] NetworkStatus: currentPath 2022-02-16 10:49:56.433265+0530 VPNApp[17940:9421036] NetworkStatus: Gateway: nil 2022-02-16 10:49:56.433336+0530 VPNApp[17940:9421036] NetworkStatus: Gateway: Optional("pdp_ip0")

These are the logs collected when normal profile is used.

2022-02-16 10:53:21.320231+0530 VPNApp[17974:9423325] NetworkStatus: Available interface : utun3 2022-02-16 10:53:21.320372+0530 VPNApp[17974:9423325] NetworkStatus: Available interface : pdp_ip0 2022-02-16 10:53:21.320526+0530 VPNApp[17974:9423325] NetworkStatus: [] 2022-02-16 10:53:21.320735+0530 VPNApp[17974:9423325] NetworkStatus: Supports DNS : true

Could someone please explain me why this gateway address is getting used is used for per-app VPN configuration profile? Also why internet is blocking even when when NetTestAppMapping in app plist ?

Replies  2
Boosts  0
Views  422
Participants  2
Apple Staff, Systems Engineer
Systems Engineer OP
Apple
Feb ’22

I created a VPN profile configuration and tested my VPN app, it worked successfully. I modified the same profile into per-app VPN profile with safariDomains and used NetTestAppMapping in app plist based on profile’s VPNUUID

Based on (r. 31220551) it sounds like this is intended behavior and when NETestAppMapping is present in the Info.plist it will override the SafariDomains in the configuration profile. So you will need to use one or the other.

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
0
telestratum.net
telestratum.net OP
Feb ’22

I removed the safariDomains and tested the NetTestAppMapping app, getting the same results. VPN is turning on in iOS when the app opened but no internet connection. The logs are showing the gateway address also. When profile payloadtype is changed to com.apple.vpn.managed VPN is working fine and gateway is returning nil.

0
NeTestAppMapping not working as expected and gateway showing unknown IP address
First post date Last post date
 
 
Q