Download speed Issue with Per-App VPN Using WireGuard Protocol

Question

Created Feb ’25

Replies 3

Boosts 0

Participants 2

DESCRIPTION OF PROBLEM We have developed an app and server based on the WireGuard protocol. While we have successfully implemented device-wide VPN, we are now working on enabling per-app VPN functionality.

The per-app VPN payload is successfully delivered, and the designated app can read the configuration and establish a connection to the VPN server. However, we are experiencing extremely slow download data rates, measuring only in bytes.

Steps Taken: Created an app-layer payload. Configured NETestAppMapping in the app’s Info.plist, using the VPNUUID defined in the payload for the Chrome app.

Despite these configurations, data transfer remains significantly slow. We would appreciate any insights into potential causes or recommendations to resolve this performance issue.

Thank you for your assistance.

Answered by DTS Engineer in 826034022

I’m not aware of any configuration options that might cause a packet tunnel provider in per-app VPN to run super slowly. You’ll need to investigate this within your packet tunnel provider.

I recommend that you start by creating a test app to see if that reproduces the problem. If it does, you can work the issue from ‘both sides’, using a packet trace to see what’s happening on the wire and then your own logging, in both your test app and your packet tunnel provider, to see what’s happening internally.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Boost

Answer 1

DTS Engineer OP

Apple

Feb ’25

Apple platforms don’t have any built-in support for the WireGuard protocol. So, how are you implementing that? From scratch, using your own code? Or using a third-party library?

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 2

vdsoti OP

Feb ’25

We are implementing this using the open-source WireGuard library RepoLink I would like to understand if there’s anything missing from the iOS configuration that might be causing this issue. I have attached the mobileConfig file for reference. If everything in the configuration is correct and aligns with Apple's requirements for Per-App VPN, could you help identify potential reasons why the download speed is so slow?

This is the payload for App layer VPN

AppLayerPayload.txt

0

Answer 3

DTS Engineer OP

Apple

Feb ’25

Recommended

I’m not aware of any configuration options that might cause a packet tunnel provider in per-app VPN to run super slowly. You’ll need to investigate this within your packet tunnel provider.

I recommend that you start by creating a test app to see if that reproduces the problem. If it does, you can work the issue from ‘both sides’, using a packet trace to see what’s happening on the wire and then your own logging, in both your test app and your packet tunnel provider, to see what’s happening internally.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0