Nevpnmanager with L2Tp Protocol

Is it possible to use the SSL protocol with NEVPNManager (and without using NETunnelProvider APIs)

I contacted apple and got the following response :-
"No. NEVPNManager is used to set up “Personal VPN”, which always uses built-in VPN transports (IPsec or IKEv2). There’s no built-in transport for SSL-based VPNs, so if you want to set that up you have to either write your own transport (which involves NETunnelProvider, which involves special entitlements) or use some other approach (like a configuration profile)."

Create Personal VPN connection using NEVPNManager

This tutorial help me to create VPN connection.

http://blog.moatazthenervous.com/create-a-vpn-connection-with-apple-swift/

VPN file for connection and disconnection

import Foundation
import NetworkExtension

  // MARK: - NEVPNManager
    // MARK: -

    private var vpnLoadHandler: (Error?) -> Void { return
    { (error:Error?) in
        if ((error) != nil) {
            print("Could not load VPN Configurations")
            self.removeToast()
            return;
        }

        self.showToast(msg: STRINGVALUES.kCreatingConnection)

        //VPN connection via Username password
        let p = NEVPNProtocolIPSec()
        let kcs = KeychainService()
        p.authenticationMethod = NEVPNIKEAuthenticationMethod.sharedSecret

        //For the security purpose added word xyz in password .so it should be remove while connecting

        if self.selectedSever != nil{
            self.selectedSever?.password = (self.selectedSever?.password.replacingOccurrences(of: "xyz", with: ""))!
            p.username = self.selectedSever?.userName
            p.serverAddress = self.selectedSever?.serverAddress
            kcs.save(key: "SHARED", value: (self.selectedSever?.password)!)

            kcs.save(key: "VPN_PASSWORD", value: (self.selectedSever?.password)!)
            p.sharedSecretReference = kcs.load(key: STRINGVALUES.kShared)
            p.passwordReference = kcs.load(key: STRINGVALUES.kVPN_Pswd)
            p.useExtendedAuthentication = true
            p.disconnectOnSleep = false

            // Check for free subscriber
            if self.selectedSever?.serverType == STRINGVALUES.VIP.lowercased() && !Singleton.checkForPaidReciept(){

                self.disconnectVPN()
                Helper.showAlert(sender: self, title: STRINGVALUES.AppName, message: AlertMessage.kValidateSubscription)
                return

            }

            self.vpnManager.protocolConfiguration = p
            self.vpnManager.localizedDescription = STRINGVALUES.AppName
            self.vpnManager.isEnabled = true

            self.vpnManager.saveToPreferences(completionHandler: self.vpnSaveHandler)
        }else{

        }

        }

    }

    private var vpnSaveHandler: (Error?) -> Void { return
    { (error:Error?) in
        if (error != nil) {
            print("Could not save VPN Configurations")
            self.removeToast()
            return
        } else {
            do {
                try self.vpnManager.connection.startVPNTunnel()
            } catch let error {
                print("Error starting VPN Connection \(error.localizedDescription)");
                self.removeToast()
            }
        }
        }
        //self.vpnlock = false
    }

    public func connectVPN() {
        //For no known reason the process of saving/loading the VPN configurations fails.On the 2nd time it works
        do {
            try self.vpnManager.loadFromPreferences(completionHandler: self.vpnLoadHandler)

        } catch let error {
            print("Could not start VPN Connection: \(error.localizedDescription)" )
            self.removeToast()
        }
    }

    public func disconnectVPN() ->Void {
        vpnManager.connection.stopVPNTunnel()

    }

    func vpnConnectionStatusChanged(){

       let status = self.vpnManager.connection.status
        print("VPN connection status = \(status)")

        switch status {
        case NEVPNStatus.connected:

            showToast(msg: STRINGVALUES.kConnected)

        case NEVPNStatus.invalid, NEVPNStatus.disconnected :

            showToast(msg: STRINGVALUES.kDisconnected)

        case NEVPNStatus.connecting , NEVPNStatus.reasserting:

            showToast(msg: STRINGVALUES.kConnecting)

        case NEVPNStatus.disconnecting:
            showToast(msg: STRINGVALUES.kDisconnecting)

        default:
            print("Unknown VPN connection status")
        }

    }

What is the difference between NEVPNManager and NETunnelProvider?

NEVPNManager is designed to control VPNs based on one of the built-in VPN plug-in types. NETunnelProviderManager is designed to control custom VPN plug-ins (and requires a special entitlement for those plug-ins).

Normally, with most VPNs, you would change the DNS on the other end of the VPN tunnel, by having the actual VPN server send a list of DNS server IPs to the client, this making that a server configuration detail, rather than something the app itself would need to control. NETunnelProviderManager offers that ability because it is designed to handle arbitrary VPN types that might not work that way.

---

Related Topics