Our app uses NEVPNManager with IPsec to create VPN. Full tunnel is working fine both with NEVPNManager API and profile created using Apple Configurator.
Now, we are trying to create split tunnel using the same. Apple Configurator created profile is working when DNS Supplemental Match domains is set to empty string. But we couldn't find the equivalent to the DNS Supplemental Match domains in the NEVPNManager API. In NEVPNManager config, all DNS is routing to the default route instead of VPN.
Can you please help us on this?
OK, thanks for confirming.
Given that, I don’t think there’s a way forward in the Personal VPN space:
-
Personal VPN doesn’t let you configure DNS settings; they have to come from the VPN server.
-
The Personal VPN protocols, IPsec and IKEv2, don’t support anything like supplemental match domains.
You could do this by creating your own packet tunnel provider, but that’s a lot of additional work.
Another possibility would be to apply custom DNS settings using NEDNSSettingsManager
, but for that to work your DNS server would have to be on the public Internet (so that iOS can use it even when the VPN interface is down).
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"