Follow up on this. It looks like the VPN connection breaks on my iPad running iPadOS 15 after changing DNS settings via WireGuardKit.
Tested on iPadOS 15.1 beta today and it seems to be stable. > On 28 Sep 2021, at 13:03, Andrej Mihajlov <[email protected]> wrote: > > Hi, > > I can confirm that it behaves correctly on iOS 15 (tested on iPhone 12) and > iOS 15.1 beta (tested on iPhone 7). Tested by toggling cellular/wi-fi and > airplane mode on both devices and network monitor seems to be functioning > properly. > > I haven’t tested this patch on iOS 14.8, but I had previously tested it on > iOS 14.5 (IIRC) and it didn’t work there, that's why this patch is scoped to > iOS 15+. > > I am running the "am/enable-include-all-networks" branch which has the > following changeset: > https://git.zx2c4.com/wireguard-apple/commit/?id=07bc66e7b181fb2068d457b31c1fdd05bdd2214a&id2=58e94f077329f6c7b96ec069243495d4e649fe36 > > Cheers, > Andrej > >> On 22 Sep 2021, at 15:26, Juraj Hilje <[email protected]> wrote: >> >> Hi Andrej, >> >> I've tested on iOS/iPadOS 15.1 Beta, and it looks like the issue is fixed >> there. >> Let me know if you can confirm the same on your end. >> >> Cheers, >> Juraj H. >> >>> On 22.09.2021., at 10:59, Andrej Mihajlov <[email protected]> wrote: >>> >>> Hi Juraj, >>> >>> Installing iOS 15 right now. I am gonna test it today too. >>> >>> What stands out to me that, while you have multiple interfaces available, >>> the network monitor still says that the network is unsatisfied. Very odd. >>> >>> Cheers, >>> Andrej >>> >>>> On 22 Sep 2021, at 10:55, Juraj Hilje <[email protected]> wrote: >>>> >>>> Hey Andrej, thanks for the response! >>>> >>>> I've tested on iOS 14.8 and iOS 15.0 (public release), and even with the >>>> patch (b244febfdf3069dd4e8db2d31f0368d5474d7616) i still have the same >>>> issue on my end. >>>> >>>> I will test the new iOS 15.1 Beta later today and let you know how it goes. >>>> >>>> Juraj H. >>>> >>>>> On 22.09.2021., at 10:08, Andrej Mihajlov <[email protected]> wrote: >>>>> >>>>> Have you tried on the most recent beta? I think it works over there, but >>>>> requires some tweaks to the network monitor code in WireGuard. I had a >>>>> patch somewhere here but haven’t spent much time testing it: >>>>> >>>>> https://git.zx2c4.com/wireguard-apple/commit/?h=am/enable-include-all-networks&id=b244febfdf3069dd4e8db2d31f0368d5474d7616 >>>>> >>>>> Waiting for the final release of iOS 15. >>>>> >>>>>> On 21 Sep 2021, at 12:55, Juraj Hilje <[email protected]> wrote: >>>>>> >>>>>> If NETunnelProviderProtocol is configured with includeAllNetworks=true >>>>>> (Kill Switch), when network change is detected the device connectivity >>>>>> goes offline instead of routing VPN tunnel traffic through a new network. >>>>>> >>>>>> Here are some logs from the moment of this event: >>>>>> 2021-09-20 12:07:26.735453: [NET] Network change detected with >>>>>> unsatisfied route and interface order [en0, utun4, pdp_ip0] >>>>>> 2021-09-20 12:07:26.736186: [NET] Connectivity offline, pausing backend. >>>>>> 2021-09-20 12:07:26.736732: [NET] Device closing >>>>>> 2021-09-20 12:07:26.737503: [NET] Routine: TUN reader - stopped >>>>>> 2021-09-20 12:07:26.738970: [NET] Routine: event worker - stopped >>>>>> 2021-09-20 12:07:26.739613: [NET] Routine: receive incoming v4 - stopped >>>>>> 2021-09-20 12:07:26.742070: [NET] Routine: receive incoming v6 - stopped >>>>>> 2021-09-20 12:07:26.746712: [NET] peer(eN1f…Oymc) - Stopping >>>>>> 2021-09-20 12:07:26.751550: [NET] peer(eN1f…Oymc) - Routine: sequential >>>>>> receiver - stopped >>>>>> 2021-09-20 12:07:26.751597: [NET] peer(eN1f…Oymc) - Routine: sequential >>>>>> sender - stopped >>>>>> 2021-09-20 12:07:26.753433: [NET] Device closed >>>>>> 2021-09-20 12:07:26.754097: [NET] Routine: decryption worker 5 - stopped >>>>>> >>>>>> Tested on devices: iOS 14.8, iPadOS 15 >>>>>> WireGuardKit: 79aeb0be0d0aa3f6c8bd24309aaa8dcf03216fb4 >>>>>> >>>>>> More info on includeAllNetworks option: >>>>>> https://developer.apple.com/documentation/networkextension/nevpnprotocol/3131931-includeallnetworks >>>>>> >>>>>> Can someone confirm this issue or point to a possible workaround? >>>>>> Thanks! >>>>>> >>>>>> Juraj H. >>>>> >>>> >>> >> >
