I want to establish a VPN connection with my VPN server. I installed VPN server from digital oceans.
I want to make VPN application for IOS by using objective-C by using my VPN connection settings.
Here I faced problem: no VPN shared secret was provided.
Here I Used Codes
- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
// Override point for customization after application launch.
[[NEVPNManager sharedManager] setEnabled:YES];
[[NEVPNManager sharedManager] loadFromPreferencesWithCompletionHandler: ^(NSError *error) {
NEVPNProtocolIPSec *p = [[NEVPNProtocolIPSec alloc] init];
p.serverAddress =@"178.62.78.101";
p.authenticationMethod = NEVPNIKEAuthenticationMethodSharedSecret;
p.useExtendedAuthentication = YES;
NSString *secret = @"gfJL$$";
NSData *secretData = [secret dataUsingEncoding:NSUTF8StringEncoding];
p.sharedSecretReference=secretData;
p.localIdentifier=@"londra1";
p.username=@"root";
p.passwordReference=[[SSKeychain passwordForService:@"2eee9fa59" account:@"2eee9fa5"] dataUsingEncoding:NSUTF8StringEncoding];
p.disconnectOnSleep = NO;
[NEVPNManager sharedManager].protocolConfiguration=p;
NSMutableArray *rules = [[NSMutableArray alloc] init];
NEOnDemandRuleConnect *connectRule = [NEOnDemandRuleConnect new];
[rules addObject:connectRule];
[[NEVPNManager sharedManager] setOnDemandRules:rules];
[[NEVPNManager sharedManager] setLocalizedDescription:@"vpn"];
[[NEVPNManager sharedManager] setEnabled:YES];
[[NEVPNManager sharedManager] saveToPreferencesWithCompletionHandler: ^(NSError *error) {
NSLog(@"Save VPN to preference complete");
if (error) {
NSLog(@"Save error: %@", error);
}
}];
NSError *startError;
[[NEVPNManager sharedManager].connection startVPNTunnelAndReturnError:&startError];
if(startError) {
NSLog(@"Start error: %@", startError.localizedDescription);
}
}];
return YES;
}
You are setting
sharedSecretReference
as anNSData
, but this conflicts with its definition.NEVPNProtocolIPSec::sharedSecretReference
is defined as:You need to create a keychain item of type
kSecClassGenericPassword
to use as the shared secret, and provide a persistent reference to the keychain item. A persistent reference is critical here, as it can be stored to disk or passed between processes, which is required forNEVPNManager
to access the shared secret and connect your VPN. I suspect that althoughpasswordReference
seems to be set by a keychain item, it may not be returning a persistent reference either.You will need to use
SecItemCopyMatching
with return typekSecReturnPersistentRef
to achieve this.