Local VPN tunneling

[sdgros01]

Is there anything in the works to get single device VPN tunneling back working again on a paid developer account?

[disclaimer8]

same for me, didnt work with paid acc

[iMonZ]

Same

[osy]

I'm going to mark this as duplicate due to a lack of information. I'm assuming it's the same underlying issue.

[osy]

Duplicate of #42

[esgie]

I have faced similiar issue to the one described above on iPad Pro 2nd gen since updating to 15.4.1 (but I have skipped 15.4 so I can’t say about it). This isn’t the same as issue #42. The behavior is the same with every version of Jitterbug released since VPN feature has been added. I have paid developer account. I have enabled Network Extensions and Virtual Private Networks in developer account settings for Jitterbug’s bundle id as well for it’s tunnelling extension. Then I was simply sideloading Jitterbug with some basic tool like Sideloadly. Using paid account credentials resulted in working VPN and no need of any external tethering. Since the update, VPN does no loger connects. I have tried sideloading with some other software, total unistall and reinstall once again and all avilble versions of VPN-enabled app. At the first glance everything looks okay - local device is detected, I can choose the pairing file. Then iOS shows the dialog that app is going to add vpn connection, which I obviously confirm by PIN. Jitterbug shows up in the vpn list as usual. Then it starts connecting. And… it stucks trying to connect for 30 seconds or so and then connection times out. I have also tried enabling vpn manually with the switch in settings, but it stays enabled only for a factor of a second and immediately bounces back to disabled, it gives you a feeling that totally nothing happened and the operations the switch was designed to trigger aren’t run at all or crash at some preliminary point. Since then, I was not able to run VPN… Jitterbug started from another device still works fine for me. AltStore JIT still works for me. And JitStreamer ran on my home network still works for me, even through my OpenVPN gateway. Other VPNs I use, including my corporate VPN, home VPN and some other installed along with APpStore apps, sall of them are still working perfectly fine. I am using 15.4 dmg image provided by both other mentioned solutions (the images are grabbed automatically on runtime, both are identical), and they obviously support 15.4.1 when mounted and attached to the same device using other mentioned hacks.

I am wondering if this is an issue with app capabilities, but I have confirmed that I enabled them correctly when VPN was working and never changed them since then + i think it is not a signature problem as it would prevent the app from adding its VPN to system VPNs list - but this still seems to complete just fine.

Oh, and last but not least, I was mangling with Jitterbug’s VPN IPs which can be configured with settings, but that didn’t help in any way.

That is why I am seriously worried that the update introduces some kind of a security „fix”, closing the hackish hole Jitterbug utilize in order to mimic separate device in the local network, but that’s only a worry…

I wonder how can I help in investigating the issue, I mean what logs do you need and how can I obtain them? Please note that unfortunately I do not own a mac machine so I feel my possibilities may be limited…(?)

[osy]

Did you follow the troubleshooting tips on the release page? Regenerate the pairing file?

[esgie]

I have regenerated pairing files multiple times. I have also tried utilizing pairing file generated when pairing with JitStreamer, which is still valid and works perfectly fine with JetStreamer even now and works perfectly fine aswell with Jitterbug ran from separate device. As far as I can see, the problem is with connecting to VPN (and switch in settings goes off immediately after turning on like it does nothing, co I think the virtual network isn’t even created…!). I guess it doesn’t even reach the start of authorization procedure. As I have mentioned: „connecting vpn” lasting for 30 seconds is the last thing that happens, then „time out” popup shows up. And VPN icon on the status bar never shows up.

Answering your question - yes, I have follwed all the steps. And I have read discussions in github issues, even closed ones, as well. I have faced multiple problems already described here and there in the past, but I am almost sure that the problem I am facing has not been reported until now as it does not seem to be caused by neither error with pairing nor in mounting the image, but at some earlier point, in particular at the point of starting or at least initial communicating with the containerized vpn server.

In addition, this behavior started after an update. And the guy who started this issue seems to ask exactly about non-working VPN tunelling and, additionally, asks if it will work „back again” - just like the fact it stopped working was obvious for him… this led me to a serious worry that Apple closed another door to easily run jit apps.

[sdgros01]

That is exactly what I ran into and why I opened to the issue. I still havent been able to get VPN back up and running with jitterbug on the local device yet

[dzaikos]

I think this issue needs to be re-opened. I am experiencing the same issue and it is definitely distinct from #42.

I have a paid developer account. I downloaded the source git clone --recursive https://github.com/osy/Jitterbug.git. I open the project in XCode, update the developer and bundle IDs, then build it (Network Entitlement and Personal VPN are enabled) with the destination being my iPad Air (running iPadOS 15.5). On my Mac I airdrop the developer disk image and signature (for version 15.5) from inside the XCode.app package to the iPad. I generate a pairing file with jitterbugpair and airdrop that to the iPad.

When I launch Jitterbug on the iPad it loads and I'm able to import the pairing file and developer disk image and signature files. When I tap the Launcher tab I get the prompt to install the VPN, which I accept and confirm with the device passcode. When I select the device from the list, Jitterbug spends about 30 seconds attempting to start the VPN only to report the error that the VPN tunnel failed to connect.

[esgie]

Indeed it was a signature error. It seems that common sideloading software available for Windows, including Sideloadly, is no longer able to sign pre-built Jitterbug ipa (the VPN extension in particular) for iOS 15+ so the VPN works - even with developer account and entitlements set up properly and working for iOS14- This is most likely not a problem if you own Mac, as XCode handles creating and exporting developer certs and provisioning profiles as well as code signing on it’s own, but it is a problem if you are limited only to Windows/Linux computers. I was finally able to run Jitterbug with VPN working on both 15.x and 16.x beta by manually creating private key and certificate request with bare openssl, then requesting new Apple developer certificate via Apple developer web page, combining that stuff with distribution cert and converting to p12 format (I can cover the details if someone need it, at least it was more elegant way to obtain files needed for signing under Windows than using AltStore with hacked dll… which in fact seems to produce p12 not compliant with new requirements for iOS15+ at all…), creating an appropriate provisioning profile via webpage again... Then I was able to use the files to sign and install Jitterbug ipa on-device using Esign app (sideloaded with Sideloadly) avail at https://esign.yyyue.xyz/ - btw I found it so much easier to use than hosting the whole signing service connected with Github Actions as described somewhere in the comments (I guess there may be some safety and privacy reasons for taking an effort to configure the latter!! It seems signing can be also done under Linux with some tools like zsign but I haven’t tried that). All in all, I was able to run Jitterbug along with VPN feature with my paid developer account so it works on iOS15+, without owning a Mac

[startergo]

I am not sure if I understand correctly, but everywhere in the guides a second device running jitterbug is needed. All I did was I used my UDID registrations credentials and iOS App signer with No get-task-allow unchecked for sign/resign the app. Then downloaded jitterbug.ipa with iOS-deploy to the iPad. Created a paring profile and imported it along with the iOS 16.5 Developer Disk Image and signature files to the iPad. Ran Jitterbug local device tunnel. Opened jitterbug.ipa on the iPad and selected pair. After pairing I can open UTM in tethered mode from within the iPad. Is this expected behavior or am I doing something wrong? No need for a second device correct?