Allow for Connect on Demand on iOS app #856
Comments
|
If connect on demand is supported by iOS/Apple it's possible. We can take a look. |
adamierymenko
added
the
Status: Backlog
|
It looks like at least as of Set I tested with only ZT installed and one network. When attempting to access something on my network it started ZT and connected to my network automatically. I then tried with two networks and set the default network to the second network. When trying to access the same resource it started ZT again and connected to the second network. I haven't yet tested if this affects the longevity of the connection. It would be nice to have some finer grained control but maybe this will work for you? @andrewtlove |
|
Unfortunately I don't see an option for Connect on Demand for ZT. Attached are two screenshots:
|
|
I see. Maybe behavior I see only works if you have (one) VPN installed. Otherwise it doesn't know which to one to start. We'll look into this. |
|
Hello, just checking back on this issue and (hopefully) providing some useful information: https://developer.apple.com/documentation/networkextension/nevpnmanager#topics Is there any other way I can help get this prioritized for the next iOS release? |
|
@joseph-henry Is this a possibility for an upcoming iOS release? Some more documentation about VPN on demand is at: https://developer.apple.com/documentation/networkextension/personal_vpn/vpn_on_demand_rules The code for Wireguard for iOS may be of help: https://github.com/WireGuard/wireguard-apple/search?q=isOnDemandEnabled |
|
I'm also curious if any progress has been made on this. There are several dev servers I keep running behind a firewall that I'd like to access from my phone and would love if always-on was available. |
|
Add this or I'll cry |
|
Which ConnectionRule could be used for a zerotier network? I don't see how it'd work. |
|
I'm not sure how the on demand VPN thing is implemented. I just know that nearly every other VPN app implements it. The idea is that you enable it, and it'll always connect before doing any network calls, this way you don't have to keep manually toggling the VPN on, and it can disconnect if it's not doing anything. |
|
@laduke Could you clarify your question further? |
|
Please add Connect on Demand. Or at the very least, please add Shortcuts support and/or URI scheme so I can automate a VPN connection in my workflow. ...but Connect on Demand would be better. |
@laduke : Would an answer to the above be "class NEOnDemandRuleConnect"? For your second comment, I'm not sure of its nature or scope. Are you suggesting that something about ZeroTier would make connect on demand inherently difficult? Or that it's unclear how to provide certain parameters to iOS that it is expecting? I believe ZeroTier automatic connection could work in a way nearly identical to other VPN applications on iOS. The trigger for connection I believe is any network activity, so that could be the same in ZeroTier as it is in other applications. Whether there is a default route named for a ZeroTier network that device has joined or if the ZeroTier configuration only provides access to internal networks, it would be valuable to not have to open the application or manually reconnect. That manual step takes extra work, and having ZeroTier drop at unexpected times when the destination for default traffic is meant to be redirected to an exit gateway would cause an information leak, thus making it difficult to rely upon ZeroTier (also) as a traditional VPN. Since the co-existence of ZeroTier and a traditional VPN is either not possible or complicated, I'd prefer to see if it's possible for the ZeroTier user experience be on par with that of other VPN iOS applications, especially if the overhead to implement that is small. I don't know for sure all the steps that are involved, but the WIreGuard reference may be of help in assessing the scope. Then ZeroTier can function also as a traditional VPN with little to no risk of information leakage. It may be a matter of naming the preferred reconnection strategy to the iOS interfaces. |
|
OK, I guess "Any time there is any network traffic" would be possible. "Any time I try to access something via a zerotier network" seems less possible. |
|
On-demand support would be awesome. |
|
Maybe the Passepartout code can be used as reference. It has worked very well for me and having something like that (options for "always stay connected" and "disconnect on sleep") for ZeroTier would be awesome. |
|
In the latest Tailscale release they closed a memory leak that was responsible for their vpn connection getting shut down when inactive. Now they say it should remain active indefinitely, I once you’re connected. I wonder if there’s a similar fix to do the same here. https://tailscale.com/blog/2020-06-newsletter/ |
unquietwiki
added
MacOS / iOS
|
Hello, is there any progress on it? |
|
Same here. Willing to help, this feature is a must! |
|
Keep hope alive! |
|
Is the IOS app open source so I can add this feature myself and do a pull request? |
|
I can't find it as well( anybody know where it can be found? |
|
IMO, this is almost a use-case breaking omission on iOS. Please implement this. |
|
Waiting for this too. Without this feature zerotier networking with iPhones is useless :( It will be awesome if you can add this to the app ❤️ |
|
Yes please add this! Have a lot of issues with iOS clients disconnecting😞 |
|
Just another request for this feature - it's something that other protocols including Wireguard support, and without it I can't use it to replace my existing Wireguard system at home. |
|
I would also like to add a +1 for this feature--I can't use WireGuard for my use case and I need my non-tech wife to be able to connect on demand with her iPhone. |
|
Hi all, our team has built a working beta of If you're interested in testing this feature, please fill out this form and apply to join our iOS test flight team. |
Thank you for the invitation. I‘ve installed the beta via Testflight. However, I can set „On Demand“ for all networks, but I‘m unable to configure the rule(s) whether ZeroTier should connect to VPN or not. The system settings are referring to the ZeroTier app and the app itself only has a switch for enabling the feature. |
|
Finally, I can dump WireGuard as soon as I’m in the beta |
Apologies for the confusion. This first release is a simple implementation of iOS Connect On Demand that just always connects (no rules as of yet). Of course, we are very interested in hearing your feedback, use-cases and suggestions on how we can improve the feature in the future. |
Well, I've tested the beta and can definitly say that ZeroTier is reconnecting everytime, even after a restart of the device (iPhone SE 2020).
|
|
initial impression was that this feature did not work or worked sometimes, turns out there was some kind of issue with ZeroTier on Monday and since then, it is working great? I have to delete the network to modify dns to see if it really is working without any issues. |
|
I would like to see some ability to connect a specific network based on IP address selected? So if you have a work and home ZT network and depending on which IP address you connect to it starts the appropriate VPN connection. If I'm understanding the beta at the moment you still have to choose which vpn is primary active in settings > vpn ? |
That is great feedback. We are listening and we will be prioritizing additional functionality based on user feedback like this. Thank you!
Yes. That is correct. In this first release that is the way this feature works. |
This is very useful feedback. Thank you! |
|
I personally would like the ability to connect only when connecting to resources that are available over ZeroTier such as a specific DNS suffix. Might be more difficult but this would save battery on my devices when I don't need to communicate to my internal services. |
As it looks like it's getting quiet on this issue, just reiterating that the cited connection conditions would make this so much more useful - and are mostly supported by other VPN applications. |
|
Just adding my +1 to the five-year waitlist |
|
Adding my name! Some kind of rules scheme for on demand! Thank you :) |
and others
Is your feature request related to a problem? Please describe.
I'm frustrated when I've joined my iOS device to a ZeroTier network, connected it, and then find that it has disconnected after some time of inactivity or link drop.
Describe the solution you'd like
I'd like to be able to configure ZeroTier networks as Always On, or Connect on Demand on my iOS device so that every request is made through my chosen ZeroTier network.
Describe alternatives you've considered
Building my own app is an option, but seems like an unnecessary duplication of effort.
Additional context
n/a
The text was updated successfully, but these errors were encountered: