Hullo,

Thanks for sharing VPNStatus.

I've been trying to locate where the app keeps the menu bar icons stored. I wanted to change them to something a bit more in keeping with the black and white menu bar theme, but as there aren't any image files in the typical places I haven't been able to.

Perhaps someone could point me in the right direction?

Thanks again,

What is needed to compile on Catalina? I get Network.h - file not found.

Hi,

Is there a way to shut off all VPNs with a single command using vpnutil?

Thanks

Hello,

I tried to open your XCode project using my XCode, however it breaks the XCode down, I try to open using the Xcode project file and it fails, my Xcode Version 8.3.3 (8E3004b). It issues a message:
Failed to load project at '/Users/myuser/VPNApp_src/VPN.xcodeproj', incompatible project version.

At the moment, you can only change the preferences from the command line.
A preferences window should be added.

I am using VPNStatus version 1.4 with following config:

defaults read org.timac.VPNStatus
{
   ---snip---

    IgnoredSSIDs = "FRITZ!Box 7580 XX";

   ---snip---
}

Everything worked beautyfully until I upgraded to macOS Sonoma. After that, the wifi isn't ignored anymore and VPNStatus always tries to connect to the VPN even when connected to the FRITZ!Box 7580 XX wifi.

Hey @Timac I am curious if you've considered writing a similar VPN app in Swift?

I want to change this source code in order to use information saved in a text file to connect to an IKEv2 VPN. However, i don't know if this library allows to set the IKEv2 password without using a KeyChain reference. I want to read the password directly from the config file as string and set it to the ACNEService object.

Can you give me any insights about it?

PR: #1 added the great features to fetch all VPNs as well as the status of specified one, better to release the new version to apply those changes. The original version from blog is out dated.

I've followed the instructions on the README, and set up the settings as such:

But it doesn't seem to be reading those values, as the auto connect still takes 120 seconds, and it still reconnects to VPN on those SSIDs.

I'm running a 2021 M1 MacBook Pro 16-inch. Is there perhaps some permission issue that's not allowing it to read those settings?

Hi,
I made a huge mistake and upgraded to 14.4 too soon. One of the issues I have after the upgrade is that VPNStatus doesn't autostart.

There are some VPN configurations that you might not want to see in VPNStatus:

• third-party content filter configurations like Little Snitch. You probably have no reason to manually enable or disable them with VPNStatus
• ghost VPN configurations. For example, I see an old VPN configuration that I can't delete after upgrading to macOS Ventura 13.3. This old configuration is cached in /Library/Preferences/com.apple.networkextension.plist which is SIP protected. Trying to manually remove the entry in the plist resulted in more issues.

At the moment, VPNStatus contains a hardcoded blocklist with Little Snitch. Exposing this blocklist as a preference would let a user hide the ghost VPN configurations as well as other third-party content filter configurations like Little Snitch.

Example of modifying the preference from the command line:

defaults write org.timac.VPNStatus IgnoredVPNs "Little Snitch,HiddenVPN,AnotherHiddenVPN"

Hi! I'm looking for ability of updating routes when my VPN connects or disconnects. Unfortunately, the /etc/ppp/ip-up and networksetup -setadditionalroutes are not working for IKEv2 VPN, only L2TP ones. Is there a way to run some script with VPNStatus? Thanks!

Hi,
thanks for your program, before I used a self-written skript to auto-reconnect via IPSec but this here became really essential when switched to IKeV2!
When the Mac is suspended (I have an old 2008 one running Catalina via the patcher, so no hibernation) it looses the connection to VPN, which is normal and fine.
Thing is when waking it up again, the time VPNStatus needs to autoconnect is set for that long (didnt measure it exactly) I end up connecting manually all the time which is not a major drawback but would be a nice feature beeing able to set this delay however its needed. E.g. I would check every 10sec or so as I guess its just checking the IKeV2 interface locally and not checking if its possible to reach the VPN, so it would only use a bit more memory and power, right?!).
Thanks in advance!

Thank you for the great work.

I have a MS Azure VPN which keeps dropping. I've tried this app and it seems it works occasionally.

• At times, the VPN drops and I get reconnected within seconds, so all my open sessions are maintained.
• However, sometimes the VPN drops and the app does not auto-reconnect me for minutes, which makes the open DB / RDP sessions disconnect. I can manually reconnect with no issues.

I am not sure why sometimes the app reconnects the VPN almost immediately but sometimes it takes it minutes to do so.

It will be great to see your tools in brew!!!

the VPNutil gives us the option to ignore SSID's but it would be nice if it could also ignore specific network ranges or ideally if it detects an internal resource (ping or https connection)

Connecting to L2TP VPN is working fine when connecting from macOS native network system preferences.
When using the VPNApp, VPNStatus app I can't connect since the app doesn't read server address.

MacOS: 12.4
VPNApp latest release.

It would be nice to have machine-readable output for vpnutil. JSON looks like obvious choice these days.

IPSec VPN with Split Tunnel setup with a profile. Latest Ventura version as well as the latest VPNStstus version. After closing the lid on my MacBook Pro M1 for some individual time, after re-login, the green icon of VPNStatus can bee seen as well as the connection time of the VPN menubar still is counting up.
A ping to a device within the VPN IP range doesn't receive response. Only after manually reconnect the VPN connection either with your app or the VPN Menubar does truly do a reconnection.
Is this more a VPNStatus problem, a macOS VPN system problem or a sole VPN problem of the VPN provider (company I work for)? I'll try to use domzilla/Caffeine to see if this makes any difference.

Regards
Thomas

Ability to list all VPNs and their status: Minimum: Name of VPN (as needed for start and stop command, as well as status of VPN (I imagine the possibilities would be: connected, disconnected, connecting, ...).

Make this feature accessible via a 3rd command parameter (instead of start/stop): Something like list.

Output format: I don't really mind. The possibilities I see:

• Maybe output in TABLE format using TAB as separator.
• Or output in RECORD format.
• Or as suggested in JSON format.

This would really be useful.
Especially as the MacOS built-in tools don't seem to be able :/

Please let me know what would be needed in terms of financial sponsoring for this item. Thanks a lot in advance!

Hi! Thank you for building this tool and posting a blog entry about it.

I'm trying to reduce the time it takes for the VPN to automatically connect, because I don't find polling ideal (it leaks the IP too often). The best solution for this to be the "connect on demand" switch that IKEv2 VPNs support natively on macOS.

Do you happen to know if the internal Network Extension libraries you're using could help in setting that switch programmatically? Maybe by passing some reference of the VPN service to the System Configuration Framework? I know it's unlikely, but I couldn't resist asking, maybe you have an idea (I fought with System Configuration before, it's not fun).

Or maybe one could listen to changes in network conditions instead of polling with a timer?

I'm even considering using NETunnelProviderManager to (re)create my IKEv2 configurations from within an app, just to be able to set the "connect on demand" flag somehow. But I haven't tried that yet, maybe that could work.

PS: I didn't know it would be so hard to convert the NEConfiguration calls to Swift. So I'd rather not try. Or could a swift package for ANPNEServicesManager contain Objective-C bridges? 😆

PPS: I found SwiftUI to be extremely satisfying for menu bar items and avoiding IBOutlets. What is your macOS target? Do you intend to be much backwards compatible?

Thank you for your time and insight.

I am using VPNStatus version 1.4 with following config:

% defaults read org.timac.VPNStatus
{
    AlwaysConnectedRetryDelay = 30;
    IgnoredSSIDs = "MyWifi";
    IgnoredVPNs = "Work,Little Snitch,Tailscale Tunnel";
    Services =     (
                {
            AlwaysConnected = 1;
            Identifier = "468EFCE5-A03A-46DB-9700-4E05D92F342C";
        }
    );
}

The test procedure:

1. connect to OtherWifi -> VPN is connected
2. switch to MyWifi -> VPN still connected
   Or:
3. disconnect from Wifi -> VPN disconnected, no other connection available
4. connect to MyWifi -> VPN connected

Running Ventura 13.4 and IKEv2.

Hi, this utility functions great as-is, but would it be possible to auto-connect only when outside of a given list of SSIDs? I.e.: The utility would accept a comma separated list of SSIDS and only auto-connect when not connected to that list.

I've found a few ways to do this on iOS through a vpn mobileconfig, but such a profile doesn't seem to work on the Mac.

Thanks!

I have IKEv2 VPN , AND wireguard (also visible in VPNStatus ).
And sometimes i want to use corporate DNS, but system override this behavior.

p.s Sorry if off-top

in Apple / System Preferences / Network pref.pane I have 2 locations and within each there's the same VPN connection - this is fine. But in VPNStatus I see many possible VPN connections, these seams to be previous settings I used for testing that are already deleted days ago and should not exits anymore. I have an impression that the Network pref.pane and the VPNStatatus are not pooling network setting infos from the same place.

Debug version of VPNStatus.app crashes on [ACNEService setupEventCallback]_block_invoke when running on my M1 Apple Silicon. (XCode 13.2.1, MacOS 12.2.1)
M1 release version, and Intel/Rosetta versions work fine, though.

ACDefines.h, line 49
typedef void (^ne_session_set_event_handler_block)(xpc_object_t result);

Perhaps it should be
typedef void (^ne_session_set_event_handler_block)(ne_session_event_t event, void *event_data);

Would be super to have the extended status of a connection as well, such as the scuttle provides.

Great tool! ❤️
Homebrew support would be a great addition to it

https://docs.brew.sh/

Thank you for these beautiful tool!

I tried the suggested option defaults write org.timac.VPNStatus IgnoredVPNs "Little Snitch,HiddenVPN,AnotherHiddenVPN", but I guess it works only for the VPNStatus app, while I'm solely using the cli one.

So the question is there a way to hide some of the VPNs from the list?