Pango Platform
HomeConsole
  • What is Pango Developer Platform
  • Getting started
    • Sign up on the Management Console
    • Create a new project
    • Switch projects
    • Change console settings
    • Edit your profile
    • Try out the demo app
    • Keep exploring
    • Deprecation and Sunset
  • Console details
    • Dashboard
      • General
      • Location loading
    • Users
      • User page
    • Active sessions
    • Network
      • Countries
      • Locations
      • Pools
        • Optimal location
        • Location rules
    • Settings
      • General
        • Project config description (JSON format)
          • Server selector (JSON format)
          • Request selector (JSON format)
      • Authentication methods
        • Auth Plugin requirements
      • VPN
        • General
        • VPN Bypass list
        • Client Networks
      • Member
    • Export Data
    • Log
  • SDK
    • Unified VPN SDK for Android
      • Setup
        • Application Setup
        • Proguard Rules, Notification, and Analytics Configurations
        • Backend URL Configuration
      • Usage
        • Initialization
        • VPN Interface
        • Backend interface
      • Features
        • Hydra Protocol
          • Location profile (Hydra only)
        • Custom sdk dependencies
        • Deferred VPN Service Initialization
        • Authentication
        • Client Network List (CNL)
        • OpenVPN transport
        • Wireguard Transport
        • Reconnection strategy
        • Single Protocol SDK
        • Killswitch
        • Domain route via VPN
        • Process route via VPN
        • Process Bypass
        • Domain Bypass
        • Traffic rules
        • VPN Node DNS Configuration
        • Multihop
          • Optimal Location
      • Exceptions
      • Version migration
      • Changelog
    • Unified VPN SDK for Apple
      • Setup
        • Application Setup
        • Network Extension Setup
          • Network Extension Setup for tvOS
        • Backend URL Configuration
      • Usage
        • Single Protocol SDK
        • Unified SDK
        • Logging
        • Decoding Encoded VPN SDK Logs
      • Features
        • Deferred VPN Service Initialization
        • Authentication
        • Wireguard Transport
        • Reconnection strategy
        • Killswitch
        • Domain Bypass
        • Multihop
          • Optimal Location
        • Client Network List (CNL)
        • Domain route via VPN
      • Changelog
      • API Reference
    • IPSEC VPN SDK for Apple
    • Unified VPN SDK for Windows
      • Setup
        • Backend URL Configuration
        • Service command line arguments
        • ARM Platform Support
      • Usage
        • CoreAPI
        • Events
        • Generating a Unique Device Identifier
        • Error processing
        • Pipe Messaging
      • Features
        • Traffic protection
          • Killswitch
          • Prevent IP Leaks
          • Block Local Networks
        • Other
          • Firewall
            • DNS Monitor
            • Process Bypass
            • Domain Bypass
            • Process route via VPN
            • Domain route via VPN
          • Throttling
          • Optimal Location
          • Common issues
        • Hydra Protocol
          • CustomDNS, UserDNS, MultiHop, VpnProfiles
        • OpenVPN Protocol
        • Wireguard Protocol
        • IPSec Protocol
      • Collecting Debug Logs
      • Changelog
    • Unified VPN SDK for Routers
      • SDK. Shared library.
      • Configuration Interface (CI)
        • Unix Domain Sockets CI
        • REST API CI
    • Unified VPN SDK Feature Comparison By Platform
    • Unified VPN SDK
      • Features
        • Personal Bridge
    • Tunnel Vision and Tunnel Crack Prevention
  • REST API
    • Partner API
  • Sample applications
    • Unified VPN SDK demo for Windows
    • Hydra VPN SDK demo for iOS
    • IPSEC VPN SDK demo for iOS
    • Unified VPN SDK demo for Android
    • Hydra VPN SDK demo for OpenWRT
    • OpenVPN configuration file
  • Resources
    • Use cases
      • Public VPN
      • Business VPN
        • Creating a Business VPN Project
        • Wi-Fi Security for Business
      • Application anti-blocking
    • How-to
      • Create a Firebase project for User Authentication
      • AWS CloudFront Distribution of the Platform URL
      • How can I get Shared Secret key from iTunes Connect for In-App Purchase
  • FAQ
    • General
      • VPN Platform Flow
      • What data is collected by the Platform?
      • What analytic data is collected by your SDK?
      • How the Platform restricts access to our data?
      • Why DNS Leak tests often indicate positive result?
      • Do we need to perform endpoint health checks?
      • How is the VPN exit node found?
      • How are streams re-marked if VPN is enabled/disabled on an active flow?
      • Is there a maximum number of supported devices?
      • Are both IPv4 and IPv6 supported?
      • What is the MTU of the tunnel?
      • Are any redundancy measures in terms of reliability provided?
      • Is there any load balancing?
      • Do you block broadcast and multicast to/from the VPN?
    • List of Open Source libs
Powered by GitBook
On this page
  • What are Client Network Lists?
  • Setting Up Client Networks
  • Enabling Client Network Lists
  • Retrieving CNL Rules
  • VPN Disabled
  • VPN Enabled
  • Code Samples

Was this helpful?

  1. SDK
  2. Unified VPN SDK for Apple
  3. Features

Client Network List (CNL)

PreviousOptimal LocationNextDomain route via VPN

Last updated 3 months ago

Was this helpful?

The VPN SDK allows you to configure client network lists (CNLs) to control when the VPN enables or disables based on the device's current network connection. This article explains how to set up client networks and utilize the CNL feature in your VPN app.

What are Client Network Lists?

A client network list defines rules for enabling or disabling the VPN connection depending on the type of network the device is currently connected to. The supported network types are:

  • Wi-Fi

  • Wireless WAN (WWAN)

  • Local Area Network (LAN)

For each network type, you can specify an action to either enable or disable the VPN when the device connects to a network matching that type.

Setting Up Client Networks

To configure client networks:

  1. Sign in at .

  2. Navigate to Settings -> VPN -> Client Networks, click on the Add button.

  3. Edit the settings for the client network rule: - Select the network Type (Wi-Fi, WWAN, or LAN) - Choose the Action (enable or disable the VPN) For example:

Type
Network Conditions
Action

Wifi

  • SSID: "MyHomeWifi"

  • BSSID: "00:11:22:33:44:55"

DIsable

Wifi

  • SSID: "PublicWifi"

  • BSSID: "00:14:22:01:23:45"

Enable

Enabling Client Network Lists

To utilize client network lists in your app, first enable the feature by setting isClientListEnabled to true in your ModulesConfiguration:

let modulesConfiguration = ModulesConfiguration(
    isClientListEnabled: true, 
    // other configuration...
)

Retrieving CNL Rules

The SDK will automatically fetch the configured CNL rules before enabling the VPN. You can access the retrieved rules through the `clientNetworkList` property on the `HydraSDK` instance:

let clientNetworkList = hydraSDK.clientNetworkList

The clientNetworkList will contain an array of ClientNetworkRule objects representing the matched rules for the current network.

VPN Disabled

When a matching CNL rule with the action: .disable is found for the current network's SSID and BSSID, the VPN SDK will enter disable mode. In disable mode, the SDK automatically stops the VPN if it's running or prevents it from being enabled. Network traffic will go directly through the device's network connection without passing through the VPN.

This allows you to selectively disable the VPN on trusted networks.

VPN Enabled

The SDK provides a VPN Enabled feature that allows for seamless VPN connectivity. When this feature is active, the SDK will automatically handle connecting or reconnecting to a VPN service using either the default or last used VPN profile or configuration.

Code Samples

import VPNApplicationSDK
// ...

let groupData = VPNGroupData(groupID: "group.com.yourcompany.vpnsdk-demo", usesSystemExtension: false)

let hydraConfiguration = HydraConfiguration(
    carrierID: "YOUR_CARRIER_ID",
    extensionBundleID: "com.yourcompany.vpnsdk-demo.neprovider",
    groupData: groupData,
    fireshieldConfig: FireshieldConfig(mode: .disabled, groupData: groupData),
    modulesConfiguration: ModulesConfiguration(isClientListEnabled: true)
)

let hydraSDK = HydraSDK(configuration: hydraConfiguration)

hydraSDK.start(location: VirtualLocation.optimal(), proxy: nil, completion: { error, credential in
    if let error = error {
        print("Failed \(error)")
    } else {
        print("Success")
        let clientNetworkList = hydraSDK.clientNetworkList
        // Now we have access to the clientNetworkList, which contains data about available networks
    }
})

Configure using :

pango-cloud.com
HydraSDK