Pango Platform
HomeConsole
  • What is Pango Developer Platform
  • Getting started
    • Sign up on the Management Console
    • Create a new project
    • Switch projects
    • Change console settings
    • Edit your profile
    • Try out the demo app
    • Keep exploring
    • Deprecation and Sunset
  • Console details
    • Dashboard
      • General
      • Location loading
    • Users
      • User page
    • Active sessions
    • Network
      • Countries
      • Locations
      • Pools
        • Optimal location
        • Location rules
    • Settings
      • General
        • Project config description (JSON format)
          • Server selector (JSON format)
          • Request selector (JSON format)
      • Authentication methods
        • Auth Plugin requirements
      • VPN
        • General
        • VPN Bypass list
        • Client Networks
      • Member
    • Export Data
    • Log
  • SDK
    • Unified VPN SDK for Android
      • Setup
        • Application Setup
        • Proguard Rules, Notification, and Analytics Configurations
        • Backend URL Configuration
      • Usage
        • Initialization
        • VPN Interface
        • Backend interface
      • Features
        • Hydra Protocol
          • Location profile (Hydra only)
        • Custom sdk dependencies
        • Deferred VPN Service Initialization
        • Authentication
        • Client Network List (CNL)
        • OpenVPN transport
        • Wireguard Transport
        • Reconnection strategy
        • Single Protocol SDK
        • Killswitch
        • Domain route via VPN
        • Process route via VPN
        • Process Bypass
        • Domain Bypass
        • Traffic rules
        • VPN Node DNS Configuration
        • Multihop
          • Optimal Location
      • Exceptions
      • Version migration
      • Changelog
    • Unified VPN SDK for Apple
      • Setup
        • Application Setup
        • Network Extension Setup
          • Network Extension Setup for tvOS
        • Backend URL Configuration
      • Usage
        • Single Protocol SDK
        • Unified SDK
        • Logging
        • Decoding Encoded VPN SDK Logs
      • Features
        • Deferred VPN Service Initialization
        • Authentication
        • Wireguard Transport
        • Reconnection strategy
        • Killswitch
        • Domain Bypass
        • Multihop
          • Optimal Location
        • Client Network List (CNL)
        • Domain route via VPN
      • Changelog
      • API Reference
    • IPSEC VPN SDK for Apple
    • Unified VPN SDK for Windows
      • Setup
        • Backend URL Configuration
        • Service command line arguments
        • ARM Platform Support
      • Usage
        • CoreAPI
        • Events
        • Generating a Unique Device Identifier
        • Error processing
        • Pipe Messaging
      • Features
        • Traffic protection
          • Killswitch
          • Prevent IP Leaks
          • Block Local Networks
        • Other
          • Firewall
            • DNS Monitor
            • Process Bypass
            • Domain Bypass
            • Process route via VPN
            • Domain route via VPN
          • Throttling
          • Optimal Location
          • Common issues
        • Hydra Protocol
          • CustomDNS, UserDNS, MultiHop, VpnProfiles
        • OpenVPN Protocol
        • Wireguard Protocol
        • IPSec Protocol
      • Collecting Debug Logs
      • Changelog
    • Unified VPN SDK for Routers
      • SDK. Shared library.
      • Configuration Interface (CI)
        • Unix Domain Sockets CI
        • REST API CI
    • Unified VPN SDK Feature Comparison By Platform
    • Unified VPN SDK
      • Features
        • Personal Bridge
    • Tunnel Vision and Tunnel Crack Prevention
  • REST API
    • Partner API
  • Sample applications
    • Unified VPN SDK demo for Windows
    • Hydra VPN SDK demo for iOS
    • IPSEC VPN SDK demo for iOS
    • Unified VPN SDK demo for Android
    • Hydra VPN SDK demo for OpenWRT
    • OpenVPN configuration file
  • Resources
    • Use cases
      • Public VPN
      • Business VPN
        • Creating a Business VPN Project
        • Wi-Fi Security for Business
      • Application anti-blocking
    • How-to
      • Create a Firebase project for User Authentication
      • AWS CloudFront Distribution of the Platform URL
      • How can I get Shared Secret key from iTunes Connect for In-App Purchase
  • FAQ
    • General
      • VPN Platform Flow
      • What data is collected by the Platform?
      • What analytic data is collected by your SDK?
      • How the Platform restricts access to our data?
      • Why DNS Leak tests often indicate positive result?
      • Do we need to perform endpoint health checks?
      • How is the VPN exit node found?
      • How are streams re-marked if VPN is enabled/disabled on an active flow?
      • Is there a maximum number of supported devices?
      • Are both IPv4 and IPv6 supported?
      • What is the MTU of the tunnel?
      • Are any redundancy measures in terms of reliability provided?
      • Is there any load balancing?
      • Do you block broadcast and multicast to/from the VPN?
    • List of Open Source libs
Powered by GitBook
On this page
  • Initializing WireguardSDK for iOS/macOS
  • Establishing a Connection
  • Updating Configuration
  • Disconnecting
  • Initializing WireguardSDK for tvOS
  • Step 1: Create the WireGuard Configuration
  • Step 2: Initialize the WireGuard SDK
  • Step 3: Start the VPN
  • Step 4: Stop the VPN
  • Key Considerations for tvOS Implementation
  • Implementing the Provider Delegate for tvOS
  • WireGuard Implementation Features

Was this helpful?

  1. SDK
  2. Unified VPN SDK for Apple
  3. Features

Wireguard Transport

Wireguard is a modern, fast, and secure VPN protocol. It aims to be simpler, leaner, and more performant than other VPN protocols like IPSec and OpenVPN. WireguardSDK allows developers to easily integrate WireGuard VPN functionality into their iOS applications. With WireguardSDK, you can establish secure VPN connections, manage configurations, and control the VPN lifecycle directly from your app's code.

Initializing WireguardSDK for iOS/macOS

To get started, you'll need to import the VPNApplicationSDK and create a WireguardConfiguration object with your specific settings:

import VPNApplicationSDK
// ...

let wireguardConfig = WireguardConfiguration(
    carrierID: "YOUR_CARRIER_ID",
    extensionBundleID: "com.yourcompany.demo-test.app.wireguard-extension",
    groupData: VPNGroupData(groupID: "group.com.yourcompany.vpnsdk-demo", usesSystemExtension: false)
)

let wireguardSDK = WireguardSDK(configuration: wireguardConfig)

Be sure to replace YOUR_CARRIER_ID with your actual carrier ID and update the extensionBundleID and groupID to match your app's settings.

Establishing a Connection

Once the SDK is initialized and the user is logged in, you can start a VPN connection with a single function call:

// ...
wireguardSDK.start(location: .optimal(), proxy: nil, completion: { error, credential in
    if let error = error {
        print("Failed to start Wireguard connection: \(error)")
    } else {
        print("Wireguard connection established successfully")
    }
})

This will establish a connection using the optimal location and no proxy. You can customize these settings as needed.

Updating Configuration

If you need to update the Wireguard configuration without creating a new SDK instance, you can use the updateConfiguration method:

// ...
let newWireguardConfig = WireguardConfiguration(
    carrierId: "NEW_CARRIER_ID",
    extensionBundleId: "com.yourcompany.demo-test.app.wireguard-extension",
    groupData: VPNGroupData(groupID: "new.group.com.yourcompany.vpnsdk-demo", usesSystemExtension: false)
)

do {
    try wireguardSDK.updateConfiguration(configuration: newWireguardConfig)
    print("Configuration updated successfully")
} catch {
    print("Failed to update configuration: \(error)")

You can't update the configuration if a connection is active. You'll need to call stopVPN first. Also, if you change the main configuration parameters (hostURL, carrierID, extensionBundleID, groupData), you'll need to create a new WireguardSDK instance instead of updating.

Disconnecting

To stop the VPN connection:

// ...
wireguardSDK.stop(completion: { error in
    if let error = error {
        print("Failed to stop VPN: \(error)")
    } else {
        print("VPN stopped successfully")
    }
})

Initializing WireguardSDK for tvOS

By following these steps, you can securely integrate VPN functionality into your tvOS app.

Step 1: Create the WireGuard Configuration

To begin, create a WireguardConfiguration object with the necessary parameters:

import VPNApplicationSDK

let config = WireguardConfiguration(
    carrierID: "your_carrier_id",
    extensionBundleID: "com.anchorfree.TestAppTVOS.wireguard", // Bundle ID for tvOS WireGuard provider
    groupData: VPNGroupData(
        groupID: "group.your.app.group", 
        usesSystemExtension: false
    ),
    hostURLs: ["your.api.host"],
    profileName: "WireGuard VPN",
    sessionPingInterval: nil, // Optional interval for session state checks
    serverAddressDisplayName: nil // Optional server name shown in settings
)

Replace "your_carrier_id", "com.anchorfree.TestAppTVOS.wireguard", "group.your.app.group", and "your.api.host" with your app's specific values.

Step 2: Initialize the WireGuard SDK

Next, initialize the WireGuard SDK using the previously created configuration:

let wireguardSDK = WireguardSDK(configuration: config)

Step 3: Start the VPN

To start the VPN, call the startVPN method on the wireguardSDK instance:

wireguardSDK.startVPN { error in
    if let error = error {
        print("Failed to start VPN: \(error)")
    } else {
        print("VPN started successfully")
    }
}

This method takes a completion handler that will be called with an error if the VPN fails to start, or with nil if the VPN starts successfully.

Step 4: Stop the VPN

When you need to stop the VPN, call the stopVPN method on the wireguardSDK instance:

wireguardSDK.stopVPN { error in
    if let error = error {
        print("Failed to stop VPN: \(error)")
    } else {
        print("VPN stopped successfully")  
    }
}

Similar to startVPN, this method takes a completion handler that will be called with an error if the VPN fails to stop, or with nil if the VPN stops successfully.

Key Considerations for tvOS Implementation

When implementing WireGuard VPN for tvOS, keep the following points in mind:

  1. Use the correct extension bundle ID for tvOS: com.anchorfree.TestAppTVOS.wireguard

  2. Set usesSystemExtension: false for tvOS in the group data configuration

Implementing the Provider Delegate for tvOS

To handle VPN events and errors, you need to implement the provider delegate for tvOS:

import WireguardTunnelProvider

class ProviderDelegate: NSObject, BaseNetworkExtensionDelegate {
    func vpnAppGroupData() -> VPNGroupData {
        VPNGroupData(groupID: "group.your.app.group", usesSystemExtension: false)
    }
    
    func vpnWillStart(with options: StartupOptions) {
        // Handle VPN start
    }
    
    func vpnDidStart() {
        // Handle VPN started
    }
    
    func vpnWillStop(withError error: VPNTunnelError?, 
                    availableRestartCompletion: ((_ shouldRestart: Bool) -> Void)?) {
        // Handle VPN stop
        availableRestartCompletion?(false)
    }
    
    func vpnDidReceiveError(_ error: VPNTunnelError) {
        // Handle errors
    }
}

Implement the necessary methods to handle VPN start, stop, and error events according to your app's requirements.

WireGuard Implementation Features

The WireGuard VPN SDK provides a secure VPN tunnel with the following features:

  • Session monitoring and management

  • Traffic counters

  • Configurable ping intervals

  • Error handling

  • Bypass domain configuration

Remember to properly configure your tvOS app's entitlements and capabilities for VPN usage before integrating the WireGuard SDK.

By following this step-by-step guide and considering the key points mentioned, you can successfully set up and use the WireGuard VPN SDK in your tvOS application.

PreviousAuthenticationNextReconnection strategy

Last updated 3 months ago

Was this helpful?