desktop-app icon indicating copy to clipboard operation
desktop-app copied to clipboard

Published 20 hours ago verified publisher icon ivpn

(macOS) iCloud sync fails when VPN connected

Open jordan-ivpn opened this issue 3 years ago • 11 comments

Bug report

Describe your environment

  • Device: _____
  • OS name and version: macOS
  • IVPN app version: _____

Describe the problem

"IVPN seems to interfere with the syncing of Safari bookmarks and tabs. They only sync properly when IVPN is turned off on the mac. It doesn’t seem to matter whether the iPhone is connected to IVPN."

"Here is the type of message that Console.app shows when trying to sync bookmarks with IVPN enabled."

501:com.apple.SafariBookmarksSyncAgent.XPC.TabCollectionMaintenance:C3CFEF:[
{name: DeviceActivityPolicy, policyWeight: 20.000, response: {Decision: Must Not Proceed, Score: 0.00, Rationale: [{deviceActivity == 1}]}}
], FinalDecision: Must Not Proceed}
  • IVPN App firewall "Allow LAN" and "Allow Multicast" = no change
  • IVPN App firewall OFF = no change
  • use different VPN server = no change

VPN needs to be disabled in IVPN App on macOS to allow the iCloud sync to proceed.

Ref: https://www.reddit.com/r/MacOS/comments/m9ugp2/macos_wont_sync_safari_bookmarks_to_icloud_over/

jordan-ivpn avatar Dec 02 '21 19:12 jordan-ivpn

Any progress on this? It is still an issue. I have tested all the scenarios mentioned above and I can confirm that iCloud sync for Safari doesn't work in any of them (bookmarks, open tabs and reading list). I have also tested 2 other VPN solutions. MullvadVPN seems to have the same problem but ProtonVPN doesn't. I will try and to a more detailed investigation.

nightmareartist avatar Feb 01 '22 09:02 nightmareartist

Re Mullvad: It's worth noting that when using Mullvad's app, iCloud sync doesn't work. However when using the Wireguard app with Mullvad's servers, everything works.

Relevant issue

paulrudy avatar Feb 01 '22 21:02 paulrudy

Hi We are able to reproduce the issue and we are looking for possible solutions. At the current time, I can not provide you with any estimates of when the issue will be fixed.

stenya avatar Feb 02 '22 11:02 stenya

I did some more debugging and it appears that the problem lies in antitracking/DNS settings that iVPN (and MullvadVPN) have, which are more agressive than what ProtonVPN has in place. If I use NextDNS as my custom DNS, controlling the blocking lists, iCloud/Safari sync works as expected. I hope that helps you with further debugging.

nightmareartist avatar Apr 20 '22 14:04 nightmareartist

I can confirm that Safari bookmarks sync works well when using ProtonVPN.

paulrudy avatar Jun 11 '22 23:06 paulrudy

Any progress on this issue?

paulrudy avatar Jul 22 '22 20:07 paulrudy

Unfortunately, no updates for now.

stenya avatar Jul 22 '22 21:07 stenya

The solution can be in changing the OS 'default' route to the VPN route. Currently, our app is using a more specific route '0/1' for the VPN channel. (see the proof of concept script for details: icloud-sync-route_script.zip)

Unfortunately, using a custom 'default' route is not persistent. macOS updates it in different situations. So, it can lead to unexpected leaks or to loss of connectivity.

I am postponing this ticket until we find a more robust solution.

stenya avatar Jan 11 '23 14:01 stenya

Having this issue too... it's really frustrating because it makes iCloud Drive unusable.

oalexdoda avatar Jan 26 '23 00:01 oalexdoda