DEV Community

Bob Matcuk
Bob Matcuk

Posted on

5

iPad Sidecar Issues Over USB with VPN

When I'm working away from home, I like to use my iPad as a second monitor using Apple's "sidecar" feature. However, I noticed that, if the wifi network isn't great, there can be some performance issues or disconnects. So, I wanted to use a USB cable instead.

This worked fine, until I switched on my company's VPN. Within seconds, sidecar disconnected with a cryptic error message. Any attempt to reconnect failed with odd behavior (I'd get an error in OSX, but a black screen would load on the iPad).

Turns out: VPN clients will disable IPv6 unless the VPN configuration has explicit support for IPv6. The reason for this is that a large majority of VPNs are not configured for IPv6, so any IPv6 traffic will bypass the VPN. If you're attempting to use the VPN to secure all of your internet traffic, this is a problem! All of your IPv6 traffic will "leak".

It also turns out that connecting your iPad via USB makes it appear as a virtual ethernet device, configured to use IPv6. So, connecting to the VPN disables IPv6 and sidecar can no longer communicate with the iPad.

However, I'm not using a VPN to secure all of my traffic—just the traffic to my company's network. All of that traffic is IPv4 anyway, so, this security feature is lost on me. Disabling it solves all my sidecar issues! Woo!

So, if you're in the same boat as me, trying to use sidecar with a VPN, try searching through your VPN client's settings or documentation for this feature and disable it. Here's how to do that with tunnelblick:

  1. Click on tunnelblick's icon in the menu bar
  2. Select "VPN Details"
  3. Click on "Configurations" at the top
  4. Select your VPN configuration from the left-hand side
  5. Uncheck "Disable IPv6 unless the VPN server is accessed using IPv6"
  6. You may need to restart the VPN?
  7. Profit.

Postmark Image

Speedy emails, satisfied customers

Are delayed transactional emails costing you user satisfaction? Postmark delivers your emails almost instantly, keeping your customers happy and connected.

Sign up

Top comments (4)

Collapse
 
fpejril profile image
Frank Pejril

I had a similar but opposite issue, but your solution completely fixed it! What would happen is I would have my iPad connected to my MacBook via USB-C to use sidecar, and I could successfully connect to my company VPN (through which I route all traffic), but my traffic would not be routed correctly. Any time I would try to initiate SSH or MySQL clients that would require tunneling via our VPN IP, the clients would simply not connect unless I first disconnected sidecar and disabled/re-enabled VPN. Basically I could not use wired sidecar and VPN at the same time.

However, unchecking "Disable IPv6 unless the VPN server is accessed using IPv6" in Tunnelblick has completely fixed this issue!

Collapse
 
xji profile image
Xiang Ji

Thanks! For Mullvad VPN I had to enable "Local network sharing" which allows access to other devices on the local network, then it worked : )

Collapse
 
joshpuetz profile image
Josh Puetz

Ooh, great catch! I'm really surprised that running SideCar over USB also hits this issue!

Collapse
 
hellomihai profile image
hellomihai • Edited

🙌 Excellent idea! Confirmed this also works with Cisco Secure Client (AnyConnect VPN) > settings > allow local (lan) access when using VPN

AWS Security LIVE!

Tune in for AWS Security LIVE!

Join AWS Security LIVE! for expert insights and actionable tips to protect your organization and keep security teams prepared.

Learn More

👋 Kindness is contagious

Explore a sea of insights with this enlightening post, highly esteemed within the nurturing DEV Community. Coders of all stripes are invited to participate and contribute to our shared knowledge.

Expressing gratitude with a simple "thank you" can make a big impact. Leave your thanks in the comments!

On DEV, exchanging ideas smooths our way and strengthens our community bonds. Found this useful? A quick note of thanks to the author can mean a lot.

Okay