MacOS Sequoia blocking VPN, won't allow use of Messages and iCloud

I investigated how protonvpn works - it leaks everything to apple servers, does not send over VPN. Probably they use "Apple APIs" to setup the VPN. The VPNs having issues right now are the ones not using Apple APIs (manually setting up tun devices). The VPNs having issues DO NOT LEAK everything automatically to apple, that is why they have problems. Once they whitelist apple servers (to allow out the physical interface) then iMessages, etc start working again.

But i have much more faith in the VPNs that do not work with iMessages currently, as they don't leak by default.

g_wolfman wrote:

Well, admittedly my comment about MITM was a bit hyperbolic...

Don't mind me. I was just pointing out a few "features" of the forum software that people might have missed, perhaps due to the grey-on-white text.

Alas, there's nothing that can be done about internet misinformation. Probably our last hope now is that AI chatbots will be able to inject some sanity and reason. It seems like those are the only thing people believe anymore.

Hold on there, @JDJD630 - the only VPN working have some work-arounds that even they do not fully recommend. I've never used Express VPN and have no skin in this, but before you jump ship you should consider this seems to be a change Apple made that will impact all VPN vendors. For now, you can either export your config and add an IKEv2 VPN profile manually, or else wait for a fix from Express VPN or Apple. If you try other VPN's, I am sorry to say you'll be just as dissatisfied.

And on that note, some fault has to go to the VPN vendors here. Apple makes the beta available to them, and the noise they are all making now really should have been made when the bug was noticed by users during pre-release testing. Granted, Apple released despite the user reports of VPN issues, but Express VPN should have issued a "Do Not Update" warning to users as well. So there is a lot of blame to go around, I guess is my admittedly unproductive comment.

I've got the same issue with Messages when connected to VPN (Cisco Secure Client 5.1.5.65) where I'm unable to send or receive messages. As soon as I disconnect from VPN it works. This started when I upgraded to macOS 15.

I reported to ExpressVPN support that the new version 11.61.1 didn't solve the problem, but they did then tell me about a new somewhat hidden feature in the new version under General that says "Allow Apple Services to bypass the VPN", which I have now turned on. Overnight I still had Messages blocked, but after a restart this morning they did show up. Can't say yet that the problem is fixed with this release of ExpressVPN and Sequoia 15.0.1, but will try it today to see. It does look like it requires a reboot of the Mac to get things corrected though.

I also worked with TorGuard, ExpressVPN, and PIA (plus our corporate IT for their VPN). None of them work despite a lot of creative workarounds.

PIA have an alpha out that fixes this, it's a pinned to the top of their sub-reddit. Works great for me!

OpenVPN is also having a problem for me, but only with Messages. Even updating to 3.5.0 did not help.

Cthulhu wrote:

@g_wolfman I don't see anyone saying any of the things you posted.

There is a link to the original post being responded to in each reply. See here:

Unfortunately, the current version of the forum software has this funky default sort order by "rank" that can be very confusing. See:

I've changed mine to "Newest" in my preferences.

It's a real problem on some of these new Sequoia threads. People keep replying with the same problem, apparently not seeing the fix. At least I would expect to see the typical freak out about not running the firewall. Perhaps they just don't bother searching, but I think the sort order does contribute.

Can you elaborate what inflammatory statement you refer to and what untrue statement you are referencing? I must have missed where anyone even implied Apple is MITM'ing VPNs.

It's just typical internet misinformation. People often think that Apple is just a typical flaky tech company and all those social media influencers are trying to protect us from Apple's poor security. But if Apple really had such poor security, why would its biggest competitor set up an entire division just to hack Apple devices? Denigrating Apple has always been a popular pastime in certain circles, but now it's a full-fledged industry. But it's all fake.

Are you positive that it did not just sync while you were switching VPNs? Because I tried PIA, TorGuard, and a corporate Cisco and while the VPN is on with any app (from the vendor, or just OpenVPN) Messages does not sync.

I don't think you can get all that from macOS as easily as through Express VPN. You have to do a little more work to get similar functionality. macOS has the Private Relay (requires iCloud+) which can do much of what Express VPN can do to hide your IP address so websites can't detect it and hide the websites you are visiting from you internet provider (only in Safari, though). In Safari you can also prevent cross-site tracking through a setting in the Privacy section. I also have AdBlock Pro installed (the non paid version) to eliminate ads. All this is a bit piecemeal and doesn't offer the big switch that sits on the main pipe of your internet connectivity and thus works on everything on your computer like what Express VPN offers (unfortunately).