Advanced Network Troubleshooting on iPad and iPhone

By George Gonzalez

- 3 minutes read - 449 words

Every once in a while we experience a network problem on an iOS or iPadOS device that requires deeper troubleshooting. For example, a VPN client that is not connecting and has limited logging capability. On the other side, the network team is saying: “It’s not us, it’s the client.”

The only way to approach this is with data. On a macOS device you would fire up tcpdump and get what you need, but what about iOS and iPadOS? Well, the functionality is there, it is possible to do a packet capture on mobile devices. It is just not a flashy feature that gets talked about often.

What you will need

  • macOS device
  • USB-C cable or USB to Lightning Cable
  • Xcode
  • Terminal
  • Familiarity with tcpdump, wireshark , etc.

How to

We can utilize rvictl for this purpose. The “Remote Virtual Interface Tool” is used to control remote packet captures on attached devices and is usually located in /Library/Apple/usr/bin/rvictl

This binary gets installed as part of Xcode and related files for Mobile Development. Once installed, the device must be rebooted, as this will load the rpmuxd daemon. If this is not loaded, you may get the very cryptic and unhelpful bootstrap_look_up(): 1102 message when attempting to run rvictl.

  • Connect the mobile device to the host macOS system with the appropriate cable.
  • Find the UDID of the device. This can be done by opening the Finder, clicking on the connected device and then clicking on the text under the device name until it displays the UDID.
    iPad UDID
  • In terminal type:
sudo rvictl -s 00000000-000000000000000E
  • Hit enter and you should see:
Starting device 00000000-000000000000000E [SUCCEEDED] with interface rvi0
  • Then begin the packet capture
sudo tcpdump -vv -i rvi0 -w iPad01.pcap
  • You now have a pcap file that you can open with an application like Wireshark for further analysis.

What about just “Web Traffic” monitoring?

Sometimes a full packet trace is overkill. If all you need is the equivalent of “Developer Mode” on Safari then that is an easier process.

  • Connect mobile device to macOS
  • Enable Web Inspector on the mobile device by going to Settings > Safari > Advanced > Web Inspector
  • Launch Safari on the macOS Device
  • Enable Developer Mode in Safari
  • Select the mobile device from the Developer menu.
  • This will open the Web Inspector on the macOS device and you can view and record web traffic.

And logs?

If you open the Console app and select the connected mobile device, you will be able to stream logs the same way you can on macOS.

Using one or a combination of these methods, you will be able to solve even the most complex networking problems with iPads and iPhones.

Apple Developer Reference