Security researcher Michael Horowitz warns users of iOS devices that VPNs on this platform do not work. Although they seem to work normally, the iOS device also gets a new public IP address along with new DNS servers.
A detailed inspection of the data coming out of a device running iOS by Horowitz shows that there are leaks in VPN tunneling. This was first made known by ProtonVPN, according to Horowitz, as of March 2020 and iOS v13.
Horowitz first tested the ProtonVPN app on an iPad running iOS version 15.4.1. Monitoring the router logs after starting the VPN connection showed both a VPN tunnel and IP addresses obtained from a public server. He then checked the iPad's Active Sessions with PepLinks and got a first inkling of a problem.
Device connected via IPsec VPN tunnel with UDP IP 188.8.131.52. However, a 2nd TCP connection was also established by the Apple Push service using port 5223 to IP address 184.108.40.206. Horowitz reports that all IP addresses starting with 17 belong to Apple:
Το iOS 15.4.1 εξακολουθεί να μην τερματίζει τις υπάρχουσες συνδέσεις/περιόδους σύνδεσης όταν δημιουργεί ένα VPN tunnel. Αυτό παρουσιάζει διάφορους κινδύνους. Οι συνδέσεις εκτός του VPN επικοινωνούν με την πραγματική δημόσια διεύθυνση IP σας και δεν υπάρχει καμία εγγύηση ότι είναι κρυπτογραφημένες. Είναι επίσης ευάλωτες στην κατασκοπεία των ISP.
Horowitz described his findings in more detail in his article VPNs on iOS are a scam. He even published some "solutions", but his conclusion was:
Don't trust any VPN on iOS, connect using VPN client software on the router, not through an iOS device.