Closed GoogleCodeExporter closed 9 years ago
I can also confirm that it is working after I chose and applied "Set Nameserver
(3.0b10)" via the VPN details menu.
Original comment by trhud...@gmail.com
on 26 Jul 2012 at 5:52
trhudson -- Mountain Lion requires the latest beta from the Downloads page at
http://code.google.com/p/tunnelblick/wiki/DownloadsEntry?tm=2
Original comment by jkbull...@gmail.com
on 26 Jul 2012 at 5:53
I believe that just-released Tunnelblick 3.3beta16 will fix the DNS problems
and allow most users to use the default 'Set nameserver' setting for DNS/WINS.
It is available from the Downloads page at
https://code.google.com/p/tunnelblick/wiki/DownloadsEntry?tm=2
Original comment by jkbull...@gmail.com
on 27 Jul 2012 at 2:28
How come when I do 'check for update' it says no update available?
Original comment by a...@arista.com
on 27 Jul 2012 at 3:10
I can confirm that the new beta version does indeed work with just 'set
namespace' option.
Original comment by a...@arista.com
on 27 Jul 2012 at 3:14
Because the update has not been released yet. Typically new versions are
released as updates when they have been tested more thoroughly.
And you won't be able to update via the update process from 3.3beta10, 12, or
14 due to a bug. You'll have to download from the Downloads page. (You'll get a
notice to that effect.)
Original comment by jkbull...@gmail.com
on 27 Jul 2012 at 3:14
I was actually able to solve the connection and disconnection problems by
changing the server to the suggested 3.0b10 and am still using the latest
stable build of Tunnelblick, not the new beta version. I am not a computer
person by training, just a humble physician who uses the VPN to interpret
ultrasounds remotely. Thanks for your help on this.
Original comment by mpatric...@gmail.com
on 27 Jul 2012 at 5:09
Using Tunnelblick 3.2.6 (build 2891.3007) - OpenVPN 2.2.1 on OS X 10.8 and
setting the nameserver settings to 3.0b10 and restarting Tunnelblick also did
the trick for me (no need to update to the beta)
Original comment by wouter.v...@gmail.com
on 28 Jul 2012 at 6:26
2012-07-29 19:36:22 *Tunnelblick: OS X 10.8.0; Tunnelblick 3.2.6 (build
2891.3007)
2012-07-29 19:36:23 *Tunnelblick: Attempting connection with usa.puff; Set
nameserver = 1; monitoring connection
2012-07-29 19:36:23 *Tunnelblick:
/Applications/Tunnelblick.app/Contents/Resources/openvpnstart start
usa.puff.ovpn 1337 1 0 0 0 51 -atDASNGWrdasngw
2012-07-29 19:36:23 *Tunnelblick: openvpnstart:
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn
--cd /Users/arki727/Library/Application Support/Tunnelblick/Configurations
--daemon --management 127.0.0.1 1337 --config
/Users/arki727/Library/Application
Support/Tunnelblick/Configurations/usa.puff.ovpn --log /Library/Application
Support/Tunnelblick/Logs/-SUsers-Sarki727-SLibrary-SApplication
Support-STunnelblick-SConfigurations-Susa.puff.ovpn.1_0_0_0_51.1337.openvpn.log
--management-query-passwords --management-hold --script-security 2 --up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w
-d -atDASNGWrdasngw --down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m
-w -d -atDASNGWrdasngw --up-restart
2012-07-29 19:36:26 OpenVPN 2.2.1 i386-apple-darwin10.7.1 [SSL] [LZO2] [PKCS11]
[eurephia] built on May 2 2012
2012-07-29 19:36:26 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2012-07-29 19:36:26 Need hold release from management interface, waiting...
2012-07-29 19:36:27 *Tunnelblick: openvpnstart message: Loading tap.kext
Loading tun.kext
2012-07-29 19:36:27 *Tunnelblick: Established communication with OpenVPN
2012-07-29 19:36:27 MANAGEMENT: Client connected from 127.0.0.1:1337
2012-07-29 19:36:27 MANAGEMENT: CMD 'pid'
2012-07-29 19:36:27 MANAGEMENT: CMD 'state on'
2012-07-29 19:36:27 MANAGEMENT: CMD 'state'
2012-07-29 19:36:27 MANAGEMENT: CMD 'hold release'
2012-07-29 19:36:28 *Tunnelblick: Obtained VPN username and password from the
Keychain
2012-07-29 19:36:28 MANAGEMENT: CMD 'username "Auth" "cs23262249"'
2012-07-29 19:36:28 MANAGEMENT: CMD 'password [...]'
2012-07-29 19:36:28 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2012-07-29 19:36:28 WARNING: file 'usa.puff.ta.key' is group or others
accessible
2012-07-29 19:36:28 Control Channel Authentication: using 'usa.puff.ta.key' as
a OpenVPN static key file
2012-07-29 19:36:28 Outgoing Control Channel Authentication: Using 160 bit
message hash 'SHA1' for HMAC authentication
2012-07-29 19:36:28 Incoming Control Channel Authentication: Using 160 bit
message hash 'SHA1' for HMAC authentication
2012-07-29 19:36:28 LZO compression initialized
2012-07-29 19:36:28 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0
EL:0 ]
2012-07-29 19:36:28 Socket Buffers: R=[196724->65536] S=[9216->65536]
2012-07-29 19:36:28 MANAGEMENT: >STATE:1343561788,RESOLVE,,,
2012-07-29 19:36:28 RESOLVE: Cannot resolve host address: usa.vpuff.info:
[HOST_NOT_FOUND] The specified host is unknown.
2012-07-29 19:36:28 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0
EL:0 AF:3/1 ]
2012-07-29 19:36:28 Local Options hash (VER=V4): '504e774e'
2012-07-29 19:36:28 Expected Remote Options hash (VER=V4): '14168603'
2012-07-29 19:36:28 MANAGEMENT: >STATE:1343561788,RESOLVE,,,
2012-07-29 19:36:28 RESOLVE: Cannot resolve host address: usa.vpuff.info:
[HOST_NOT_FOUND] The specified host is unknown.
2012-07-29 19:36:28 TCP/UDP: Closing socket
2012-07-29 19:36:28 SIGUSR1[soft,init_instance] received, process restarting
2012-07-29 19:36:28 MANAGEMENT: >STATE:1343561788,RECONNECTING,init_instance,,
2012-07-29 19:36:28 MANAGEMENT: CMD 'hold release'
2012-07-29 19:36:28 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2012-07-29 19:36:28 Re-using SSL/TLS context
2012-07-29 19:36:28 LZO compression initialized
2012-07-29 19:36:28 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0
EL:0 ]
2012-07-29 19:36:28 Socket Buffers: R=[196724->65536] S=[9216->65536]
2012-07-29 19:36:28 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0
EL:0 AF:3/1 ]
2012-07-29 19:36:28 Local Options hash (VER=V4): '504e774e'
2012-07-29 19:36:28 Expected Remote Options hash (VER=V4): '14168603'
2012-07-29 19:36:28 UDPv4 link local: [undef]
2012-07-29 19:36:28 UDPv4 link remote: 72.52.65.84:443
2012-07-29 19:36:28 MANAGEMENT: >STATE:1343561788,WAIT,,,
2012-07-29 19:36:28 MANAGEMENT: >STATE:1343561788,AUTH,,,
2012-07-29 19:36:28 TLS: Initial packet from 72.52.65.84:443, sid=01c99015
402fa60b
2012-07-29 19:36:28 WARNING: this configuration may cache passwords in memory
-- use the auth-nocache option to prevent this
2012-07-29 19:36:31 VERIFY OK: depth=1,
/C=US/ST=CA/L=SanJose/O=eRightsNet/CN=f4.erights.net/emailAddress=puff@erights.n
et
2012-07-29 19:36:31 VERIFY OK: nsCertType=SERVER
2012-07-29 19:36:31 VERIFY OK: depth=0,
/C=US/ST=CA/L=SanJose/O=eRightsNet/CN=f4.erights.net/emailAddress=puff@erights.n
et
2012-07-29 19:36:32 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-07-29 19:36:32 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-07-29 19:36:32 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-07-29 19:36:32 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-07-29 19:36:32 Control Channel: TLSv1, cipher TLSv1/SSLv3
DHE-RSA-AES256-SHA, 1024 bit RSA
2012-07-29 19:36:32 [f4.erights.net] Peer Connection Initiated with
72.52.65.84:443
2012-07-29 19:36:33 MANAGEMENT: >STATE:1343561793,GET_CONFIG,,,
2012-07-29 19:36:35 SENT CONTROL [f4.erights.net]: 'PUSH_REQUEST' (status=1)
2012-07-29 19:36:35 Replay-window backtrack occurred [1]
2012-07-29 19:36:35 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS
216.218.196.2,dhcp-option DNS 65.19.176.2,route 172.20.0.1,topology net30,ping
10,ping-restart 120,ifconfig 172.20.14.122 172.20.14.121'
2012-07-29 19:36:35 OPTIONS IMPORT: timers and/or timeouts modified
2012-07-29 19:36:35 OPTIONS IMPORT: --ifconfig/up options modified
2012-07-29 19:36:35 OPTIONS IMPORT: route options modified
2012-07-29 19:36:35 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options
modified
2012-07-29 19:36:35 ROUTE default_gateway=192.168.1.1
2012-07-29 19:36:35 TUN/TAP device /dev/tun0 opened
2012-07-29 19:36:35 MANAGEMENT: >STATE:1343561795,ASSIGN_IP,,172.20.14.122,
2012-07-29 19:36:35 /sbin/ifconfig tun0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2012-07-29 19:36:35 NOTE: Tried to delete pre-existing tun/tap instance -- No
Problem if failure
2012-07-29 19:36:35 /sbin/ifconfig tun0 172.20.14.122 172.20.14.121 mtu 1500
netmask 255.255.255.255 up
2012-07-29 19:36:35
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w
-d -atDASNGWrdasngw tun0 1500 1542 172.20.14.122 172.20.14.121 init
No such key
2012-07-29 19:36:38 *Tunnelblick client.up.tunnelblick.sh: Retrieved name
server(s) [ 216.218.196.2 65.19.176.2 ] and WINS server(s) [ ] and using
default domain name [ openvpn ]
2012-07-29 19:36:38 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such
key' warnings are normal and may be ignored
2012-07-29 19:36:39 *Tunnelblick: Flushed the DNS cache
2012-07-29 19:36:39 /sbin/route add -net 72.52.65.84 192.168.1.1 255.255.255.255
add net 72.52.65.84: gateway 192.168.1.1
2012-07-29 19:36:39 /sbin/route add -net 0.0.0.0 172.20.14.121 128.0.0.0
add net 0.0.0.0: gateway 172.20.14.121
2012-07-29 19:36:39 /sbin/route add -net 128.0.0.0 172.20.14.121 128.0.0.0
add net 128.0.0.0: gateway 172.20.14.121
2012-07-29 19:36:39 MANAGEMENT: >STATE:1343561799,ADD_ROUTES,,,
2012-07-29 19:36:39 /sbin/route add -net 172.20.0.1 172.20.14.121
255.255.255.255
add net 172.20.0.1: gateway 172.20.14.121
2012-07-29 19:36:39 Initialization Sequence Completed
2012-07-29 19:36:39 MANAGEMENT:
>STATE:1343561799,CONNECTED,SUCCESS,172.20.14.122,72.52.65.84
2012-07-29 19:36:39 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and
WINS configurations for later use
2012-07-29 19:36:39 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor
system configuration with process-network-changes
2012-07-29 19:36:40 Replay-window backtrack occurred [3]
2012-07-29 19:37:04 Replay-window backtrack occurred [5]
2012-07-29 19:37:13 Replay-window backtrack occurred [16]
2012-07-29 19:37:13 Replay-window backtrack occurred [19]
2012-07-29 19:37:13 Replay-window backtrack occurred [20]
2012-07-29 19:37:14 *Tunnelblick process-network-changes: SearchDomains changed
from
*
* to
* <array> {
* 0 : openvpn
* }
* pre-VPN was
*
2012-07-29 19:37:14 *Tunnelblick process-network-changes: SearchDomains
changed; sending USR1 to OpenVPN (process ID 17361) to restart the connection.
2012-07-29 19:37:15 event_wait : Interrupted system call (code=4)
2012-07-29 19:37:15 TCP/UDP: Closing socket
2012-07-29 19:37:15
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m
-w -d -atDASNGWrdasngw tun0 1500 1542 172.20.14.122 172.20.14.121 restart
2012-07-29 19:37:16 SIGUSR1[hard,] received, process restarting
2012-07-29 19:37:16 MANAGEMENT: >STATE:1343561836,RECONNECTING,SIGUSR1,,
2012-07-29 19:37:16 MANAGEMENT: CMD 'hold release'
2012-07-29 19:37:16 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2012-07-29 19:37:16 Re-using SSL/TLS context
2012-07-29 19:37:16 LZO compression initialized
2012-07-29 19:37:16 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0
EL:0 ]
2012-07-29 19:37:16 Socket Buffers: R=[196724->65536] S=[9216->65536]
2012-07-29 19:37:16 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0
EL:0 AF:3/1 ]
2012-07-29 19:37:16 Local Options hash (VER=V4): '504e774e'
2012-07-29 19:37:16 Expected Remote Options hash (VER=V4): '14168603'
2012-07-29 19:37:16 UDPv4 link local: [undef]
2012-07-29 19:37:16 UDPv4 link remote: 72.52.65.84:443
2012-07-29 19:37:16 MANAGEMENT: >STATE:1343561836,WAIT,,,
2012-07-29 19:37:16 MANAGEMENT: >STATE:1343561836,AUTH,,,
2012-07-29 19:37:16 TLS: Initial packet from 72.52.65.84:443, sid=f1e80477
21af8084
2012-07-29 19:37:16 *Tunnelblick client.down.tunnelblick.sh: Cancelled
monitoring of system configuration changes
2012-07-29 19:37:16 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS
and WINS configurations
2012-07-29 19:37:17 VERIFY OK: depth=1,
/C=US/ST=CA/L=SanJose/O=eRightsNet/CN=f4.erights.net/emailAddress=puff@erights.n
et
2012-07-29 19:37:17 VERIFY OK: nsCertType=SERVER
2012-07-29 19:37:17 VERIFY OK: depth=0,
/C=US/ST=CA/L=SanJose/O=eRightsNet/CN=f4.erights.net/emailAddress=puff@erights.n
et
2012-07-29 19:37:18 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-07-29 19:37:18 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-07-29 19:37:18 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-07-29 19:37:18 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-07-29 19:37:18 Control Channel: TLSv1, cipher TLSv1/SSLv3
DHE-RSA-AES256-SHA, 1024 bit RSA
2012-07-29 19:37:18 [f4.erights.net] Peer Connection Initiated with
72.52.65.84:443
2012-07-29 19:37:19 MANAGEMENT: >STATE:1343561839,GET_CONFIG,,,
2012-07-29 19:37:20 SENT CONTROL [f4.erights.net]: 'PUSH_REQUEST' (status=1)
2012-07-29 19:37:20 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS
216.218.196.2,dhcp-option DNS 65.19.176.2,route 172.20.0.1,topology net30,ping
10,ping-restart 120,ifconfig 172.20.14.122 172.20.14.121'
2012-07-29 19:37:20 OPTIONS IMPORT: timers and/or timeouts modified
2012-07-29 19:37:20 OPTIONS IMPORT: --ifconfig/up options modified
2012-07-29 19:37:20 OPTIONS IMPORT: route options modified
2012-07-29 19:37:20 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options
modified
2012-07-29 19:37:20 Preserving previous TUN/TAP instance: tun0
2012-07-29 19:37:20
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w
-d -atDASNGWrdasngw tun0 1500 1542 172.20.14.122 172.20.14.121 restart
No such key
2012-07-29 19:37:22 Initialization Sequence Completed
2012-07-29 19:37:22 MANAGEMENT:
>STATE:1343561842,CONNECTED,SUCCESS,172.20.14.122,72.52.65.84
2012-07-29 19:37:22 *Tunnelblick client.up.tunnelblick.sh: Retrieved name
server(s) [ 216.218.196.2 65.19.176.2 ] and WINS server(s) [ ] and using
default domain name [ openvpn ]
2012-07-29 19:37:22 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such
key' warnings are normal and may be ignored
2012-07-29 19:37:22 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and
WINS configurations for later use
2012-07-29 19:37:22 *Tunnelblick: Flushed the DNS cache
2012-07-29 19:37:22 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor
system configuration with process-network-changes
2012-07-29 19:37:28 *Tunnelblick process-network-changes: SearchDomains changed
from
*
* to
* <array> {
* 0 : openvpn
* }
* pre-VPN was
*
2012-07-29 19:37:28 *Tunnelblick process-network-changes: SearchDomains
changed; sending USR1 to OpenVPN (process ID 17361) to restart the connection.
2012-07-29 19:37:29 event_wait : Interrupted system call (code=4)
2012-07-29 19:37:29 TCP/UDP: Closing socket
2012-07-29 19:37:29
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m
-w -d -atDASNGWrdasngw tun0 1500 1542 172.20.14.122 172.20.14.121 restart
2012-07-29 19:37:29 *Tunnelblick client.down.tunnelblick.sh: Cancelled
monitoring of system configuration changes
2012-07-29 19:37:29 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS
and WINS configurations
2012-07-29 19:37:29 SIGUSR1[hard,] received, process restarting
2012-07-29 19:37:29 MANAGEMENT: >STATE:1343561849,RECONNECTING,SIGUSR1,,
2012-07-29 19:37:29 MANAGEMENT: CMD 'hold release'
2012-07-29 19:37:29 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2012-07-29 19:37:29 Re-using SSL/TLS context
2012-07-29 19:37:29 LZO compression initialized
2012-07-29 19:37:29 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0
EL:0 ]
2012-07-29 19:37:29 Socket Buffers: R=[196724->65536] S=[9216->65536]
2012-07-29 19:37:29 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0
EL:0 AF:3/1 ]
2012-07-29 19:37:29 Local Options hash (VER=V4): '504e774e'
2012-07-29 19:37:29 Expected Remote Options hash (VER=V4): '14168603'
2012-07-29 19:37:29 UDPv4 link local: [undef]
2012-07-29 19:37:29 UDPv4 link remote: 72.52.65.84:443
2012-07-29 19:37:29 MANAGEMENT: >STATE:1343561849,WAIT,,,
2012-07-29 19:37:29 MANAGEMENT: >STATE:1343561849,AUTH,,,
2012-07-29 19:37:29 TLS: Initial packet from 72.52.65.84:443, sid=510101e3
73229e9f
2012-07-29 19:37:31 VERIFY OK: depth=1,
/C=US/ST=CA/L=SanJose/O=eRightsNet/CN=f4.erights.net/emailAddress=puff@erights.n
et
2012-07-29 19:37:31 VERIFY OK: nsCertType=SERVER
2012-07-29 19:37:31 VERIFY OK: depth=0,
/C=US/ST=CA/L=SanJose/O=eRightsNet/CN=f4.erights.net/emailAddress=puff@erights.n
et
2012-07-29 19:37:35 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-07-29 19:37:35 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-07-29 19:37:35 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-07-29 19:37:35 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-07-29 19:37:41 Control Channel: TLSv1, cipher TLSv1/SSLv3
DHE-RSA-AES256-SHA, 1024 bit RSA
2012-07-29 19:37:41 [f4.erights.net] Peer Connection Initiated with
72.52.65.84:443
2012-07-29 19:37:42 MANAGEMENT: >STATE:1343561862,GET_CONFIG,,,
2012-07-29 19:37:43 SENT CONTROL [f4.erights.net]: 'PUSH_REQUEST' (status=1)
2012-07-29 19:37:43 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS
216.218.196.2,dhcp-option DNS 65.19.176.2,route 172.20.0.1,topology net30,ping
10,ping-restart 120,ifconfig 172.20.14.122 172.20.14.121'
2012-07-29 19:37:43 OPTIONS IMPORT: timers and/or timeouts modified
2012-07-29 19:37:43 OPTIONS IMPORT: --ifconfig/up options modified
2012-07-29 19:37:43 OPTIONS IMPORT: route options modified
2012-07-29 19:37:43 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options
modified
2012-07-29 19:37:43 Preserving previous TUN/TAP instance: tun0
2012-07-29 19:37:43
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w
-d -atDASNGWrdasngw tun0 1500 1542 172.20.14.122 172.20.14.121 restart
No such key
2012-07-29 19:37:45 Initialization Sequence Completed
2012-07-29 19:37:45 MANAGEMENT:
>STATE:1343561865,CONNECTED,SUCCESS,172.20.14.122,72.52.65.84
2012-07-29 19:37:45 *Tunnelblick client.up.tunnelblick.sh: Retrieved name
server(s) [ 216.218.196.2 65.19.176.2 ] and WINS server(s) [ ] and using
default domain name [ openvpn ]
2012-07-29 19:37:45 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such
key' warnings are normal and may be ignored
2012-07-29 19:37:45 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and
WINS configurations for later use
2012-07-29 19:37:45 *Tunnelblick: Flushed the DNS cache
2012-07-29 19:37:45 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor
system configuration with process-network-changes
2012-07-29 19:37:50 *Tunnelblick: Disconnecting; 'disconnect' button pressed
2012-07-29 19:37:50 event_wait : Interrupted system call (code=4)
2012-07-29 19:37:50 TCP/UDP: Closing socket
2012-07-29 19:37:50 /sbin/route delete -net 172.20.0.1 172.20.14.121
255.255.255.255
delete net 172.20.0.1: gateway 172.20.14.121
2012-07-29 19:37:50 /sbin/route delete -net 72.52.65.84 192.168.1.1
255.255.255.255
delete net 72.52.65.84: gateway 192.168.1.1
2012-07-29 19:37:50 /sbin/route delete -net 0.0.0.0 172.20.14.121 128.0.0.0
delete net 0.0.0.0: gateway 172.20.14.121
2012-07-29 19:37:50 /sbin/route delete -net 128.0.0.0 172.20.14.121 128.0.0.0
delete net 128.0.0.0: gateway 172.20.14.121
2012-07-29 19:37:50 Closing TUN/TAP interface
2012-07-29 19:37:50
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m
-w -d -atDASNGWrdasngw tun0 1500 1542 172.20.14.122 172.20.14.121 init
2012-07-29 19:37:50 SIGTERM[hard,] received, process exiting
2012-07-29 19:37:50 MANAGEMENT: >STATE:1343561870,EXITING,SIGTERM,,
2012-07-29 19:37:50 *Tunnelblick client.down.tunnelblick.sh: Cancelled
monitoring of system configuration changes
2012-07-29 19:37:50 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS
and WINS configurations
2012-07-29 19:37:51 *Tunnelblick: Flushed the DNS cache
Original comment by arki...@gmail.com
on 29 Jul 2012 at 11:38
arki727: You should be using the latest beta version of Tunnelblick if you are
using Mountain Lion.
Please read Mountain Lion Issues at http://code.google.com/p/tunnelblick/wiki/cMountainLionDnsIssue.
Original comment by jkbull...@gmail.com
on 29 Jul 2012 at 12:09
after updating to Mountin Lion 10.8 and updating to Tunnelblick 3.2.8 (build
2891.3099) - OpenVPN 2.2.1, I face the same issue again, getting
connected/discounted repeatedly.
Tried changing setting>advanced>while connected>search domain: from "Restart
connection" to "Ignore"
Tried set DNS/WINS from "Set Nameserver" to "Set Nameserver (3.1)
Still getting connected/discounted repeatedly!
Any resolution or workaround?
Log:
2012-08-12 02:49:39 *Tunnelblick: OS X 10.8.0; Tunnelblick 3.2.8 (build
2891.3099)
2012-08-12 02:49:39 *Tunnelblick: Attempting connection with openvpn; Set
nameserver = 1; monitoring connection
2012-08-12 02:49:39 *Tunnelblick:
/Applications/Tunnelblick.app/Contents/Resources/openvpnstart start
openvpn.conf 1337 1 0 0 0 49 -atDASNGWrdangw
2012-08-12 02:49:39 *Tunnelblick: openvpnstart message: Loading tun.kext
2012-08-12 02:49:39 *Tunnelblick: Established communication with OpenVPN
2012-08-12 02:49:39 *Tunnelblick: Obtained VPN username and password from the
Keychain
2012-08-12 02:49:39 OpenVPN 2.2.1 i386-apple-darwin10.8.0 [SSL] [LZO2] [PKCS11]
[eurephia] built on Aug 10 2012
2012-08-12 02:49:39 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2012-08-12 02:49:39 Need hold release from management interface, waiting...
2012-08-12 02:49:39 MANAGEMENT: Client connected from 127.0.0.1:1337
2012-08-12 02:49:39 MANAGEMENT: CMD 'pid'
2012-08-12 02:49:39 MANAGEMENT: CMD 'state on'
2012-08-12 02:49:39 MANAGEMENT: CMD 'state'
2012-08-12 02:49:39 MANAGEMENT: CMD 'hold release'
2012-08-12 02:49:39 MANAGEMENT: CMD 'username "Auth" "hihakeem@mac.com"'
2012-08-12 02:49:39 MANAGEMENT: CMD 'password [...]'
2012-08-12 02:49:39 WARNING: No server certificate verification method has been
enabled. See http://openvpn.net/howto.html#mitm for more info.
2012-08-12 02:49:39 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2012-08-12 02:49:39 LZO compression initialized
2012-08-12 02:49:39 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0
EL:0 ]
2012-08-12 02:49:39 Socket Buffers: R=[196724->65536] S=[9216->65536]
2012-08-12 02:49:39 MANAGEMENT: >STATE:1344728979,RESOLVE,,,
2012-08-12 02:49:39 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0
EL:0 AF:3/1 ]
2012-08-12 02:49:39 Local Options hash (VER=V4): '41690919'
2012-08-12 02:49:39 Expected Remote Options hash (VER=V4): '530fdded'
2012-08-12 02:49:39 UDPv4 link local: [undef]
2012-08-12 02:49:39 UDPv4 link remote: 94.136.39.29:1200
2012-08-12 02:49:39 MANAGEMENT: >STATE:1344728979,WAIT,,,
2012-08-12 02:49:39 *Tunnelblick: openvpnstart:
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn
--cd /Users/apple/Library/Application Support/Tunnelblick/Configurations
--daemon --management 127.0.0.1 1337 --config /Users/apple/Library/Application
Support/Tunnelblick/Configurations/openvpn.conf --log /Library/Application
Support/Tunnelblick/Logs/-SUsers-Sapple-SLibrary-SApplication
Support-STunnelblick-SConfigurations-Sopenvpn.conf.1_0_0_0_49.1337.openvpn.log
--management-query-passwords --management-hold --script-security 2 --up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w
-d -atDASNGWrdangw --down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m
-w -d -atDASNGWrdangw --up-restart
2012-08-12 02:49:40 MANAGEMENT: >STATE:1344728980,AUTH,,,
2012-08-12 02:49:40 TLS: Initial packet from 94.136.39.29:1200, sid=9dc49f6c
0d58569c
2012-08-12 02:49:40 WARNING: this configuration may cache passwords in memory
-- use the auth-nocache option to prevent this
2012-08-12 02:49:41 VERIFY OK: depth=1,
/C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=david@
myhost.mydomain
2012-08-12 02:49:41 VERIFY OK: depth=0,
/C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=server/emailAddress=david@myhost.my
domain
2012-08-12 02:49:42 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-08-12 02:49:42 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-08-12 02:49:42 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-08-12 02:49:42 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-08-12 02:49:42 Control Channel: TLSv1, cipher TLSv1/SSLv3
DHE-RSA-AES256-SHA, 1024 bit RSA
2012-08-12 02:49:42 [server] Peer Connection Initiated with 94.136.39.29:1200
2012-08-12 02:49:43 MANAGEMENT: >STATE:1344728983,GET_CONFIG,,,
2012-08-12 02:49:44 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-08-12 02:49:45 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway,dhcp-option DNS 208.67.220.220,route
10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.10.142
10.8.10.141'
2012-08-12 02:49:45 OPTIONS IMPORT: timers and/or timeouts modified
2012-08-12 02:49:45 OPTIONS IMPORT: --ifconfig/up options modified
2012-08-12 02:49:45 OPTIONS IMPORT: route options modified
2012-08-12 02:49:45 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options
modified
2012-08-12 02:49:45 ROUTE default_gateway=10.0.1.1
2012-08-12 02:49:45 TUN/TAP device /dev/tun0 opened
2012-08-12 02:49:45 MANAGEMENT: >STATE:1344728985,ASSIGN_IP,,10.8.10.142,
2012-08-12 02:49:45 /sbin/ifconfig tun0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2012-08-12 02:49:45 NOTE: Tried to delete pre-existing tun/tap instance -- No
Problem if failure
2012-08-12 02:49:45 /sbin/ifconfig tun0 10.8.10.142 10.8.10.141 mtu 1500
netmask 255.255.255.255 up
2012-08-12 02:49:45
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w
-d -atDASNGWrdangw tun0 1500 1542 10.8.10.142 10.8.10.141 init
No such key
2012-08-12 02:49:47 *Tunnelblick: Flushed the DNS cache
2012-08-12 02:49:47 /sbin/route add -net 94.136.39.29 10.0.1.1 255.255.255.255
add net 94.136.39.29: gateway 10.0.1.1
2012-08-12 02:49:47 /sbin/route delete -net 0.0.0.0 10.0.1.1 0.0.0.0
delete net 0.0.0.0: gateway 10.0.1.1
2012-08-12 02:49:47 /sbin/route add -net 0.0.0.0 10.8.10.141 0.0.0.0
add net 0.0.0.0: gateway 10.8.10.141
2012-08-12 02:49:47 MANAGEMENT: >STATE:1344728987,ADD_ROUTES,,,
2012-08-12 02:49:47 /sbin/route add -net 10.8.0.1 10.8.10.141 255.255.255.255
add net 10.8.0.1: gateway 10.8.10.141
2012-08-12 02:49:47 Initialization Sequence Completed
2012-08-12 02:49:47 MANAGEMENT:
>STATE:1344728987,CONNECTED,SUCCESS,10.8.10.142,94.136.39.29
2012-08-12 02:49:47 *Tunnelblick client.up.tunnelblick.sh: Retrieved name
server(s) [ 208.67.220.220 ] and WINS server(s) [ ] and using default domain
name [ openvpn ]
2012-08-12 02:49:47 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such
key' warnings are normal and may be ignored
2012-08-12 02:49:47 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and
WINS configurations for later use
2012-08-12 02:49:47 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor
system configuration with process-network-changes
2012-08-12 02:49:52 *Tunnelblick process-network-changes: SearchDomains changed
from
*
* to
* <array> {
* 0 : openvpn
* }
* pre-VPN was
*
2012-08-12 02:49:52 *Tunnelblick process-network-changes: SearchDomains
changed; sending USR1 to OpenVPN (process ID 7465) to restart the connection.
2012-08-12 02:49:53 event_wait : Interrupted system call (code=4)
2012-08-12 02:49:53 TCP/UDP: Closing socket
2012-08-12 02:49:53
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m
-w -d -atDASNGWrdangw tun0 1500 1542 10.8.10.142 10.8.10.141 restart
2012-08-12 02:49:53 *Tunnelblick client.down.tunnelblick.sh: Cancelled
monitoring of system configuration changes
2012-08-12 02:49:53 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS
and WINS configurations
2012-08-12 02:49:54 SIGUSR1[hard,] received, process restarting
2012-08-12 02:49:54 MANAGEMENT: >STATE:1344728994,RECONNECTING,SIGUSR1,,
2012-08-12 02:49:54 MANAGEMENT: CMD 'hold release'
2012-08-12 02:49:54 WARNING: No server certificate verification method has been
enabled. See http://openvpn.net/howto.html#mitm for more info.
2012-08-12 02:49:54 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2012-08-12 02:49:54 Re-using SSL/TLS context
2012-08-12 02:49:54 LZO compression initialized
2012-08-12 02:49:54 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0
EL:0 ]
2012-08-12 02:49:54 Socket Buffers: R=[196724->65536] S=[9216->65536]
2012-08-12 02:49:54 MANAGEMENT: >STATE:1344728994,RESOLVE,,,
2012-08-12 02:49:54 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0
EL:0 AF:3/1 ]
2012-08-12 02:49:54 Local Options hash (VER=V4): '41690919'
2012-08-12 02:49:54 Expected Remote Options hash (VER=V4): '530fdded'
2012-08-12 02:49:54 UDPv4 link local: [undef]
2012-08-12 02:49:54 UDPv4 link remote: 94.136.39.29:1200
2012-08-12 02:49:54 MANAGEMENT: >STATE:1344728994,WAIT,,,
2012-08-12 02:49:54 MANAGEMENT: >STATE:1344728994,AUTH,,,
2012-08-12 02:49:54 TLS: Initial packet from 94.136.39.29:1200, sid=10f79d17
80ff6099
2012-08-12 02:49:54 VERIFY OK: depth=1,
/C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=david@
myhost.mydomain
2012-08-12 02:49:54 VERIFY OK: depth=0,
/C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=server/emailAddress=david@myhost.my
domain
2012-08-12 02:49:55 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-08-12 02:49:55 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-08-12 02:49:55 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-08-12 02:49:55 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-08-12 02:49:55 Control Channel: TLSv1, cipher TLSv1/SSLv3
DHE-RSA-AES256-SHA, 1024 bit RSA
2012-08-12 02:49:55 [server] Peer Connection Initiated with 94.136.39.29:1200
2012-08-12 02:49:56 MANAGEMENT: >STATE:1344728996,GET_CONFIG,,,
2012-08-12 02:49:57 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-08-12 02:49:57 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway,dhcp-option DNS 208.67.220.220,route
10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.10.142
10.8.10.141'
2012-08-12 02:49:57 OPTIONS IMPORT: timers and/or timeouts modified
2012-08-12 02:49:57 OPTIONS IMPORT: --ifconfig/up options modified
2012-08-12 02:49:57 OPTIONS IMPORT: route options modified
2012-08-12 02:49:57 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options
modified
2012-08-12 02:49:57 Preserving previous TUN/TAP instance: tun0
2012-08-12 02:49:57
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w
-d -atDASNGWrdangw tun0 1500 1542 10.8.10.142 10.8.10.141 restart
No such key
2012-08-12 02:49:59 *Tunnelblick: Flushed the DNS cache
2012-08-12 02:49:59 Initialization Sequence Completed
2012-08-12 02:49:59 MANAGEMENT:
>STATE:1344728999,CONNECTED,SUCCESS,10.8.10.142,94.136.39.29
2012-08-12 02:49:59 *Tunnelblick client.up.tunnelblick.sh: Retrieved name
server(s) [ 208.67.220.220 ] and WINS server(s) [ ] and using default domain
name [ openvpn ]
2012-08-12 02:49:59 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such
key' warnings are normal and may be ignored
2012-08-12 02:49:59 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and
WINS configurations for later use
2012-08-12 02:49:59 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor
system configuration with process-network-changes
2012-08-12 02:50:04 *Tunnelblick process-network-changes: SearchDomains changed
from
*
* to
* <array> {
* 0 : openvpn
* }
* pre-VPN was
*
2012-08-12 02:50:04 *Tunnelblick process-network-changes: SearchDomains
changed; sending USR1 to OpenVPN (process ID 7465) to restart the connection.
2012-08-12 02:50:05 event_wait : Interrupted system call (code=4)
2012-08-12 02:50:05 TCP/UDP: Closing socket
2012-08-12 02:50:05
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m
-w -d -atDASNGWrdangw tun0 1500 1542 10.8.10.142 10.8.10.141 restart
2012-08-12 02:50:05 SIGUSR1[hard,] received, process restarting
2012-08-12 02:50:05 MANAGEMENT: >STATE:1344729005,RECONNECTING,SIGUSR1,,
2012-08-12 02:50:05 MANAGEMENT: CMD 'hold release'
2012-08-12 02:50:05 WARNING: No server certificate verification method has been
enabled. See http://openvpn.net/howto.html#mitm for more info.
2012-08-12 02:50:05 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2012-08-12 02:50:05 Re-using SSL/TLS context
2012-08-12 02:50:05 LZO compression initialized
2012-08-12 02:50:05 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0
EL:0 ]
2012-08-12 02:50:05 Socket Buffers: R=[196724->65536] S=[9216->65536]
2012-08-12 02:50:05 MANAGEMENT: >STATE:1344729005,RESOLVE,,,
2012-08-12 02:50:05 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0
EL:0 AF:3/1 ]
2012-08-12 02:50:05 Local Options hash (VER=V4): '41690919'
2012-08-12 02:50:05 Expected Remote Options hash (VER=V4): '530fdded'
2012-08-12 02:50:05 UDPv4 link local: [undef]
2012-08-12 02:50:05 UDPv4 link remote: 94.136.39.29:1200
2012-08-12 02:50:05 MANAGEMENT: >STATE:1344729005,WAIT,,,
2012-08-12 02:50:05 *Tunnelblick client.down.tunnelblick.sh: Cancelled
monitoring of system configuration changes
2012-08-12 02:50:05 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS
and WINS configurations
2012-08-12 02:50:06 MANAGEMENT: >STATE:1344729006,AUTH,,,
2012-08-12 02:50:06 TLS: Initial packet from 94.136.39.29:1200, sid=8735debc
3e9501d8
2012-08-12 02:50:07 VERIFY OK: depth=1,
/C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=david@
myhost.mydomain
2012-08-12 02:50:07 VERIFY OK: depth=0,
/C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=server/emailAddress=david@myhost.my
domain
2012-08-12 02:50:09 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-08-12 02:50:09 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-08-12 02:50:09 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-08-12 02:50:09 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-08-12 02:50:09 Control Channel: TLSv1, cipher TLSv1/SSLv3
DHE-RSA-AES256-SHA, 1024 bit RSA
2012-08-12 02:50:09 [server] Peer Connection Initiated with 94.136.39.29:1200
2012-08-12 02:50:10 MANAGEMENT: >STATE:1344729010,GET_CONFIG,,,
2012-08-12 02:50:11 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-08-12 02:50:11 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway,dhcp-option DNS 208.67.220.220,route
10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.10.142
10.8.10.141'
2012-08-12 02:50:11 OPTIONS IMPORT: timers and/or timeouts modified
2012-08-12 02:50:11 OPTIONS IMPORT: --ifconfig/up options modified
2012-08-12 02:50:11 OPTIONS IMPORT: route options modified
2012-08-12 02:50:11 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options
modified
2012-08-12 02:50:11 Preserving previous TUN/TAP instance: tun0
2012-08-12 02:50:11
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w
-d -atDASNGWrdangw tun0 1500 1542 10.8.10.142 10.8.10.141 restart
No such key
2012-08-12 02:50:13 *Tunnelblick: Flushed the DNS cache
2012-08-12 02:50:13 Initialization Sequence Completed
2012-08-12 02:50:13 MANAGEMENT:
>STATE:1344729013,CONNECTED,SUCCESS,10.8.10.142,94.136.39.29
2012-08-12 02:50:13 *Tunnelblick client.up.tunnelblick.sh: Retrieved name
server(s) [ 208.67.220.220 ] and WINS server(s) [ ] and using default domain
name [ openvpn ]
2012-08-12 02:50:13 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such
key' warnings are normal and may be ignored
2012-08-12 02:50:13 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and
WINS configurations for later use
2012-08-12 02:50:13 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor
system configuration with process-network-changes
2012-08-12 02:50:18 *Tunnelblick process-network-changes: SearchDomains changed
from
*
* to
* <array> {
* 0 : openvpn
* }
* pre-VPN was
*
2012-08-12 02:50:18 *Tunnelblick process-network-changes: SearchDomains
changed; sending USR1 to OpenVPN (process ID 7465) to restart the connection.
2012-08-12 02:50:19 event_wait : Interrupted system call (code=4)
2012-08-12 02:50:19 TCP/UDP: Closing socket
2012-08-12 02:50:19
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m
-w -d -atDASNGWrdangw tun0 1500 1542 10.8.10.142 10.8.10.141 restart
2012-08-12 02:50:20 SIGUSR1[hard,] received, process restarting
2012-08-12 02:50:20 MANAGEMENT: >STATE:1344729020,RECONNECTING,SIGUSR1,,
2012-08-12 02:50:20 MANAGEMENT: CMD 'hold release'
2012-08-12 02:50:20 WARNING: No server certificate verification method has been
enabled. See http://openvpn.net/howto.html#mitm for more info.
2012-08-12 02:50:20 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2012-08-12 02:50:20 Re-using SSL/TLS context
2012-08-12 02:50:20 LZO compression initialized
2012-08-12 02:50:20 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0
EL:0 ]
2012-08-12 02:50:20 Socket Buffers: R=[196724->65536] S=[9216->65536]
2012-08-12 02:50:20 MANAGEMENT: >STATE:1344729020,RESOLVE,,,
2012-08-12 02:50:20 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0
EL:0 AF:3/1 ]
2012-08-12 02:50:20 Local Options hash (VER=V4): '41690919'
2012-08-12 02:50:20 Expected Remote Options hash (VER=V4): '530fdded'
2012-08-12 02:50:20 UDPv4 link local: [undef]
2012-08-12 02:50:20 UDPv4 link remote: 94.136.39.29:1200
2012-08-12 02:50:20 MANAGEMENT: >STATE:1344729020,WAIT,,,
2012-08-12 02:50:20 MANAGEMENT: >STATE:1344729020,AUTH,,,
2012-08-12 02:50:20 TLS: Initial packet from 94.136.39.29:1200, sid=ccc570dc
123bc29a
2012-08-12 02:50:20 *Tunnelblick client.down.tunnelblick.sh: Cancelled
monitoring of system configuration changes
2012-08-12 02:50:20 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS
and WINS configurations
2012-08-12 02:50:22 VERIFY OK: depth=1,
/C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=david@
myhost.mydomain
2012-08-12 02:50:22 VERIFY OK: depth=0,
/C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=server/emailAddress=david@myhost.my
domain
2012-08-12 02:50:25 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-08-12 02:50:25 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-08-12 02:50:25 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-08-12 02:50:25 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-08-12 02:50:27 *Tunnelblick: Disconnecting; 'Disconnect' menu command
invoked
2012-08-12 02:50:27 event_wait : Interrupted system call (code=4)
2012-08-12 02:50:27 TCP/UDP: Closing socket
2012-08-12 02:50:27 /sbin/route delete -net 10.8.0.1 10.8.10.141 255.255.255.255
delete net 10.8.0.1: gateway 10.8.10.141
2012-08-12 02:50:27 /sbin/route delete -net 94.136.39.29 10.0.1.1
255.255.255.255
delete net 94.136.39.29: gateway 10.0.1.1
2012-08-12 02:50:27 /sbin/route delete -net 0.0.0.0 10.8.10.141 0.0.0.0
delete net 0.0.0.0: gateway 10.8.10.141
2012-08-12 02:50:27 /sbin/route add -net 0.0.0.0 10.0.1.1 0.0.0.0
add net 0.0.0.0: gateway 10.0.1.1
2012-08-12 02:50:27 Closing TUN/TAP interface
2012-08-12 02:50:27
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m
-w -d -atDASNGWrdangw tun0 1500 1542 10.8.10.142 10.8.10.141 init
2012-08-12 02:50:28 *Tunnelblick: Flushed the DNS cache
2012-08-12 02:50:28 *Tunnelblick client.down.tunnelblick.sh: WARNING: No
existing OpenVPN DNS configuration found; not tearing down anything; exiting.
2012-08-12 02:50:28 SIGTERM[hard,] received, process exiting
2012-08-12 02:50:28 MANAGEMENT: >STATE:1344729028,EXITING,SIGTERM,,
Original comment by hihak...@gmail.com
on 11 Aug 2012 at 11:58
3.2.8 is NOT recommended for Mountain Lion.
Please read Mountain Lion Issues
(http://code.google.com/p/tunnelblick/wiki/cMountainLionDnsIssue).
Original comment by jkbull...@gmail.com
on 12 Aug 2012 at 1:06
I can also confirm that it is working after I chose and applied "Set Nameserver
(3.0b10)" via the VPN details menu.
Original comment by eray...@gmail.com
on 6 Sep 2012 at 9:25
I can also confirm that changing the settings to nameserver 3.0b10 resolves the
issue. Tunnelblick doesn't need to be updated to beta. Thank you everyone for
your effort.
Original comment by qasimsa...@gmail.com
on 10 Sep 2012 at 2:02
Several people have written that using the 3.0b10 setting "resolves the issue".
It may resolve the issue of repeated connection/disconnection, but not everyone
can use it. The 3.0b10 setting doesn't do as much as the standard "Set
nameserver" setting. For example, it doesn't react properly to many network
changes.
And using the 3.0b10 setting may merely hide a real problem with a
network/OpenVPN/Tunnelblick setup.
Most people would be better off (on Mountain Lion) using the beta and the
standard "Set nameserver" setting and finding and fixing any problems that
result.
Original comment by jkbull...@gmail.com
on 10 Sep 2012 at 2:10
I have a similar issue, and altering the DNS settings does not help. I am
pasting my log below, can anyone offer any clues as to what might be happening?
2012-09-11 09:24:03 *Tunnelblick: OS X 10.8.1; Tunnelblick 3.3beta20 (build
3105)
2012-09-11 09:24:03 *Tunnelblick: Attempting connection with ibVPN CA-Hamilton;
Set nameserver = 9; not monitoring connection
2012-09-11 09:24:03 *Tunnelblick:
/Applications/Tunnelblick.app/Contents/Resources/openvpnstart start ibVPN\
CA-Hamilton.tblk 1337 9 0 3 1 114 -atADGNWradsgnw
2012-09-11 09:24:03 *Tunnelblick: openvpnstart message: Loading tap.kext
OpenVPN started successfully. Command used to start OpenVPN (one argument per
displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn
--cd
/Library/Application Support/Tunnelblick/Shared/ibVPN CA-Hamilton.tblk/Contents/Resources
--daemon
--management
127.0.0.1
1337
--config
/Library/Application Support/Tunnelblick/Shared/ibVPN CA-Hamilton.tblk/Contents/Resources/config.ovpn
--log
/Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-SibVPN CA--Hamilton.tblk-SContents-SResources-Sconfig.ovpn.9_0_3_1_114.1337.openvpn.log
--management-query-passwords
--management-hold
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/client.2.up.tunnelblick.sh -w -d -a -atADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/client.2.down.tunnelblick.sh -w -d -a -atADGNWradsgnw
--up-restart
2012-09-11 09:24:03 *Tunnelblick: Established communication with OpenVPN
2012-09-11 09:24:03 OpenVPN 2.3-alpha1 i386-apple-darwin10.8.0 [SSL (OpenSSL)]
[LZO2] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110522-1 (2.2.0)] built on
Aug 10 2012
2012-09-11 09:24:03 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
2012-09-11 09:24:03 Need hold release from management interface, waiting...
2012-09-11 09:24:03 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
2012-09-11 09:24:03 MANAGEMENT: CMD 'pid'
2012-09-11 09:24:03 MANAGEMENT: CMD 'state on'
2012-09-11 09:24:03 MANAGEMENT: CMD 'state'
2012-09-11 09:24:03 MANAGEMENT: CMD 'bytecount 1'
2012-09-11 09:24:03 MANAGEMENT: CMD 'hold release'
2012-09-11 09:24:03 *Tunnelblick: openvpnstart starting OpenVPN:
* /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn --cd /Library/Application Support/Tunnelblick/Shared/ibVPN CA-Hamilton.tblk/Contents/Resources --daemon --management 127.0.0.1 1337 --config /Library/Application Support/Tunnelblick/Shared/ibVPN CA-Hamilton.tblk/Contents/Resources/config.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-SibVPN CA--Hamilton.tblk-SContents-SResources-Sconfig.ovpn.9_0_3_1_114.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Tunnelblick.app/Contents/Resources/client.2.up.tunnelblick.sh -w -d -a -atADGNWradsgnw --down /Applications/Tunnelblick.app/Contents/Resources/client.2.down.tunnelblick.sh -w -d -a -atADGNWradsgnw --up-restart
2012-09-11 09:24:12 MANAGEMENT: CMD 'username "Auth" "onur@glacial.com"'
2012-09-11 09:24:12 MANAGEMENT: CMD 'password [...]'
2012-09-11 09:24:12 IMPORTANT: OpenVPN's default port number is now 1194, based
on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier
used 5000 as the default port.
2012-09-11 09:24:12 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2012-09-11 09:24:12 Socket Buffers: R=[196724->65536] S=[9216->65536]
2012-09-11 09:24:12 UDPv4 link local (bound): [undef]
2012-09-11 09:24:12 UDPv4 link remote: [AF_INET]67.230.166.146:1194
2012-09-11 09:24:12 MANAGEMENT: >STATE:1347344652,WAIT,,,
2012-09-11 09:24:12 MANAGEMENT: >STATE:1347344652,AUTH,,,
2012-09-11 09:24:12 TLS: Initial packet from [AF_INET]67.230.166.146:1194,
sid=3ddc1d4b cb9763f4
2012-09-11 09:24:12 WARNING: this configuration may cache passwords in memory
-- use the auth-nocache option to prevent this
2012-09-11 09:24:15 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco,
O=Fort-Funston, CN=Fort-Funston CA, emailAddress=me@myhost.mydomain
2012-09-11 09:24:15 VERIFY OK: nsCertType=SERVER
2012-09-11 09:24:15 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco,
O=Fort-Funston, CN=server, emailAddress=me@myhost.mydomain
2012-09-11 09:24:16 WARNING: 'link-mtu' is used inconsistently, local='link-mtu
1574', remote='link-mtu 1578'
2012-09-11 09:24:16 WARNING: 'mtu-dynamic' is present in remote config but
missing in local config, remote='mtu-dynamic'
2012-09-11 09:24:16 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-09-11 09:24:16 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-09-11 09:24:16 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-09-11 09:24:16 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-09-11 09:24:16 Control Channel: TLSv1, cipher TLSv1/SSLv3
DHE-RSA-AES256-SHA, 1024 bit RSA
2012-09-11 09:24:16 [server] Peer Connection Initiated with
[AF_INET]67.230.166.146:1194
2012-09-11 09:24:17 MANAGEMENT: >STATE:1347344657,GET_CONFIG,,,
2012-09-11 09:24:18 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-09-11 09:24:18 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS
8.8.4.4,route 10.10.10.0 255.255.255.0 vpn_gateway,show-net-up,route-gateway
10.10.10.1,ping 10,ping-restart 60,ifconfig 10.10.10.16 255.255.255.0'
2012-09-11 09:24:18 Options error: Unrecognized option or missing parameter(s)
in [PUSH-OPTIONS]:5: show-net-up (2.3-alpha1)
2012-09-11 09:24:18 OPTIONS IMPORT: timers and/or timeouts modified
2012-09-11 09:24:18 OPTIONS IMPORT: --ifconfig/up options modified
2012-09-11 09:24:18 OPTIONS IMPORT: route options modified
2012-09-11 09:24:18 OPTIONS IMPORT: route-related options modified
2012-09-11 09:24:18 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options
modified
2012-09-11 09:24:18 ROUTE_GATEWAY 192.168.2.1/255.255.255.0 IFACE=en0
HWADDR=04:0c:ce:df:6e:c2
2012-09-11 09:24:18 TUN/TAP device /dev/tap0 opened
2012-09-11 09:24:18 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
2012-09-11 09:24:18 MANAGEMENT: >STATE:1347344658,ASSIGN_IP,,10.10.10.16,
2012-09-11 09:24:18 /sbin/ifconfig tap0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2012-09-11 09:24:18 NOTE: Tried to delete pre-existing tun/tap instance -- No
Problem if failure
2012-09-11 09:24:18 /sbin/ifconfig tap0 10.10.10.16 netmask 255.255.255.0 mtu
1500 up
2012-09-11 09:24:18
/Applications/Tunnelblick.app/Contents/Resources/client.2.up.tunnelblick.sh -w
-d -a -atADGNWradsgnw tap0 1500 1574 10.10.10.16 255.255.255.0 init
2012-09-11 09:24:20 /sbin/route add -net 67.230.166.146 192.168.2.1
255.255.255.255
add net 67.230.166.146: gateway 192.168.2.1
2012-09-11 09:24:20 /sbin/route add -net 0.0.0.0 10.10.10.1 128.0.0.0
add net 0.0.0.0: gateway 10.10.10.1
2012-09-11 09:24:20 *Tunnelblick: Flushed the DNS cache
2012-09-11 09:24:20 /sbin/route add -net 128.0.0.0 10.10.10.1 128.0.0.0
add net 128.0.0.0: gateway 10.10.10.1
2012-09-11 09:24:20 MANAGEMENT: >STATE:1347344660,ADD_ROUTES,,,
2012-09-11 09:24:20 /sbin/route add -net 10.10.10.0 10.10.10.1 255.255.255.0
route: writing to routing socket: File exists
add net 10.10.10.0: gateway 10.10.10.1: File exists
2012-09-11 09:24:20 Initialization Sequence Completed
2012-09-11 09:24:20 MANAGEMENT:
>STATE:1347344660,CONNECTED,SUCCESS,10.10.10.16,67.230.166.146
2012-09-11 09:24:21 TCP/UDP: Incoming packet rejected from
[AF_INET]188.72.250.92:1194[2], expected peer address:
[AF_INET]67.230.166.146:1194 (allow this incoming source address/port by
removing --remote or adding --float)
2012-09-11 09:24:28 Bad LZO decompression header byte: 0
2012-09-11 09:24:32 TCP/UDP: Incoming packet rejected from
[AF_INET]188.72.250.92:1194[2], expected peer address:
[AF_INET]67.230.166.146:1194 (allow this incoming source address/port by
removing --remote or adding --float)
2012-09-11 09:24:38 Bad LZO decompression header byte: 0
2012-09-11 09:24:48 Bad LZO decompression header byte: 0
2012-09-11 09:24:55 *Tunnelblick: After 30.0 seconds, gave up trying to fetch
IP address information using the ipInfo host's name after connecting.
2012-09-11 09:24:59 Bad LZO decompression header byte: 0
2012-09-11 09:25:10 Bad LZO decompression header byte: 0
2012-09-11 09:25:18 [server] Inactivity timeout (--ping-restart), restarting
2012-09-11 09:25:18
/Applications/Tunnelblick.app/Contents/Resources/client.2.down.tunnelblick.sh
-w -d -a -atADGNWradsgnw tap0 1500 1574 10.10.10.16 255.255.255.0 restart
2012-09-11 09:25:18 SIGUSR1[soft,ping-restart] received, process restarting
2012-09-11 09:25:18 MANAGEMENT: >STATE:1347344718,RECONNECTING,ping-restart,,
2012-09-11 09:25:18 MANAGEMENT: CMD 'hold release'
2012-09-11 09:25:18 IMPORTANT: OpenVPN's default port number is now 1194, based
on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier
used 5000 as the default port.
2012-09-11 09:25:18 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2012-09-11 09:25:18 Socket Buffers: R=[196724->65536] S=[9216->65536]
2012-09-11 09:25:18 UDPv4 link local (bound): [undef]
2012-09-11 09:25:18 UDPv4 link remote: [AF_INET]67.230.166.146:1194
2012-09-11 09:25:18 MANAGEMENT: >STATE:1347344718,WAIT,,,
2012-09-11 09:25:18 MANAGEMENT: >STATE:1347344718,AUTH,,,
2012-09-11 09:25:18 TLS: Initial packet from [AF_INET]67.230.166.146:1194,
sid=a5fc9551 538213cf
2012-09-11 09:25:19 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco,
O=Fort-Funston, CN=Fort-Funston CA, emailAddress=me@myhost.mydomain
2012-09-11 09:25:19 VERIFY OK: nsCertType=SERVER
2012-09-11 09:25:19 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco,
O=Fort-Funston, CN=server, emailAddress=me@myhost.mydomain
2012-09-11 09:25:19 WARNING: 'link-mtu' is used inconsistently, local='link-mtu
1574', remote='link-mtu 1578'
2012-09-11 09:25:19 WARNING: 'mtu-dynamic' is present in remote config but
missing in local config, remote='mtu-dynamic'
2012-09-11 09:25:19 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-09-11 09:25:19 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-09-11 09:25:19 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128
bit key
2012-09-11 09:25:19 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for
HMAC authentication
2012-09-11 09:25:19 Control Channel: TLSv1, cipher TLSv1/SSLv3
DHE-RSA-AES256-SHA, 1024 bit RSA
2012-09-11 09:25:19 [server] Peer Connection Initiated with
[AF_INET]67.230.166.146:1194
2012-09-11 09:25:20 MANAGEMENT: >STATE:1347344720,GET_CONFIG,,,
2012-09-11 09:25:22 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-09-11 09:25:22 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS
8.8.4.4,route 10.10.10.0 255.255.255.0 vpn_gateway,show-net-up,route-gateway
10.10.10.1,ping 10,ping-restart 60,ifconfig 10.10.10.16 255.255.255.0'
2012-09-11 09:25:22 Options error: Unrecognized option or missing parameter(s)
in [PUSH-OPTIONS]:5: show-net-up (2.3-alpha1)
2012-09-11 09:25:22 OPTIONS IMPORT: timers and/or timeouts modified
2012-09-11 09:25:22 OPTIONS IMPORT: --ifconfig/up options modified
2012-09-11 09:25:22 OPTIONS IMPORT: route options modified
2012-09-11 09:25:22 OPTIONS IMPORT: route-related options modified
2012-09-11 09:25:22 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options
modified
2012-09-11 09:25:22 Preserving previous TUN/TAP instance: tap0
2012-09-11 09:25:22
/Applications/Tunnelblick.app/Contents/Resources/client.2.up.tunnelblick.sh -w
-d -a -atADGNWradsgnw tap0 1500 1574 10.10.10.16 255.255.255.0 restart
2012-09-11 09:25:22 Initialization Sequence Completed
2012-09-11 09:25:22 MANAGEMENT:
>STATE:1347344722,CONNECTED,SUCCESS,10.10.10.16,67.230.166.146
2012-09-11 09:25:22 *Tunnelblick: Flushed the DNS cache
2012-09-11 09:25:32 *Tunnelblick: After 30.0 seconds, gave up trying to fetch
IP address information using the ipInfo host's IP address after connecting.
2012-09-11 09:25:33 Bad LZO decompression header byte: 0
2012-09-11 09:25:39 *Tunnelblick: Disconnecting; 'Disconnect all' menu command
invoked
2012-09-11 09:25:39 event_wait : Interrupted system call (code=4)
2012-09-11 09:25:39 /sbin/route delete -net 10.10.10.0 10.10.10.1 255.255.255.0
delete net 10.10.10.0: gateway 10.10.10.1
2012-09-11 09:25:39 /sbin/route delete -net 67.230.166.146 192.168.2.1
255.255.255.255
2012-09-11 09:25:39 *Tunnelblick: Flushed the DNS cache
delete net 67.230.166.146: gateway 192.168.2.1
2012-09-11 09:25:39 /sbin/route delete -net 0.0.0.0 10.10.10.1 128.0.0.0
delete net 0.0.0.0: gateway 10.10.10.1
2012-09-11 09:25:39 /sbin/route delete -net 128.0.0.0 10.10.10.1 128.0.0.0
delete net 128.0.0.0: gateway 10.10.10.1
2012-09-11 09:25:39 Closing TUN/TAP interface
2012-09-11 09:25:39
/Applications/Tunnelblick.app/Contents/Resources/client.2.down.tunnelblick.sh
-w -d -a -atADGNWradsgnw tap0 1500 1574 10.10.10.16 255.255.255.0 init
ipconfig_set tap0 NONE failed: interface doesn't exist
2012-09-11 09:25:39 MANAGEMENT: Client disconnected
2012-09-11 09:25:39 WARNING: Failed running command (--up/--down): external
program exited with error status: 1
2012-09-11 09:25:39 Exiting due to fatal error
Original comment by obir...@gmail.com
on 11 Sep 2012 at 6:30
obirsen: There appear to be several OpenVPN configuration problems:
WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1574',
remote='link-mtu 1578'
WARNING: 'mtu-dynamic' is present in remote config but missing in local config,
remote='mtu-dynamic'
Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:5:
show-net-up (2.3-alpha1)
TCP/UDP: Incoming packet rejected from [AF_INET]188.72.250.92:1194[2], expected
peer address: [AF_INET]67.230.166.146:1194 (allow this incoming source
address/port by removing --remote or adding --float)
Original comment by jkbull...@gmail.com
on 11 Sep 2012 at 10:12
Pourriez-vous m'aider, je ne trouve pas quoi faire. Il se connecte une
première fois quelques secondes, puis tente de se reconnecter mais plus rien
de nouveau ...
Voici le log :
2012-09-14 02:50:50 *Tunnelblick: OS X 10.8.1; Tunnelblick 3.2.8 (build
2891.3099) Unsigned
2012-09-14 02:50:50 *Tunnelblick: Attempting connection with openvpn-US from
Deploy; Set nameserver = 1; monitoring connection
2012-09-14 02:50:50 *Tunnelblick:
/Users/Tumata/Desktop/Tunnelblick.app/Contents/Resources/openvpnstart start
openvpn-US.conf 1337 1 0 2 0 49 -atDASNGWrdasngw
2012-09-14 02:50:50 *Tunnelblick: openvpnstart:
/Users/Tumata/Desktop/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/o
penvpn --cd /Users/Tumata/Desktop/Tunnelblick.app/Contents/Resources/Deploy
--daemon --management 127.0.0.1 1337 --config
/Users/Tumata/Desktop/Tunnelblick.app/Contents/Resources/Deploy/openvpn-US.conf
--log /Library/Application
Support/Tunnelblick/Logs/-SUsers-STumata-SDesktop-STunnelblick.app-SContents-SRe
sources-SDeploy-Sopenvpn--US.conf.1_0_2_0_49.1337.openvpn.log
--management-query-passwords --management-hold --script-security 2 --up
/Users/Tumata/Desktop/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.s
h -m -w -d -atDASNGWrdasngw --down
/Users/Tumata/Desktop/Tunnelblick.app/Contents/Resources/client.down.tunnelblick
.sh -m -w -d -atDASNGWrdasngw --up-restart
2012-09-14 02:50:51 *Tunnelblick: openvpnstart message: Loading tun.kext
2012-09-14 02:50:51 *Tunnelblick: Established communication with OpenVPN
2012-09-14 02:50:51 OpenVPN 2.2.1 i386-apple-darwin10.8.0 [SSL] [LZO2] [PKCS11]
[eurephia] built on Aug 10 2012
2012-09-14 02:51:12 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2012-09-14 02:51:12 LZO compression initialized
2012-09-14 02:51:12 UDPv4 link local: [undef]
2012-09-14 02:51:12 UDPv4 link remote: 184.22.183.74:30003
2012-09-14 02:51:12 WARNING: this configuration may cache passwords in memory
-- use the auth-nocache option to prevent this
2012-09-14 02:51:20 [server] Peer Connection Initiated with 184.22.183.74:30003
2012-09-14 02:51:23 TUN/TAP device /dev/tun0 opened
2012-09-14 02:51:23 /sbin/ifconfig tun0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2012-09-14 02:51:23 NOTE: Tried to delete pre-existing tun/tap instance -- No
Problem if failure
2012-09-14 02:51:23 /sbin/ifconfig tun0 10.10.0.34 10.10.0.33 mtu 1500 netmask
255.255.255.255 up
2012-09-14 02:51:23
/Users/Tumata/Desktop/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.s
h -m -w -d -atDASNGWrdasngw tun0 1500 1542 10.10.0.34 10.10.0.33 init
No such key
add net 184.22.183.74: gateway 192.168.0.1
add net 0.0.0.0: gateway 10.10.0.33
add net 128.0.0.0: gateway 10.10.0.33
add net 10.10.0.1: gateway 10.10.0.33
2012-09-14 02:51:25 *Tunnelblick: Flushed the DNS cache
2012-09-14 02:51:25 Initialization Sequence Completed
2012-09-14 02:51:25 *Tunnelblick client.up.tunnelblick.sh: Retrieved name
server(s) [ 178.238.129.66 ] and WINS server(s) [ ] and using default domain
name [ openvpn ]
2012-09-14 02:51:25 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such
key' warnings are normal and may be ignored
2012-09-14 02:51:25 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and
WINS configurations for later use
2012-09-14 02:51:25 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor
system configuration with process-network-changes
2012-09-14 02:51:30 *Tunnelblick process-network-changes: ServerAddresses
changed from
*
* to (pre-VPN)
* <array> {
* 0 : 8.8.8.8
* 1 : 8.8.4.4
* }
2012-09-14 02:51:30 *Tunnelblick process-network-changes: SearchDomains changed
from
*
* to
* <array> {
* 0 : openvpn
* }
* pre-VPN was
*
2012-09-14 02:51:31 *Tunnelblick process-network-changes: SearchDomains
changed; sending USR1 to OpenVPN (process ID 346) to restart the connection.
2012-09-14 02:51:32 event_wait : Interrupted system call (code=4)
2012-09-14 02:51:32
/Users/Tumata/Desktop/Tunnelblick.app/Contents/Resources/client.down.tunnelblick
.sh -m -w -d -atDASNGWrdasngw tun0 1500 1542 10.10.0.34 10.10.0.33 restart
2012-09-14 02:51:32 SIGUSR1[hard,] received, process restarting
2012-09-14 02:51:32 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2012-09-14 02:51:32 Re-using SSL/TLS context
2012-09-14 02:51:32 LZO compression initialized
2012-09-14 02:51:32 *Tunnelblick client.down.tunnelblick.sh: Cancelled
monitoring of system configuration changes
2012-09-14 02:51:32 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS
and WINS configurations
Original comment by philippe...@gmail.com
on 14 Sep 2012 at 12:54
@philippe - Please try Tunnelblick 3.3beta24.
Tunnelblick 3.2.8 is not recommended for OS X 10.8 ("Mountain Lion").
Please also see http://code.google.com/p/tunnelblick/wiki/cMountainLionDnsIssue
Original comment by jkbull...@gmail.com
on 14 Sep 2012 at 6:30
It works for me:
Mac OS X ( 10.8.2 )
Tunnelblick 3.2.8 (build 2891.3099) - OpenVPN 2.2.1
Original comment by janux....@gmail.com
on 14 Oct 2012 at 4:02
janux.gdl - Tunnelblick 3.2.8 on OS X 10.8 works for some configurations, but
not for most. That's why it is recommended for OS X 8.
Original comment by jkbull...@gmail.com
on 14 Oct 2012 at 5:04
Oops! Make that "That's why 3.2.8 is NOT recommended for OS 10.8. Use the
latest beta version of Tunnelblick instead.
Original comment by jkbull...@gmail.com
on 25 Oct 2012 at 12:57
had the symptoms where it would keep reconnecting. fixed it. I am running OS
mountain Lion 10.8.2 Got my tunnelblick from
http://code.google.com/p/tunnelblick/downloads/detail?name=Tunnelblick_3.3beta28
.zip&can=2&q= Version is Tunnelblick_3.3beta28.zip Give that a try
Original comment by allegJDM@gmail.com
on 23 Nov 2012 at 1:07
Attachments:
allegJDM@gmail.com thks a lot :D
Original comment by Fidel.Aq...@gmail.com
on 19 Dec 2012 at 11:07
Original comment by jkbull...@gmail.com
on 5 Jan 2013 at 10:39
Just a footnote - with beta32 on ML I was having the weird DNS issues many
others described in this thread. I solved it by manually configuring my
ethernet address and my DNS servers (I used just the Google ones at 8.8.4.4 and
8.8.8.8). Before doing this, I was using DHCP and my router was giving me one
of my ISP's DNS servers in addition to the Google ones. Apparently the
presence of that entry was enough to paralyze all DNS lookups.
Bizarre, even if the ISP's server was no longer reachable after the tunnel came
up, the system resolver should have kept working with the other two servers.
Anyway, seems to be working OK now, YMMV.
Original comment by tom...@gmail.com
on 11 Jan 2013 at 4:49
I've had the same issue. After update to 3.3beta21b (build 3114.3185) the issue
is gone. This version works like a charm.
Original comment by roman.pi...@gmail.com
on 22 Jan 2013 at 5:05
Hello,
I am having problem with Tunnelblick 3.3beta21b (build 3114.3185) Unsigned
(Deployed) - OpenVPN 2.2.1
I am using Mac OSX 10.8.2.
Original comment by satp...@gmail.com
on 4 Feb 2013 at 7:33
The problem is as soon as Tunnelblick connects to iVPN it disconnects and
Tunnelblick hangs, I have to kill process then start it. It worked once but not
after that.
Original comment by satp...@gmail.com
on 4 Feb 2013 at 7:35
Attaching log file.
Original comment by satp...@gmail.com
on 4 Feb 2013 at 8:39
Attachments:
same issue with BT guard... any fixes?
2013-02-23 21:39:20 MANAGEMENT: >STATE:1361655560,ADD_ROUTES,,,
2013-02-23 21:39:20 WARNING: potential route subnet conflict between local LAN
[10.10.0.0/255.255.255.0] and remote VPN [10.10.0.1/255.255.255.255]
2013-02-23 21:39:20 /sbin/route add -net 10.10.0.1 10.10.0.41 255.255.255.255
add net 10.10.0.1: gateway 10.10.0.41
2013-02-23 21:39:20 Initialization Sequence Completed
2013-02-23 21:39:20 MANAGEMENT:
>STATE:1361655560,CONNECTED,SUCCESS,10.10.0.42,95.211.188.54
2013-02-23 21:39:20 *Tunnelblick client.up.tunnelblick.sh: Retrieved name
server(s) [ 8.8.8.8 ] and WINS server(s) [ ] and using default domain name [
openvpn ]
2013-02-23 21:39:20 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such
key' warnings are normal and may be ignored
2013-02-23 21:39:20 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and
WINS configurations for later use
2013-02-23 21:39:20 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor
system configuration with process-network-changes
2013-02-23 21:39:26 *Tunnelblick process-network-changes: SearchDomains changed
from
*
* to
* <array> {
* 0 : openvpn
* }
* pre-VPN was
*
2013-02-23 21:39:26 *Tunnelblick process-network-changes: SearchDomains
changed; sending USR1 to OpenVPN (process ID 59179) to restart the connection.
2013-02-23 21:39:27 event_wait : Interrupted system call (code=4)
2013-02-23 21:39:27 TCP/UDP: Closing socket
2013-02-23 21:39:27
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m
-w -d -atDASNGWrdasng
Original comment by julian.w...@gmail.com
on 23 Feb 2013 at 9:42
@satpalr:
If you are having a problem with Tunnelblick, please include the following with
your question.
the entire contents of the Tunnelblick log; and
the contents of your configuration file
Be sure to X out any sensitive information such as server IP addresses.
To get the Tunnelblick log on the Clipboard so you can paste it into an email:
Click the Tunnelblick icon
Click "VPN Details…"
Select the "Configurations" panel if it is not already selected
Select the configuration whose file you want to look at in the list on the left
Select the "Log" tab if it is not already selected
Click "Copy Log to Clipboard"
To put the contents of your configuration file on the Clipboard so you can
paste it into an email, open it in TextEdit as follows:
Click the Tunnelblick icon
Click "VPN Details…"
Select the "Configurations" panel if it is not already selected
Select the configuration whose file you want to look at in the list on the left
Click the little "gear" icon at the bottom of the list on the left
Select "Edit OpenVPN Configuration File…" (or possibly "Examine OpenVPN
Configuration File…").
In TextEdit you can Edit : Select All and then Edit : Copy to get the contents
of the configuration file put into the clipboard.
Original comment by jkbull...@gmail.com
on 23 Feb 2013 at 11:28
[deleted comment]
Thought this might help:
I have two openvpn servers, (1) running on archlinux arm and (2) on ubuntu. I
have this issue *only* with the ubuntu server.
The client: macosx 10.8.3 with 'Tunnelblick 3.2.8 (build 2891.3099) - OpenVPN
2.2.1'
(1)
Linux 3.6.11-9-ARCH+ #1 PREEMPT Sat Mar 30 02:38:20 UTC 2013 armv6l GNU/Linux
OpenVPN 2.3.0 armv6l-unknown-linux-gnueabi [SSL (OpenSSL)] [LZO] [EPOLL]
[eurephia] [MH] [IPv6] built on Feb 13 2013
(2)
Linux Ubuntu SMP Fri Aug 24 17:34:24 UTC 2012 i686 i686 i386 GNU/Linux
OpenVPN 2.2.1 i686-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH]
[PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Feb 27 2013
Original comment by m...@neuroit.net
on 1 Apr 2013 at 9:49
Hi! I unchecked flushing the DNS cache and it stopped my constant disconnect
reconnect cycle which happened right after I installed and set it up. I hope
that helps.
Original comment by Mouseym...@gmail.com
on 18 Apr 2013 at 11:03
Mouseymice -- What version of Tunnelblick and what version of OS X were you
using?
Flushing the DNS cache should not cause repeated connection/disconnection. In
some versions of Tunnelblick on Mountain Lion if you also have "Hands Off"
running, peculiar things happen, which could conceivably cause this, but if
that's not your situation, it would be interesting to find out exactly what was
happening.
Original comment by jkbull...@gmail.com
on 19 Apr 2013 at 1:12
I can only avoid the connect /disconnect cycle if in the right column of the
advanced tab on search domain I choose ignore. Im on mountain lion. What are
the implication of maintaining this setup?
Original comment by maeis...@gmail.com
on 5 Jun 2013 at 11:21
I'm having or had a problem where Tunnelblick manages to connect but loses
connection a few seconds after that because of some kind of "Cannot resolve
host address" problem.
Changing the configuration option "Set DNS/WINS" to "Set nameserver (3.1)"
seems to have fixed this issue, but I have no idea what are the implications of
using this setting.
Original comment by raine.vi...@gmail.com
on 6 Jun 2013 at 11:19
Hi to all! can someone check this log from my tunnelblick log. I always
encountered disconnection let say every 5 mins. and though it is sometimes
connected, when i try connecting to my server, it wont open fast the sites and
page under my server. Im using Mac OS 10.7.5 and same problem with MAC OS
10.8.5. Thanks in advances!
2013-09-18 17:32:45 *Tunnelblick: OS X 10.7.5; Tunnelblick 3.3.0 (build 3518)
2013-09-18 17:32:45 *Tunnelblick: Attempting connection with JEDVPN; Set
nameserver = 3; monitoring connection
2013-09-18 17:32:45 *Tunnelblick: openvpnstart start JEDVPN.tblk 1337 3 0 3 0
305 -atADGNWradsgnw
2013-09-18 17:32:46 *Tunnelblick: openvpnstart log:
Loading tun.kext
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn
--cd
/Library/Application Support/Tunnelblick/Shared/JEDVPN.tblk/Contents/Resources
--daemon
--management
127.0.0.1
1337
--config
/Library/Application Support/Tunnelblick/Shared/JEDVPN.tblk/Contents/Resources/config.ovpn
--log
/Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-SJEDVPN.tblk-SContents-SResources-Sconfig.ovpn.3_0_3_0_305.1337.openvpn.log
--management-query-passwords
--management-hold
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -f -atADGNWradsgnw
--plugin
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn-down-root.so
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -f -atADGNWradsgnw
--up-restart
2013-09-18 17:32:45 *Tunnelblick: openvpnstart starting OpenVPN:
* /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn --cd /Library/Application Support/Tunnelblick/Shared/JEDVPN.tblk/Contents/Resources --daemon --management 127.0.0.1 1337 --config /Library/Application Support/Tunnelblick/Shared/JEDVPN.tblk/Contents/Resources/config.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-SJEDVPN.tblk-SContents-SResources-Sconfig.ovpn.3_0_3_0_305.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -f -atADGNWradsgnw --plugin /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn-down-root.so /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -f -atADGNWradsgnw --up-restart
2013-09-18 17:32:46 *Tunnelblick: Established communication with OpenVPN
2013-09-18 17:32:46 OpenVPN 2.2.1 i386-apple-darwin10.8.0 [SSL] [LZO2] [PKCS11]
[eurephia] built on Jul 22 2013
2013-09-18 17:32:46 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2013-09-18 17:32:46 Need hold release from management interface, waiting...
2013-09-18 17:32:46 MANAGEMENT: Client connected from 127.0.0.1:1337
2013-09-18 17:32:46 MANAGEMENT: CMD 'pid'
2013-09-18 17:32:46 MANAGEMENT: CMD 'state on'
2013-09-18 17:32:46 MANAGEMENT: CMD 'state'
2013-09-18 17:32:46 MANAGEMENT: CMD 'bytecount 1'
2013-09-18 17:32:46 MANAGEMENT: CMD 'hold release'
2013-09-18 17:32:46 WARNING: you are using user/group/chroot/setcon without
persist-tun -- this may cause restarts to fail
2013-09-18 17:32:46 WARNING: you are using user/group/chroot/setcon without
persist-key -- this may cause restarts to fail
2013-09-18 17:32:46 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2013-09-18 17:32:46 PLUGIN_INIT: POST
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn-d
own-root.so
'[/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn
-down-root.so]
[/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh]
[-m] [-w] [-d] [-f] [-atADGNWradsgnw]' intercepted=PLUGIN_UP|PLUGIN_DOWN
2013-09-18 17:32:46 Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2013-09-18 17:32:46 Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC
authentication
2013-09-18 17:32:46 Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2013-09-18 17:32:46 Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC
authentication
2013-09-18 17:32:46 Socket Buffers: R=[42080->65536] S=[9216->65536]
2013-09-18 17:32:46 MANAGEMENT: >STATE:1379496766,RESOLVE,,,
2013-09-18 17:32:46 ROUTE default_gateway=192.168.2.1
2013-09-18 17:32:46 TUN/TAP device /dev/tun4 opened
2013-09-18 17:32:46 MANAGEMENT: >STATE:1379496766,ASSIGN_IP,,10.8.2.53,
2013-09-18 17:32:46 /sbin/ifconfig tun4 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2013-09-18 17:32:46 NOTE: Tried to delete pre-existing tun/tap instance -- No
Problem if failure
2013-09-18 17:32:46 /sbin/ifconfig tun4 10.8.2.53 10.8.2.54 mtu 1500 netmask
255.255.255.255 up
2013-09-18 17:32:46 PLUGIN_CALL: POST
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn-d
own-root.so/PLUGIN_UP status=0
2013-09-18 17:32:46
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w
-d -f -atADGNWradsgnw tun4 1500 1544 10.8.2.53 10.8.2.54 init
2013-09-18 17:32:48 *Tunnelblick client.up.tunnelblick.sh: No network
configuration changes need to be made.
2013-09-18 17:32:48 *Tunnelblick client.up.tunnelblick.sh: Will NOT monitor for
other network configuration changes.
2013-09-18 17:32:48 MANAGEMENT: >STATE:1379496768,ADD_ROUTES,,,
2013-09-18 17:32:48 /sbin/route add -net 10.1.11.0 10.8.2.54 255.255.255.0
add net 10.1.11.0: gateway 10.8.2.54
2013-09-18 17:32:48 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:4 ET:0 EL:0
]
2013-09-18 17:32:48 Local Options hash (VER=V4): '90ab3bc2'
2013-09-18 17:32:48 Expected Remote Options hash (VER=V4): 'dfc6ff8c'
2013-09-18 17:32:48 GID set to nobody
2013-09-18 17:32:48 UID set to nobody
2013-09-18 17:32:48 UDPv4 link local (bound): [undef]:6506
2013-09-18 17:32:48 UDPv4 link remote: 202.164.174.214:6506
2013-09-18 17:32:51 Peer Connection Initiated with 202.164.174.214:6506
2013-09-18 17:32:52 Initialization Sequence Completed
2013-09-18 17:32:52 MANAGEMENT:
>STATE:1379496772,CONNECTED,SUCCESS,10.8.2.53,202.164.174.214
2013-09-18 17:32:52 *Tunnelblick: No 'connected.sh' script to execute
2013-09-18 17:38:02 Inactivity timeout (--ping-restart), restarting
2013-09-18 17:38:02 TCP/UDP: Closing socket
2013-09-18 17:38:02 /sbin/route delete -net 10.1.11.0 10.8.2.54 255.255.255.0
route: must be root to alter routing table
2013-09-18 17:38:02 ERROR: OS X route delete command failed: external program
exited with error status: 77
2013-09-18 17:38:02 Closing TUN/TAP interface
2013-09-18 17:38:03 PLUGIN_CALL: POST
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn-d
own-root.so/PLUGIN_DOWN status=0
2013-09-18 17:38:03 SIGUSR1[soft,ping-restart] received, process restarting
2013-09-18 17:38:03 MANAGEMENT: >STATE:1379497083,RECONNECTING,ping-restart,,
2013-09-18 17:38:04 *Tunnelblick: No 'reconnecting.sh' script to execute
2013-09-18 17:38:04 MANAGEMENT: CMD 'hold release'
2013-09-18 17:38:04 WARNING: you are using user/group/chroot/setcon without
persist-tun -- this may cause restarts to fail
2013-09-18 17:38:04 WARNING: you are using user/group/chroot/setcon without
persist-key -- this may cause restarts to fail
2013-09-18 17:38:04 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2013-09-18 17:38:04 MANAGEMENT: Client disconnected
2013-09-18 17:38:04 Cannot open file key file 'jed-jplaza.key': Permission
denied (errno=13)
2013-09-18 17:38:04 Exiting
2013-09-18 17:38:04 *Tunnelblick: No 'post-disconnect.sh' script to execute
Original comment by greggsan...@gmail.com
on 18 Sep 2013 at 9:42
Original issue reported on code.google.com by
jkbull...@gmail.com
on 26 Mar 2012 at 2:33