Re: NewB Having Tunnelblick Configuration/Appearance Problem
445 views
Skip to first unread message
jkbull...gmail.com
Aug 6, 2012, 11:02:22 PM8/6/12
to tunnelbli...@googlegroups.com
This depends on your configuration. Tunnelblick doesn't do anything about it; it relies on OpenVPN to deal with it. You can include options in the configuration file that cause the client (your computer) to "ping" the server periodically. If the server doesn't answer within some time limit, the client assumes that the connection has been lost and tries to reconnect. Take a look at OpenVPN's "--keepalive" option.
On Monday, August 6, 2012 9:53:05 PM UTC-4, simbafish wrote:
On Monday, August 6, 2012 9:53:05 PM UTC-4, simbafish wrote:
Just installed Tunnelblick. I can successfully connect to my VPN server, verified by questioning, "What is my IP?". Also, looking at the Tunnelblick log, two comforting phrases pop out: 1) "OpenVPN started successfully" 2). "This computer's apparent public IP address changed from 71.203.XX.XXX before connection to 95.211.XXX.XX after connection"
But what is wrong with my Tunnelblick configuration? To test the system, I physically disconnect the cable connecting the modem to Internet. To my surprise, Tunnelblick menu still says it is connected and the menubar tunnel icon remains "open tunnel". Why is it still showing "connected", even though I have lost Internet connection (verified)? I expected that when I separated from the server, Tunnelblick would show it was disconnect and there would be an alert; then after reconnecting the cable, I would see OpenVPN reconnecting automatically. I do not see nor hear any alert when disconnecting, although Configuration Window shows alert sound selected when "unexpected disconnection" occur? The tunnel menu icon never changes status to "closed" (i.e. black). I have Set DNS/WINS: to "Set nameserver" and "Monitor network settings" checked. What is wrong? Confused. I am using Tunnelblick 3.2.6. My Mac is running OS 10.6.8.
Stuart Keen
Aug 8, 2012, 10:32:31 AM8/8/12
to tunnelbli...@googlegroups.com
Yesterday, running Tunnelblick version 3.3beta18 on my iMac (OS 10.6.8), I tested the Disconnect feature of Tunnelblick. I Turned Airport OFF. I received an audio Alert and soon (did not measure time) OpenVPN DISCONNECTED. I then turned Airport ON again, and OpenVPN reconnected successfully. That, I assume, is the way it is suppose to operate.
But I tried to repeat this, and had absolutely no success. I would get an alert sound but OpenVPN would never disconnect, it just sat there "waiting . . .". . Then I was given the window notice, "OpenVPN Not Responding, OpenVPNis not responding to disconnect requests. There is a known bug in OpenVPN version 2.1 that sometimes causes a delay of one or two minutes before it responds to such requests. " I waited long after the couple of minutes, but Tunnelblick just sat there "waiting…" ad infinitum.
Since Tunnelblick Beta version might not be stable, I downloaded Tunnelblick 3.2.7 (build 2891.3087). I just replaced the app. Should I have removed everything related to the beta version?. Anyway, ran the test again with the same results. OpenVPN will not disconnect but just sits there waiting. The Tunnelblick app 3.2.7 (build 2891.3087) has two versions of OpenVPN in it, ver 2.1.4 and 2.2.1. Should I remove the 2.2.1 and will this force Tunnelblick to use 2.1.4?
The scenario for what I did (with log below), using the Mac menu clock for approx timing, was:
8:07:00 Turned Airport OFF, so break in connection. OpenVPN should start pinging.
8:07:04 First audio alert, OpenVPN/Tunnelblick “Waiting . . .”
8:08:07 Second alert, OpenVPN/Tunnelblick “Waiting . . .”
8:09:08 Third alert, OpenVPN/Tunnelblick “Waiting . . .”
8:10:10 Fourth alert, OpenVPN/Tunnelblick “Waiting . . .”
8:11:12 Fifth alert, OpenVPN/Tunnelblick “Waiting . . .”
8:11:30 Turned Airport ON
8:11:49 Tunnelblick authorized and said Connected. But it was not! Firefox browser could not connect. I had to Disconnect OpenVPN and then reconnect again. Then connection was OK. Why?
How do I get OpenVPN to DISCONNECT when it pings and receives to reply? If I understand the Configuration (provided below), if no return ping is received in 30 seconds, then OpenVPN should disconnect. The bug notice said a "one or two minute" delay, but mine NEVER disconnects.
Hopefully there is a solution. Glad to provide any other information needed.
Thanks for your help.
LOG
------------------------------------------------------------------------------------------------------------
2012-08-08 08:06:31 *Tunnelblick: OS X 10.6.8; Tunnelblick 3.2.7 (build 2891.3088)
2012-08-08 08:06:33 *Tunnelblick: Attempting connection with CactusVPN-NL-Amsterdam; Set nameserver = 1; monitoring connection
2012-08-08 08:06:33 *Tunnelblick: /Applications/Tunnelblick.app/Contents/Resources/openvpnstart start CactusVPN-NL-Amsterdam.ovpn 1337 1 0 0 0 114 -atDASNGWrdasngw
2012-08-08 08:06:34 *Tunnelblick: openvpnstart: /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn --cd /Users/simbafish/Library/Application Support/Tunnelblick/Configurations --daemon --management 127.0.0.1 1337 --config /Users/simbafish/Library/Application Support/Tunnelblick/Configurations/CactusVPN-NL-Amsterdam.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Ssimbafish-SLibrary-SApplication Support-STunnelblick-SConfigurations-SCactusVPN--NL--Amsterdam.ovpn.1_0_0_0_114.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw --down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw --up-restart
2012-08-08 08:06:35 *Tunnelblick: openvpnstart message: Loading tap.kext
2012-08-08 08:06:35 *Tunnelblick: Established communication with OpenVPN
2012-08-08 08:06:35 *Tunnelblick: Obtained VPN username and password from the Keychain
2012-08-08 08:06:35 OpenVPN 2.2.1 i386-apple-darwin10.8.0 [SSL] [LZO2] [PKCS11] [eurephia] built on Aug 5 2012
2012-08-08 08:06:35 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2012-08-08 08:06:35 Need hold release from management interface, waiting...
2012-08-08 08:06:35 MANAGEMENT: Client connected from 127.0.0.1:1337
2012-08-08 08:06:35 MANAGEMENT: CMD 'pid'
2012-08-08 08:06:35 MANAGEMENT: CMD 'state on'
2012-08-08 08:06:35 MANAGEMENT: CMD 'state'
2012-08-08 08:06:35 MANAGEMENT: CMD 'hold release'
2012-08-08 08:06:35 MANAGEMENT: CMD 'username "Auth" "vrdvocxb"'
2012-08-08 08:06:35 MANAGEMENT: CMD 'password [...]'
2012-08-08 08:06:35 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 08:06:35 WARNING: file 'cactuspremium.key' is group or others accessible
2012-08-08 08:06:35 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
2012-08-08 08:06:35 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 08:06:35 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
2012-08-08 08:06:35 Local Options hash (VER=V4): '2c50bd2c'
2012-08-08 08:06:35 Expected Remote Options hash (VER=V4): '0ddbb6e3'
2012-08-08 08:06:35 UDPv4 link local: [undef]
2012-08-08 08:06:35 UDPv4 link remote: 95.211.XXX.XX:443
2012-08-08 08:06:35 MANAGEMENT: >STATE:1344427595,WAIT,,,
2012-08-08 08:06:35 MANAGEMENT: >STATE:1344427595,AUTH,,,
2012-08-08 08:06:35 TLS: Initial packet from 95.211.XXX.XX:443, sid=ce4c6ad7 d32304f5
2012-08-08 08:06:35 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2012-08-08 08:06:36 VERIFY OK: depth=1, /C=RO/ST=VS/L=Vaslui/O=CactusVPN/CN=CactusVPN_CA/emailAddress=ser...@cactusvpn.com
2012-08-08 08:06:36 VERIFY OK: nsCertType=SERVER
2012-08-08 08:06:36 VERIFY OK: depth=0, /C=RO/ST=VS/L=Vaslui/O=CactusVPN/CN=server/emailAddress=ser...@cactusvpn.com
2012-08-08 08:06:37 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 08:06:37 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 08:06:37 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 08:06:37 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 08:06:37 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2012-08-08 08:06:37 [server] Peer Connection Initiated with 95.211.XXX.XX:443
2012-08-08 08:06:38 MANAGEMENT: >STATE:1344427598,GET_CONFIG,,,
2012-08-08 08:06:39 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-08-08 08:06:39 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway def1,route-gateway 10.11.0.1,ping 10,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.11.16.33 255.255.0.0'
2012-08-08 08:06:39 OPTIONS IMPORT: timers and/or timeouts modified
2012-08-08 08:06:39 OPTIONS IMPORT: --socket-flags option modified
2012-08-08 08:06:39 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 08:06:39 OPTIONS IMPORT: --ifconfig/up options modified
2012-08-08 08:06:39 OPTIONS IMPORT: route options modified
2012-08-08 08:06:39 OPTIONS IMPORT: route-related options modified
2012-08-08 08:06:39 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2012-08-08 08:06:39 ROUTE default_gateway=10.0.1.1
2012-08-08 08:06:39 TUN/TAP device /dev/tap0 opened
2012-08-08 08:06:39 MANAGEMENT: >STATE:1344427599,ASSIGN_IP,,10.11.16.33,
2012-08-08 08:06:39 /sbin/ifconfig tap0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2012-08-08 08:06:39 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2012-08-08 08:06:39 /sbin/ifconfig tap0 10.11.16.33 netmask 255.255.0.0 mtu 1500 up
2012-08-08 08:06:39 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw tap0 1500 1573 10.11.16.33 255.255.0.0 init
No such key
2012-08-08 08:06:42 /sbin/route add -net 95.211.XXX.XX 10.0.1.1 255.255.255.255
add net 95.211.XXX.XX: gateway 10.0.1.1
2012-08-08 08:06:42 /sbin/route add -net 0.0.0.0 10.11.0.1 128.0.0.0
add net 0.0.0.0: gateway 10.11.0.1
2012-08-08 08:06:42 /sbin/route add -net 128.0.0.0 10.11.0.1 128.0.0.0
add net 128.0.0.0: gateway 10.11.0.1
2012-08-08 08:06:42 Initialization Sequence Completed
2012-08-08 08:06:42 MANAGEMENT: >STATE:1344427602,CONNECTED,SUCCESS,10.11.16.33,95.211.XXX.XX
2012-08-08 08:06:42 *Tunnelblick client.up.tunnelblick.sh: Retrieved name server(s) [ 8.8.8.8 8.8.4.4 ] and WINS server(s) [ ] and using default domain name [ openvpn ]
2012-08-08 08:06:42 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such key' warnings are normal and may be ignored
2012-08-08 08:06:42 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and WINS configurations for later use
2012-08-08 08:06:42 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor system configuration with process-network-changes
2012-08-08 08:06:43 *Tunnelblick: Flushed the DNS cache
2012-08-08 08:06:49 *Tunnelblick process-network-changes: A system configuration change was ignored because it was not relevant
2012-08-08 08:07:01 write UDPv4: No route to host (code=65)
2012-08-08 08:07:02 write UDPv4: No route to host (code=65)
2012-08-08 08:07:02 write UDPv4: No route to host (code=65)
2012-08-08 08:07:02 write UDPv4: No route to host (code=65)
2012-08-08 08:07:02 write UDPv4: No route to host (code=65)
2012-08-08 08:07:02 *Tunnelblick process-network-changes: ServerAddresses changed from
* <array> {
* 0 : 8.8.8.8
* 1 : 8.8.4.4
* }
* to
*
* pre-VPN was
* <array> {
* 0 : 10.0.1.1
* }
2012-08-08 08:07:02 *Tunnelblick process-network-changes: SearchDomains changed from
* <array> {
* 0 : openvpn
* }
* to (pre-VPN)
*
2012-08-08 08:07:02 *Tunnelblick process-network-changes: DomainName changed from
* openvpn
* to
*
* pre-VPN was
* hsd1.fl.comcast.net.
2012-08-08 08:07:02 *Tunnelblick process-network-changes: DomainName changed; sending USR1 to OpenVPN (process ID 3406) to restart the connection.
2012-08-08 08:07:03 write UDPv4: No route to host (code=65)
2012-08-08 08:07:03 write UDPv4: No route to host (code=65)
2012-08-08 08:07:03 write UDPv4: No route to host (code=65)
2012-08-08 08:07:03 event_wait : Interrupted system call (code=4)
2012-08-08 08:07:03 TCP/UDP: Closing socket
2012-08-08 08:07:03 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 08:07:04 SIGUSR1[hard,] received, process restarting
2012-08-08 08:07:04 MANAGEMENT: >STATE:1344427624,RECONNECTING,SIGUSR1,,
2012-08-08 08:07:04 MANAGEMENT: CMD 'hold release'
2012-08-08 08:07:04 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 08:07:04 Re-using SSL/TLS context
2012-08-08 08:07:04 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
2012-08-08 08:07:04 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 08:07:04 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
2012-08-08 08:07:04 Local Options hash (VER=V4): '2c50bd2c'
2012-08-08 08:07:04 Expected Remote Options hash (VER=V4): '0ddbb6e3'
2012-08-08 08:07:04 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 08:07:04 UDPv4 link local: [undef]
2012-08-08 08:07:04 UDPv4 link remote: 95.211.XXX.XX:443
2012-08-08 08:07:04 MANAGEMENT: >STATE:1344427624,WAIT,,,
2012-08-08 08:07:04 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:07:04 *Tunnelblick client.down.tunnelblick.sh: Cancelled monitoring of system configuration changes
2012-08-08 08:07:04 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS and WINS configurations
2012-08-08 08:07:06 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:07:10 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:07:18 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:07:34 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:08:04 [UNDEF] Inactivity timeout (--ping-restart), restarting
2012-08-08 08:08:04 TCP/UDP: Closing socket
2012-08-08 08:08:04 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 08:08:06 *Tunnelblick client.down.tunnelblick.sh: WARNING: No existing OpenVPN DNS configuration found; not tearing down anything; exiting.
2012-08-08 08:08:06 SIGUSR1[soft,ping-restart] received, process restarting
2012-08-08 08:08:06 MANAGEMENT: >STATE:1344427686,RECONNECTING,ping-restart,,
2012-08-08 08:08:06 MANAGEMENT: CMD 'hold release'
2012-08-08 08:08:06 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 08:08:06 Re-using SSL/TLS context
2012-08-08 08:08:06 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
2012-08-08 08:08:06 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 08:08:06 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
2012-08-08 08:08:06 Local Options hash (VER=V4): '2c50bd2c'
2012-08-08 08:08:06 Expected Remote Options hash (VER=V4): '0ddbb6e3'
2012-08-08 08:08:06 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 08:08:06 UDPv4 link local: [undef]
2012-08-08 08:08:06 UDPv4 link remote: 95.211.XXX.XX:443
2012-08-08 08:08:06 MANAGEMENT: >STATE:1344427686,WAIT,,,
2012-08-08 08:08:06 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:08:08 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:08:12 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:08:20 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:08:36 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:09:06 [UNDEF] Inactivity timeout (--ping-restart), restarting
2012-08-08 08:09:06 TCP/UDP: Closing socket
2012-08-08 08:09:06 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 08:09:08 *Tunnelblick client.down.tunnelblick.sh: WARNING: No existing OpenVPN DNS configuration found; not tearing down anything; exiting.
2012-08-08 08:09:08 SIGUSR1[soft,ping-restart] received, process restarting
2012-08-08 08:09:08 MANAGEMENT: >STATE:1344427748,RECONNECTING,ping-restart,,
2012-08-08 08:09:08 MANAGEMENT: CMD 'hold release'
2012-08-08 08:09:08 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 08:09:08 Re-using SSL/TLS context
2012-08-08 08:09:08 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
2012-08-08 08:09:08 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 08:09:08 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
2012-08-08 08:09:08 Local Options hash (VER=V4): '2c50bd2c'
2012-08-08 08:09:08 Expected Remote Options hash (VER=V4): '0ddbb6e3'
2012-08-08 08:09:08 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 08:09:08 UDPv4 link local: [undef]
2012-08-08 08:09:08 UDPv4 link remote: 95.211.XXX.XX:443
2012-08-08 08:09:08 MANAGEMENT: >STATE:1344427748,WAIT,,,
2012-08-08 08:09:08 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:09:10 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:09:14 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:09:22 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:09:38 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:10:08 [UNDEF] Inactivity timeout (--ping-restart), restarting
2012-08-08 08:10:08 TCP/UDP: Closing socket
2012-08-08 08:10:08 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 08:10:10 *Tunnelblick client.down.tunnelblick.sh: WARNING: No existing OpenVPN DNS configuration found; not tearing down anything; exiting.
2012-08-08 08:10:10 SIGUSR1[soft,ping-restart] received, process restarting
2012-08-08 08:10:10 MANAGEMENT: >STATE:1344427810,RECONNECTING,ping-restart,,
2012-08-08 08:10:10 MANAGEMENT: CMD 'hold release'
2012-08-08 08:10:10 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 08:10:10 Re-using SSL/TLS context
2012-08-08 08:10:10 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
2012-08-08 08:10:10 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 08:10:10 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
2012-08-08 08:10:10 Local Options hash (VER=V4): '2c50bd2c'
2012-08-08 08:10:10 Expected Remote Options hash (VER=V4): '0ddbb6e3'
2012-08-08 08:10:10 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 08:10:10 UDPv4 link local: [undef]
2012-08-08 08:10:10 UDPv4 link remote: 95.211.XXX.XX:443
2012-08-08 08:10:10 MANAGEMENT: >STATE:1344427810,WAIT,,,
2012-08-08 08:10:10 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:10:12 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:10:16 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:10:24 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:10:40 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:11:10 [UNDEF] Inactivity timeout (--ping-restart), restarting
2012-08-08 08:11:10 TCP/UDP: Closing socket
2012-08-08 08:11:10 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 08:11:12 *Tunnelblick client.down.tunnelblick.sh: WARNING: No existing OpenVPN DNS configuration found; not tearing down anything; exiting.
2012-08-08 08:11:12 SIGUSR1[soft,ping-restart] received, process restarting
2012-08-08 08:11:12 MANAGEMENT: >STATE:1344427872,RECONNECTING,ping-restart,,
2012-08-08 08:11:12 MANAGEMENT: CMD 'hold release'
2012-08-08 08:11:12 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 08:11:12 Re-using SSL/TLS context
2012-08-08 08:11:12 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
2012-08-08 08:11:12 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 08:11:12 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
2012-08-08 08:11:12 Local Options hash (VER=V4): '2c50bd2c'
2012-08-08 08:11:12 Expected Remote Options hash (VER=V4): '0ddbb6e3'
2012-08-08 08:11:12 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 08:11:12 UDPv4 link local: [undef]
2012-08-08 08:11:12 UDPv4 link remote: 95.211.XXX.XX:443
2012-08-08 08:11:12 MANAGEMENT: >STATE:1344427872,WAIT,,,
2012-08-08 08:11:12 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:11:14 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:11:18 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:11:26 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:11:42 MANAGEMENT: >STATE:1344427902,AUTH,,,
2012-08-08 08:11:42 TLS: Initial packet from 95.211.XXX.XX:443, sid=82e2a189 1080d5c2
2012-08-08 08:11:42 VERIFY OK: depth=1, /C=RO/ST=VS/L=Vaslui/O=CactusVPN/CN=CactusVPN_CA/emailAddress=ser...@cactusvpn.com
2012-08-08 08:11:42 VERIFY OK: nsCertType=SERVER
2012-08-08 08:11:42 VERIFY OK: depth=0, /C=RO/ST=VS/L=Vaslui/O=CactusVPN/CN=server/emailAddress=ser...@cactusvpn.com
2012-08-08 08:11:43 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 08:11:43 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 08:11:43 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 08:11:43 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 08:11:43 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2012-08-08 08:11:43 [server] Peer Connection Initiated with 95.211.XXX.XX:443
2012-08-08 08:11:44 MANAGEMENT: >STATE:1344427904,GET_CONFIG,,,
2012-08-08 08:11:45 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-08-08 08:11:45 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway def1,route-gateway 10.11.0.1,ping 10,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.11.16.33 255.255.0.0'
2012-08-08 08:11:45 OPTIONS IMPORT: timers and/or timeouts modified
2012-08-08 08:11:45 OPTIONS IMPORT: --socket-flags option modified
2012-08-08 08:11:45 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 08:11:45 OPTIONS IMPORT: --ifconfig/up options modified
2012-08-08 08:11:45 OPTIONS IMPORT: route options modified
2012-08-08 08:11:45 OPTIONS IMPORT: route-related options modified
2012-08-08 08:11:45 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2012-08-08 08:11:45 Preserving previous TUN/TAP instance: tap0
2012-08-08 08:11:45 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 08:11:48 *Tunnelblick: Flushed the DNS cache
2012-08-08 08:11:48 Initialization Sequence Completed
2012-08-08 08:11:48 MANAGEMENT: >STATE:1344427908,CONNECTED,SUCCESS,10.11.16.33,95.211.XXX.XX
2012-08-08 08:11:51 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 0 seconds to wait for DHCP to finish setup.
2012-08-08 08:11:51 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 1 seconds to wait for DHCP to finish setup.
2012-08-08 08:11:52 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 2 seconds to wait for DHCP to finish setup.
2012-08-08 08:11:54 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 3 seconds to wait for DHCP to finish setup.
2012-08-08 08:11:57 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 4 seconds to wait for DHCP to finish setup.
------------------------------------------------------------------------------------------------------------
CONFIGURATION
------------------------------------------------------------------------------------------------------------
client
ping 5
ping-exit 30
dev tap
fast-io
proto udp
remote 95.211.XXX.XX 443
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ca ca.crt
cert cactuspremium.crt
key cactuspremium.key
reneg-sec 0
ns-cert-type server
auth-user-pass
verb 3
------------------------------------------------------------------------------------------------------------
But I tried to repeat this, and had absolutely no success. I would get an alert sound but OpenVPN would never disconnect, it just sat there "waiting . . .". . Then I was given the window notice, "OpenVPN Not Responding, OpenVPNis not responding to disconnect requests. There is a known bug in OpenVPN version 2.1 that sometimes causes a delay of one or two minutes before it responds to such requests. " I waited long after the couple of minutes, but Tunnelblick just sat there "waiting…" ad infinitum.
Since Tunnelblick Beta version might not be stable, I downloaded Tunnelblick 3.2.7 (build 2891.3087). I just replaced the app. Should I have removed everything related to the beta version?. Anyway, ran the test again with the same results. OpenVPN will not disconnect but just sits there waiting. The Tunnelblick app 3.2.7 (build 2891.3087) has two versions of OpenVPN in it, ver 2.1.4 and 2.2.1. Should I remove the 2.2.1 and will this force Tunnelblick to use 2.1.4?
The scenario for what I did (with log below), using the Mac menu clock for approx timing, was:
8:07:00 Turned Airport OFF, so break in connection. OpenVPN should start pinging.
8:07:04 First audio alert, OpenVPN/Tunnelblick “Waiting . . .”
8:08:07 Second alert, OpenVPN/Tunnelblick “Waiting . . .”
8:09:08 Third alert, OpenVPN/Tunnelblick “Waiting . . .”
8:10:10 Fourth alert, OpenVPN/Tunnelblick “Waiting . . .”
8:11:12 Fifth alert, OpenVPN/Tunnelblick “Waiting . . .”
8:11:30 Turned Airport ON
8:11:49 Tunnelblick authorized and said Connected. But it was not! Firefox browser could not connect. I had to Disconnect OpenVPN and then reconnect again. Then connection was OK. Why?
How do I get OpenVPN to DISCONNECT when it pings and receives to reply? If I understand the Configuration (provided below), if no return ping is received in 30 seconds, then OpenVPN should disconnect. The bug notice said a "one or two minute" delay, but mine NEVER disconnects.
Hopefully there is a solution. Glad to provide any other information needed.
Thanks for your help.
LOG
------------------------------------------------------------------------------------------------------------
2012-08-08 08:06:31 *Tunnelblick: OS X 10.6.8; Tunnelblick 3.2.7 (build 2891.3088)
2012-08-08 08:06:33 *Tunnelblick: Attempting connection with CactusVPN-NL-Amsterdam; Set nameserver = 1; monitoring connection
2012-08-08 08:06:33 *Tunnelblick: /Applications/Tunnelblick.app/Contents/Resources/openvpnstart start CactusVPN-NL-Amsterdam.ovpn 1337 1 0 0 0 114 -atDASNGWrdasngw
2012-08-08 08:06:34 *Tunnelblick: openvpnstart: /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn --cd /Users/simbafish/Library/Application Support/Tunnelblick/Configurations --daemon --management 127.0.0.1 1337 --config /Users/simbafish/Library/Application Support/Tunnelblick/Configurations/CactusVPN-NL-Amsterdam.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Ssimbafish-SLibrary-SApplication Support-STunnelblick-SConfigurations-SCactusVPN--NL--Amsterdam.ovpn.1_0_0_0_114.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw --down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw --up-restart
2012-08-08 08:06:35 *Tunnelblick: openvpnstart message: Loading tap.kext
2012-08-08 08:06:35 *Tunnelblick: Established communication with OpenVPN
2012-08-08 08:06:35 *Tunnelblick: Obtained VPN username and password from the Keychain
2012-08-08 08:06:35 OpenVPN 2.2.1 i386-apple-darwin10.8.0 [SSL] [LZO2] [PKCS11] [eurephia] built on Aug 5 2012
2012-08-08 08:06:35 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2012-08-08 08:06:35 Need hold release from management interface, waiting...
2012-08-08 08:06:35 MANAGEMENT: Client connected from 127.0.0.1:1337
2012-08-08 08:06:35 MANAGEMENT: CMD 'pid'
2012-08-08 08:06:35 MANAGEMENT: CMD 'state on'
2012-08-08 08:06:35 MANAGEMENT: CMD 'state'
2012-08-08 08:06:35 MANAGEMENT: CMD 'hold release'
2012-08-08 08:06:35 MANAGEMENT: CMD 'username "Auth" "vrdvocxb"'
2012-08-08 08:06:35 MANAGEMENT: CMD 'password [...]'
2012-08-08 08:06:35 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 08:06:35 WARNING: file 'cactuspremium.key' is group or others accessible
2012-08-08 08:06:35 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
2012-08-08 08:06:35 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 08:06:35 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
2012-08-08 08:06:35 Local Options hash (VER=V4): '2c50bd2c'
2012-08-08 08:06:35 Expected Remote Options hash (VER=V4): '0ddbb6e3'
2012-08-08 08:06:35 UDPv4 link local: [undef]
2012-08-08 08:06:35 UDPv4 link remote: 95.211.XXX.XX:443
2012-08-08 08:06:35 MANAGEMENT: >STATE:1344427595,WAIT,,,
2012-08-08 08:06:35 MANAGEMENT: >STATE:1344427595,AUTH,,,
2012-08-08 08:06:35 TLS: Initial packet from 95.211.XXX.XX:443, sid=ce4c6ad7 d32304f5
2012-08-08 08:06:35 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2012-08-08 08:06:36 VERIFY OK: depth=1, /C=RO/ST=VS/L=Vaslui/O=CactusVPN/CN=CactusVPN_CA/emailAddress=ser...@cactusvpn.com
2012-08-08 08:06:36 VERIFY OK: nsCertType=SERVER
2012-08-08 08:06:36 VERIFY OK: depth=0, /C=RO/ST=VS/L=Vaslui/O=CactusVPN/CN=server/emailAddress=ser...@cactusvpn.com
2012-08-08 08:06:37 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 08:06:37 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 08:06:37 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 08:06:37 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 08:06:37 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2012-08-08 08:06:37 [server] Peer Connection Initiated with 95.211.XXX.XX:443
2012-08-08 08:06:38 MANAGEMENT: >STATE:1344427598,GET_CONFIG,,,
2012-08-08 08:06:39 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-08-08 08:06:39 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway def1,route-gateway 10.11.0.1,ping 10,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.11.16.33 255.255.0.0'
2012-08-08 08:06:39 OPTIONS IMPORT: timers and/or timeouts modified
2012-08-08 08:06:39 OPTIONS IMPORT: --socket-flags option modified
2012-08-08 08:06:39 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 08:06:39 OPTIONS IMPORT: --ifconfig/up options modified
2012-08-08 08:06:39 OPTIONS IMPORT: route options modified
2012-08-08 08:06:39 OPTIONS IMPORT: route-related options modified
2012-08-08 08:06:39 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2012-08-08 08:06:39 ROUTE default_gateway=10.0.1.1
2012-08-08 08:06:39 TUN/TAP device /dev/tap0 opened
2012-08-08 08:06:39 MANAGEMENT: >STATE:1344427599,ASSIGN_IP,,10.11.16.33,
2012-08-08 08:06:39 /sbin/ifconfig tap0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2012-08-08 08:06:39 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2012-08-08 08:06:39 /sbin/ifconfig tap0 10.11.16.33 netmask 255.255.0.0 mtu 1500 up
2012-08-08 08:06:39 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw tap0 1500 1573 10.11.16.33 255.255.0.0 init
No such key
2012-08-08 08:06:42 /sbin/route add -net 95.211.XXX.XX 10.0.1.1 255.255.255.255
add net 95.211.XXX.XX: gateway 10.0.1.1
2012-08-08 08:06:42 /sbin/route add -net 0.0.0.0 10.11.0.1 128.0.0.0
add net 0.0.0.0: gateway 10.11.0.1
2012-08-08 08:06:42 /sbin/route add -net 128.0.0.0 10.11.0.1 128.0.0.0
add net 128.0.0.0: gateway 10.11.0.1
2012-08-08 08:06:42 Initialization Sequence Completed
2012-08-08 08:06:42 MANAGEMENT: >STATE:1344427602,CONNECTED,SUCCESS,10.11.16.33,95.211.XXX.XX
2012-08-08 08:06:42 *Tunnelblick client.up.tunnelblick.sh: Retrieved name server(s) [ 8.8.8.8 8.8.4.4 ] and WINS server(s) [ ] and using default domain name [ openvpn ]
2012-08-08 08:06:42 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such key' warnings are normal and may be ignored
2012-08-08 08:06:42 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and WINS configurations for later use
2012-08-08 08:06:42 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor system configuration with process-network-changes
2012-08-08 08:06:43 *Tunnelblick: Flushed the DNS cache
2012-08-08 08:06:49 *Tunnelblick process-network-changes: A system configuration change was ignored because it was not relevant
2012-08-08 08:07:01 write UDPv4: No route to host (code=65)
2012-08-08 08:07:02 write UDPv4: No route to host (code=65)
2012-08-08 08:07:02 write UDPv4: No route to host (code=65)
2012-08-08 08:07:02 write UDPv4: No route to host (code=65)
2012-08-08 08:07:02 write UDPv4: No route to host (code=65)
2012-08-08 08:07:02 *Tunnelblick process-network-changes: ServerAddresses changed from
* <array> {
* 0 : 8.8.8.8
* 1 : 8.8.4.4
* }
* to
*
* pre-VPN was
* <array> {
* 0 : 10.0.1.1
* }
2012-08-08 08:07:02 *Tunnelblick process-network-changes: SearchDomains changed from
* <array> {
* 0 : openvpn
* }
* to (pre-VPN)
*
2012-08-08 08:07:02 *Tunnelblick process-network-changes: DomainName changed from
* openvpn
* to
*
* pre-VPN was
* hsd1.fl.comcast.net.
2012-08-08 08:07:02 *Tunnelblick process-network-changes: DomainName changed; sending USR1 to OpenVPN (process ID 3406) to restart the connection.
2012-08-08 08:07:03 write UDPv4: No route to host (code=65)
2012-08-08 08:07:03 write UDPv4: No route to host (code=65)
2012-08-08 08:07:03 write UDPv4: No route to host (code=65)
2012-08-08 08:07:03 event_wait : Interrupted system call (code=4)
2012-08-08 08:07:03 TCP/UDP: Closing socket
2012-08-08 08:07:03 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 08:07:04 SIGUSR1[hard,] received, process restarting
2012-08-08 08:07:04 MANAGEMENT: >STATE:1344427624,RECONNECTING,SIGUSR1,,
2012-08-08 08:07:04 MANAGEMENT: CMD 'hold release'
2012-08-08 08:07:04 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 08:07:04 Re-using SSL/TLS context
2012-08-08 08:07:04 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
2012-08-08 08:07:04 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 08:07:04 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
2012-08-08 08:07:04 Local Options hash (VER=V4): '2c50bd2c'
2012-08-08 08:07:04 Expected Remote Options hash (VER=V4): '0ddbb6e3'
2012-08-08 08:07:04 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 08:07:04 UDPv4 link local: [undef]
2012-08-08 08:07:04 UDPv4 link remote: 95.211.XXX.XX:443
2012-08-08 08:07:04 MANAGEMENT: >STATE:1344427624,WAIT,,,
2012-08-08 08:07:04 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:07:04 *Tunnelblick client.down.tunnelblick.sh: Cancelled monitoring of system configuration changes
2012-08-08 08:07:04 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS and WINS configurations
2012-08-08 08:07:06 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:07:10 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:07:18 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:07:34 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:08:04 [UNDEF] Inactivity timeout (--ping-restart), restarting
2012-08-08 08:08:04 TCP/UDP: Closing socket
2012-08-08 08:08:04 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 08:08:06 *Tunnelblick client.down.tunnelblick.sh: WARNING: No existing OpenVPN DNS configuration found; not tearing down anything; exiting.
2012-08-08 08:08:06 SIGUSR1[soft,ping-restart] received, process restarting
2012-08-08 08:08:06 MANAGEMENT: >STATE:1344427686,RECONNECTING,ping-restart,,
2012-08-08 08:08:06 MANAGEMENT: CMD 'hold release'
2012-08-08 08:08:06 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 08:08:06 Re-using SSL/TLS context
2012-08-08 08:08:06 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
2012-08-08 08:08:06 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 08:08:06 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
2012-08-08 08:08:06 Local Options hash (VER=V4): '2c50bd2c'
2012-08-08 08:08:06 Expected Remote Options hash (VER=V4): '0ddbb6e3'
2012-08-08 08:08:06 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 08:08:06 UDPv4 link local: [undef]
2012-08-08 08:08:06 UDPv4 link remote: 95.211.XXX.XX:443
2012-08-08 08:08:06 MANAGEMENT: >STATE:1344427686,WAIT,,,
2012-08-08 08:08:06 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:08:08 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:08:12 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:08:20 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:08:36 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:09:06 [UNDEF] Inactivity timeout (--ping-restart), restarting
2012-08-08 08:09:06 TCP/UDP: Closing socket
2012-08-08 08:09:06 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 08:09:08 *Tunnelblick client.down.tunnelblick.sh: WARNING: No existing OpenVPN DNS configuration found; not tearing down anything; exiting.
2012-08-08 08:09:08 SIGUSR1[soft,ping-restart] received, process restarting
2012-08-08 08:09:08 MANAGEMENT: >STATE:1344427748,RECONNECTING,ping-restart,,
2012-08-08 08:09:08 MANAGEMENT: CMD 'hold release'
2012-08-08 08:09:08 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 08:09:08 Re-using SSL/TLS context
2012-08-08 08:09:08 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
2012-08-08 08:09:08 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 08:09:08 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
2012-08-08 08:09:08 Local Options hash (VER=V4): '2c50bd2c'
2012-08-08 08:09:08 Expected Remote Options hash (VER=V4): '0ddbb6e3'
2012-08-08 08:09:08 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 08:09:08 UDPv4 link local: [undef]
2012-08-08 08:09:08 UDPv4 link remote: 95.211.XXX.XX:443
2012-08-08 08:09:08 MANAGEMENT: >STATE:1344427748,WAIT,,,
2012-08-08 08:09:08 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:09:10 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:09:14 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:09:22 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:09:38 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:10:08 [UNDEF] Inactivity timeout (--ping-restart), restarting
2012-08-08 08:10:08 TCP/UDP: Closing socket
2012-08-08 08:10:08 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 08:10:10 *Tunnelblick client.down.tunnelblick.sh: WARNING: No existing OpenVPN DNS configuration found; not tearing down anything; exiting.
2012-08-08 08:10:10 SIGUSR1[soft,ping-restart] received, process restarting
2012-08-08 08:10:10 MANAGEMENT: >STATE:1344427810,RECONNECTING,ping-restart,,
2012-08-08 08:10:10 MANAGEMENT: CMD 'hold release'
2012-08-08 08:10:10 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 08:10:10 Re-using SSL/TLS context
2012-08-08 08:10:10 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
2012-08-08 08:10:10 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 08:10:10 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
2012-08-08 08:10:10 Local Options hash (VER=V4): '2c50bd2c'
2012-08-08 08:10:10 Expected Remote Options hash (VER=V4): '0ddbb6e3'
2012-08-08 08:10:10 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 08:10:10 UDPv4 link local: [undef]
2012-08-08 08:10:10 UDPv4 link remote: 95.211.XXX.XX:443
2012-08-08 08:10:10 MANAGEMENT: >STATE:1344427810,WAIT,,,
2012-08-08 08:10:10 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:10:12 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:10:16 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:10:24 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:10:40 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:11:10 [UNDEF] Inactivity timeout (--ping-restart), restarting
2012-08-08 08:11:10 TCP/UDP: Closing socket
2012-08-08 08:11:10 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 08:11:12 *Tunnelblick client.down.tunnelblick.sh: WARNING: No existing OpenVPN DNS configuration found; not tearing down anything; exiting.
2012-08-08 08:11:12 SIGUSR1[soft,ping-restart] received, process restarting
2012-08-08 08:11:12 MANAGEMENT: >STATE:1344427872,RECONNECTING,ping-restart,,
2012-08-08 08:11:12 MANAGEMENT: CMD 'hold release'
2012-08-08 08:11:12 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 08:11:12 Re-using SSL/TLS context
2012-08-08 08:11:12 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
2012-08-08 08:11:12 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 08:11:12 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
2012-08-08 08:11:12 Local Options hash (VER=V4): '2c50bd2c'
2012-08-08 08:11:12 Expected Remote Options hash (VER=V4): '0ddbb6e3'
2012-08-08 08:11:12 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 08:11:12 UDPv4 link local: [undef]
2012-08-08 08:11:12 UDPv4 link remote: 95.211.XXX.XX:443
2012-08-08 08:11:12 MANAGEMENT: >STATE:1344427872,WAIT,,,
2012-08-08 08:11:12 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:11:14 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:11:18 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:11:26 write UDPv4: Can't assign requested address (code=49)
2012-08-08 08:11:42 MANAGEMENT: >STATE:1344427902,AUTH,,,
2012-08-08 08:11:42 TLS: Initial packet from 95.211.XXX.XX:443, sid=82e2a189 1080d5c2
2012-08-08 08:11:42 VERIFY OK: depth=1, /C=RO/ST=VS/L=Vaslui/O=CactusVPN/CN=CactusVPN_CA/emailAddress=ser...@cactusvpn.com
2012-08-08 08:11:42 VERIFY OK: nsCertType=SERVER
2012-08-08 08:11:42 VERIFY OK: depth=0, /C=RO/ST=VS/L=Vaslui/O=CactusVPN/CN=server/emailAddress=ser...@cactusvpn.com
2012-08-08 08:11:43 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 08:11:43 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 08:11:43 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 08:11:43 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 08:11:43 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2012-08-08 08:11:43 [server] Peer Connection Initiated with 95.211.XXX.XX:443
2012-08-08 08:11:44 MANAGEMENT: >STATE:1344427904,GET_CONFIG,,,
2012-08-08 08:11:45 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-08-08 08:11:45 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway def1,route-gateway 10.11.0.1,ping 10,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.11.16.33 255.255.0.0'
2012-08-08 08:11:45 OPTIONS IMPORT: timers and/or timeouts modified
2012-08-08 08:11:45 OPTIONS IMPORT: --socket-flags option modified
2012-08-08 08:11:45 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 08:11:45 OPTIONS IMPORT: --ifconfig/up options modified
2012-08-08 08:11:45 OPTIONS IMPORT: route options modified
2012-08-08 08:11:45 OPTIONS IMPORT: route-related options modified
2012-08-08 08:11:45 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2012-08-08 08:11:45 Preserving previous TUN/TAP instance: tap0
2012-08-08 08:11:45 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atDASNGWrdasngw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 08:11:48 *Tunnelblick: Flushed the DNS cache
2012-08-08 08:11:48 Initialization Sequence Completed
2012-08-08 08:11:48 MANAGEMENT: >STATE:1344427908,CONNECTED,SUCCESS,10.11.16.33,95.211.XXX.XX
2012-08-08 08:11:51 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 0 seconds to wait for DHCP to finish setup.
2012-08-08 08:11:51 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 1 seconds to wait for DHCP to finish setup.
2012-08-08 08:11:52 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 2 seconds to wait for DHCP to finish setup.
2012-08-08 08:11:54 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 3 seconds to wait for DHCP to finish setup.
2012-08-08 08:11:57 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 4 seconds to wait for DHCP to finish setup.
------------------------------------------------------------------------------------------------------------
CONFIGURATION
------------------------------------------------------------------------------------------------------------
client
ping 5
ping-exit 30
dev tap
fast-io
proto udp
remote 95.211.XXX.XX 443
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ca ca.crt
cert cactuspremium.crt
key cactuspremium.key
reneg-sec 0
ns-cert-type server
auth-user-pass
verb 3
------------------------------------------------------------------------------------------------------------
jkbull...gmail.com
Aug 8, 2012, 11:28:44 AM8/8/12
to tunnelbli...@googlegroups.com
On Wednesday, August 8, 2012 10:32:31 AM UTC-4, simbafish wrote:
Since Tunnelblick Beta version might not be stable, I downloaded Tunnelblick 3.2.7 (build 2891.3087). I just replaced the app. Should I have removed everything related to the beta version?
No. Not necessary, if you either installed by double-clicking or put the old /Applications/Tunnelblick in the Trash and then dragged the new one (older version of Tunnelblick) to /Applications.
. Anyway, ran the test again with the same results. OpenVPN will not disconnect but just sits there waiting. The Tunnelblick app 3.2.7 (build 2891.3087) has two versions of OpenVPN in it, ver 2.1.4 and 2.2.1. Should I remove the 2.2.1 and will this force Tunnelblick to use 2.1.4?
If you want to use OpenVPN 2.1.4, just select it in the Preferences panel of the VPN Details… window.
8:07:04 First audio alert, OpenVPN/Tunnelblick “Waiting . . .”
What causes this audio alert? I'm not familiar with it.
Can you repeat this testing using 3.3beta18? It includes more logging so I can see what's happening.
When you do, if the following happens:
8:11:49 Tunnelblick authorized and said Connected. But it was not! Firefox browser could not connect. I had to Disconnect OpenVPN and then reconnect again.
Please see if it is a DNS problem. Do that by doing the following in Firefox:
type an IP address of www.ibm.com in the address bar as follows, then press "return":
http://129.42.58.216
also, please try an IP address for www.google.com:
http://173.194.75.147
Stuart Keen
Aug 8, 2012, 2:03:39 PM8/8/12
to tunnelbli...@googlegroups.com
I reinstalled Tunnelblick with 3.3beta18 version and openvpn 2.3-alpha1. Connection to the Internet was made, as before, without a problem. Typed in both IP addresses given, verified. But same issues as before. Will not Disconnect after turning Airport OFF, just keeps waiting. Got the warning, “After connecting to server, DNS does not appear to be working. This may mean that your VPN is not configured correctly”. Rebooted the Mac. Problem still there. Waiting, but never disconnects. If I click Disconnect, then turn Airport back ON, and then click Connect, I connect OK, verified.
Discovered that when I turn Airport OFF and Openvpn is waiting, if I 1) quit Firefox, then 2) turn Airport ON and openvpn reconnects automatically (supposedly), 3) when I start Firefox again, it cannot connect to the Internet. Basically when I lose signal, I should not touch Firefox as it will come back on line when the signal is regained. Repeated many times, same results. If I want to quit Firefox, then openvpn must go from Waiting to Disconnect, turn on Airport, Connect OpenVPN, then open Firefox again.
At no time does openvpn Disconnect when there is a loss of signal. Why?
Under Details/Configurations/Setting there are the choices for Alert Sounds when “connection” is made and when “Unexpected disconnection”. These are the alerts I was referencing in my previous email.
Discovered that when I turn Airport OFF and Openvpn is waiting, if I 1) quit Firefox, then 2) turn Airport ON and openvpn reconnects automatically (supposedly), 3) when I start Firefox again, it cannot connect to the Internet. Basically when I lose signal, I should not touch Firefox as it will come back on line when the signal is regained. Repeated many times, same results. If I want to quit Firefox, then openvpn must go from Waiting to Disconnect, turn on Airport, Connect OpenVPN, then open Firefox again.
At no time does openvpn Disconnect when there is a loss of signal. Why?
Under Details/Configurations/Setting there are the choices for Alert Sounds when “connection” is made and when “Unexpected disconnection”. These are the alerts I was referencing in my previous email.
Can you repeat this testing using 3.3beta18? It includes more logging so I can see what's happening.
Loading, Authorizing and Connecting with openvpn 2.3-alpha1
2012-08-08 13:32:28 *Tunnelblick: OS X 10.6.8; Tunnelblick 3.3beta18 (build 3081)
2012-08-08 13:32:28 *Tunnelblick: Attempting connection with CactusVPN-NL-Amsterdam; Set nameserver = 1; monitoring connection
2012-08-08 13:32:28 *Tunnelblick: /Applications/Tunnelblick.app/Contents/Resources/openvpnstart start CactusVPN-NL-Amsterdam.ovpn 1337 1 0 0 0 114 -atADGNWradsgnw
2012-08-08 13:32:29 *Tunnelblick: openvpnstart starting OpenVPN:
* /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn --cd /Users/simbafish/Library/Application Support/Tunnelblick/Configurations --daemon --management 127.0.0.1 1337 --config /Users/simbafish/Library/Application Support/Tunnelblick/Configurations/CactusVPN-NL-Amsterdam.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Ssimbafish-SLibrary-SApplication Support-STunnelblick-SConfigurations-SCactusVPN--NL--Amsterdam.ovpn.1_0_0_0_114.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atADGNWradsgnw --down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw --up-restart --route-pre-down /Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw
2012-08-08 13:32:30 *Tunnelblick: openvpnstart message: Loading tap.kext
2012-08-08 13:32:30 OpenVPN 2.3-alpha1 i386-apple-darwin10.8.0 [SSL (OpenSSL)] [LZO2] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110522-1 (2.2.0)] built on Aug 3 2012
2012-08-08 13:32:30 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
2012-08-08 13:32:30 Need hold release from management interface, waiting...
2012-08-08 13:32:30 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
2012-08-08 13:32:30 MANAGEMENT: CMD 'pid'
2012-08-08 13:32:30 MANAGEMENT: CMD 'state on'
2012-08-08 13:32:30 MANAGEMENT: CMD 'state'
2012-08-08 13:32:30 MANAGEMENT: CMD 'bytecount 1'
2012-08-08 13:32:30 MANAGEMENT: CMD 'hold release'
2012-08-08 13:32:30 MANAGEMENT: CMD 'username "Auth" "vrdvocxb"'
2012-08-08 13:32:30 MANAGEMENT: CMD 'password [...]'
2012-08-08 13:32:30 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 13:32:30 WARNING: file 'cactuspremium.key' is group or others accessible
2012-08-08 13:32:30 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 13:32:30 UDPv4 link local: [undef]
2012-08-08 13:32:30 UDPv4 link remote: [AF_INET]95.211.XXX.XX:443
2012-08-08 13:32:30 MANAGEMENT: >STATE:1344447150,WAIT,,,
2012-08-08 13:32:30 MANAGEMENT: >STATE:1344447150,AUTH,,,
2012-08-08 13:32:30 TLS: Initial packet from [AF_INET]95.211.XXX.XX:443, sid=c85aa165 15fc4ec6
2012-08-08 13:32:30 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2012-08-08 13:32:31 VERIFY OK: depth=1, C=RO, ST=VS, L=Vaslui, O=CactusVPN, CN=CactusVPN CA, emailAddress=ser...@cactusvpn.com
2012-08-08 13:32:31 VERIFY OK: nsCertType=SERVER
2012-08-08 13:32:31 VERIFY OK: depth=0, C=RO, ST=VS, L=Vaslui, O=CactusVPN, CN=server, emailAddress=ser...@cactusvpn.com
2012-08-08 13:32:32 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 13:32:32 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 13:32:32 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 13:32:32 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 13:32:32 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2012-08-08 13:32:32 [server] Peer Connection Initiated with [AF_INET]95.211.XXX.XX:443
2012-08-08 13:32:33 MANAGEMENT: >STATE:1344447153,GET_CONFIG,,,
2012-08-08 13:32:34 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-08-08 13:32:34 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway def1,route-gateway 10.11.0.1,ping 10,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.11.16.33 255.255.0.0'
2012-08-08 13:32:34 OPTIONS IMPORT: timers and/or timeouts modified
2012-08-08 13:32:34 OPTIONS IMPORT: --socket-flags option modified
2012-08-08 13:32:34 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 13:32:34 OPTIONS IMPORT: --ifconfig/up options modified
2012-08-08 13:32:34 OPTIONS IMPORT: route options modified
2012-08-08 13:32:34 OPTIONS IMPORT: route-related options modified
2012-08-08 13:32:34 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2012-08-08 13:32:34 ROUTE_GATEWAY 10.0.1.1/255.255.255.0 IFACE=en1 HWADDR=04:1e:64:f0:f9:89
2012-08-08 13:32:34 TUN/TAP device /dev/tap0 opened
2012-08-08 13:32:34 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
2012-08-08 13:32:34 MANAGEMENT: >STATE:1344447154,ASSIGN_IP,,10.11.16.33,
2012-08-08 13:32:34 /sbin/ifconfig tap0 delete
2012-08-08 13:32:28 *Tunnelblick: OS X 10.6.8; Tunnelblick 3.3beta18 (build 3081)
2012-08-08 13:32:28 *Tunnelblick: Attempting connection with CactusVPN-NL-Amsterdam; Set nameserver = 1; monitoring connection
2012-08-08 13:32:28 *Tunnelblick: /Applications/Tunnelblick.app/Contents/Resources/openvpnstart start CactusVPN-NL-Amsterdam.ovpn 1337 1 0 0 0 114 -atADGNWradsgnw
2012-08-08 13:32:29 *Tunnelblick: openvpnstart starting OpenVPN:
* /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn --cd /Users/simbafish/Library/Application Support/Tunnelblick/Configurations --daemon --management 127.0.0.1 1337 --config /Users/simbafish/Library/Application Support/Tunnelblick/Configurations/CactusVPN-NL-Amsterdam.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Ssimbafish-SLibrary-SApplication Support-STunnelblick-SConfigurations-SCactusVPN--NL--Amsterdam.ovpn.1_0_0_0_114.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atADGNWradsgnw --down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw --up-restart --route-pre-down /Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw
2012-08-08 13:32:30 *Tunnelblick: openvpnstart message: Loading tap.kext
2012-08-08 13:32:30 OpenVPN 2.3-alpha1 i386-apple-darwin10.8.0 [SSL (OpenSSL)] [LZO2] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110522-1 (2.2.0)] built on Aug 3 2012
2012-08-08 13:32:30 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
2012-08-08 13:32:30 Need hold release from management interface, waiting...
2012-08-08 13:32:30 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
2012-08-08 13:32:30 MANAGEMENT: CMD 'pid'
2012-08-08 13:32:30 MANAGEMENT: CMD 'state on'
2012-08-08 13:32:30 MANAGEMENT: CMD 'state'
2012-08-08 13:32:30 MANAGEMENT: CMD 'bytecount 1'
2012-08-08 13:32:30 MANAGEMENT: CMD 'hold release'
2012-08-08 13:32:30 MANAGEMENT: CMD 'username "Auth" "vrdvocxb"'
2012-08-08 13:32:30 MANAGEMENT: CMD 'password [...]'
2012-08-08 13:32:30 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 13:32:30 WARNING: file 'cactuspremium.key' is group or others accessible
2012-08-08 13:32:30 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 13:32:30 UDPv4 link local: [undef]
2012-08-08 13:32:30 UDPv4 link remote: [AF_INET]95.211.XXX.XX:443
2012-08-08 13:32:30 MANAGEMENT: >STATE:1344447150,WAIT,,,
2012-08-08 13:32:30 MANAGEMENT: >STATE:1344447150,AUTH,,,
2012-08-08 13:32:30 TLS: Initial packet from [AF_INET]95.211.XXX.XX:443, sid=c85aa165 15fc4ec6
2012-08-08 13:32:30 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2012-08-08 13:32:31 VERIFY OK: depth=1, C=RO, ST=VS, L=Vaslui, O=CactusVPN, CN=CactusVPN CA, emailAddress=ser...@cactusvpn.com
2012-08-08 13:32:31 VERIFY OK: nsCertType=SERVER
2012-08-08 13:32:31 VERIFY OK: depth=0, C=RO, ST=VS, L=Vaslui, O=CactusVPN, CN=server, emailAddress=ser...@cactusvpn.com
2012-08-08 13:32:32 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 13:32:32 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 13:32:32 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 13:32:32 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 13:32:32 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2012-08-08 13:32:32 [server] Peer Connection Initiated with [AF_INET]95.211.XXX.XX:443
2012-08-08 13:32:33 MANAGEMENT: >STATE:1344447153,GET_CONFIG,,,
2012-08-08 13:32:34 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-08-08 13:32:34 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway def1,route-gateway 10.11.0.1,ping 10,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.11.16.33 255.255.0.0'
2012-08-08 13:32:34 OPTIONS IMPORT: timers and/or timeouts modified
2012-08-08 13:32:34 OPTIONS IMPORT: --socket-flags option modified
2012-08-08 13:32:34 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 13:32:34 OPTIONS IMPORT: --ifconfig/up options modified
2012-08-08 13:32:34 OPTIONS IMPORT: route options modified
2012-08-08 13:32:34 OPTIONS IMPORT: route-related options modified
2012-08-08 13:32:34 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2012-08-08 13:32:34 ROUTE_GATEWAY 10.0.1.1/255.255.255.0 IFACE=en1 HWADDR=04:1e:64:f0:f9:89
2012-08-08 13:32:34 TUN/TAP device /dev/tap0 opened
2012-08-08 13:32:34 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
2012-08-08 13:32:34 MANAGEMENT: >STATE:1344447154,ASSIGN_IP,,10.11.16.33,
2012-08-08 13:32:34 /sbin/ifconfig tap0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2012-08-08 13:32:34 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2012-08-08 13:32:34 /sbin/ifconfig tap0 10.11.16.33 netmask 255.255.0.0 mtu 1500 up
2012-08-08 13:32:34 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atADGNWradsgnw tap0 1500 1573 10.11.16.33 255.255.0.0 init
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: Retrieved name server(s) [ 8.8.8.8 8.8.4.4 ] and SMB server(s) [ ] and using default domain name [ openvpn ]
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_DNS_CONFIG = No such key
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_SMB_CONFIG = No such key
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_DNS_CONFIG = <dictionary> { ServerAddresses : <array> { 10.0.1.1 } DomainName : hsd1.fl.comcast.net. }
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_SMB_CONFIG = No such key
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: DYN_DNS_DN = openvpn; DYN_DNS_SA = 8.8.8.8 8.8.4.4; DYN_DNS_SD =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: DYN_SMB_NN = ; DYN_SMB_WG = ; DYN_SMB_WA =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_DNS_DN = ; MAN_DNS_SA = ; MAN_DNS_SD =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_SMB_NN = ; MAN_SMB_WG = ; MAN_SMB_WA =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_DNS_DN = <dictionary> { ServerAddresses : <array> { 10.0.1.1 } DomainName : hsd1.fl.comcast.net. }; CUR_DNS_SA = 10.0.1.1; CUR_DNS_SD =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_SMB_NN = ; CUR_SMB_WG = ; CUR_SMB_WA =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: ServerAddresses were not aggregated because running on OS X 10.6 or higher
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: Setting search domains to 'openvpn' because running under OS X 10.6 or higher and the search domains were not set manually and 'Prepend domain name to search domains' was not selected
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: FIN_DNS_DN = openvpn; FIN_DNS_SA = 8.8.8.8 8.8.4.4; FIN_DNS_SD = openvpn
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: FIN_SMB_NN = ; FIN_SMB_WG = ; FIN_SMB_WA =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: OS X 10.4-10.6, so will modify settings using only State:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: SKP_DNS = ; SKP_DNS_SA = ; SKP_DNS_SD = ; SKP_DNS_DN =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: SKP_SETUP_DNS = #
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: SKP_SMB = #; SKP_SMB_NN = #; SKP_SMB_WG = #; SKP_SMB_WA = #
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Configuration changes:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD State: ServerAddresses 8.8.8.8 8.8.4.4
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD State: SearchDomains openvpn
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD State: DomainName openvpn
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: #ADD Setup: ServerAddresses 8.8.8.8 8.8.4.4
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: #ADD Setup: SearchDomains openvpn
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: #ADD Setup: DomainName openvpn
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ##ADD State: NetBIOSName
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ##ADD State: Workgroup
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ##ADD State: WINSAddresses
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Pause for configuration changes to be propagated to State:/Network/Global/DNS and .../SMB
2012-08-08 13:32:39 /sbin/route add -net 95.211.XXX.XX 10.0.1.1 255.255.255.255
2012-08-08 13:32:34 /sbin/ifconfig tap0 10.11.16.33 netmask 255.255.0.0 mtu 1500 up
2012-08-08 13:32:34 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atADGNWradsgnw tap0 1500 1573 10.11.16.33 255.255.0.0 init
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: Retrieved name server(s) [ 8.8.8.8 8.8.4.4 ] and SMB server(s) [ ] and using default domain name [ openvpn ]
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_DNS_CONFIG = No such key
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_SMB_CONFIG = No such key
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_DNS_CONFIG = <dictionary> { ServerAddresses : <array> { 10.0.1.1 } DomainName : hsd1.fl.comcast.net. }
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_SMB_CONFIG = No such key
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: DYN_DNS_DN = openvpn; DYN_DNS_SA = 8.8.8.8 8.8.4.4; DYN_DNS_SD =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: DYN_SMB_NN = ; DYN_SMB_WG = ; DYN_SMB_WA =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_DNS_DN = ; MAN_DNS_SA = ; MAN_DNS_SD =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_SMB_NN = ; MAN_SMB_WG = ; MAN_SMB_WA =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_DNS_DN = <dictionary> { ServerAddresses : <array> { 10.0.1.1 } DomainName : hsd1.fl.comcast.net. }; CUR_DNS_SA = 10.0.1.1; CUR_DNS_SD =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_SMB_NN = ; CUR_SMB_WG = ; CUR_SMB_WA =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: ServerAddresses were not aggregated because running on OS X 10.6 or higher
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: Setting search domains to 'openvpn' because running under OS X 10.6 or higher and the search domains were not set manually and 'Prepend domain name to search domains' was not selected
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: FIN_DNS_DN = openvpn; FIN_DNS_SA = 8.8.8.8 8.8.4.4; FIN_DNS_SD = openvpn
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: FIN_SMB_NN = ; FIN_SMB_WG = ; FIN_SMB_WA =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: OS X 10.4-10.6, so will modify settings using only State:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: SKP_DNS = ; SKP_DNS_SA = ; SKP_DNS_SD = ; SKP_DNS_DN =
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: SKP_SETUP_DNS = #
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: SKP_SMB = #; SKP_SMB_NN = #; SKP_SMB_WG = #; SKP_SMB_WA = #
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Configuration changes:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD State: ServerAddresses 8.8.8.8 8.8.4.4
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD State: SearchDomains openvpn
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD State: DomainName openvpn
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: #ADD Setup: ServerAddresses 8.8.8.8 8.8.4.4
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: #ADD Setup: SearchDomains openvpn
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: #ADD Setup: DomainName openvpn
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ##ADD State: NetBIOSName
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ##ADD State: Workgroup
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ##ADD State: WINSAddresses
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:38 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Pause for configuration changes to be propagated to State:/Network/Global/DNS and .../SMB
2012-08-08 13:32:39 /sbin/route add -net 95.211.XXX.XX 10.0.1.1 255.255.255.255
add net 95.211.XXX.XX: gateway 10.0.1.1
2012-08-08 13:32:39 /sbin/route add -net 0.0.0.0 10.11.0.1 128.0.0.0
add net 0.0.0.0: gateway 10.11.0.1
2012-08-08 13:32:39 /sbin/route add -net 128.0.0.0 10.11.0.1 128.0.0.0
add net 128.0.0.0: gateway 10.11.0.1
2012-08-08 13:32:39 Initialization Sequence Completed
2012-08-08 13:32:39 MANAGEMENT: >STATE:1344447159,CONNECTED,SUCCESS,10.11.16.33,95.211.XXX.XX
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Configurations as read back after changes:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/.../DNS = <dictionary> { ServerAddresses : <array> { 8.8.8.8 8.8.4.4 } DomainName : openvpn SearchDomains : <array> { openvpn } }
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/.../SMB = No such key
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Setup:/.../DNS = No such key
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Setup:/.../SMB = No such key
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/Global/DNS = <dictionary> { ServerAddresses : <array> { 8.8.8.8 8.8.4.4 } DomainName : openvpn SearchDomains : <array> { openvpn } }
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/Global/SMB = No such key
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Expected by process-network-changes:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/OpenVPN/DNS = <dictionary> { ServerAddresses : <array> { 8.8.8.8 8.8.4.4 } DomainName : openvpn SearchDomains : <array> { openvpn } }
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/OpenVPN/SMB = <dictionary> { TunnelblickNoSuchKey : true }
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and SMB configurations for later use
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor system configuration with leasewatch
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn
2012-08-08 13:32:39 MANAGEMENT: >STATE:1344447159,CONNECTED,SUCCESS,10.11.16.33,95.211.XXX.XX
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Configurations as read back after changes:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/.../DNS = <dictionary> { ServerAddresses : <array> { 8.8.8.8 8.8.4.4 } DomainName : openvpn SearchDomains : <array> { openvpn } }
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/.../SMB = No such key
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Setup:/.../DNS = No such key
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Setup:/.../SMB = No such key
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/Global/DNS = <dictionary> { ServerAddresses : <array> { 8.8.8.8 8.8.4.4 } DomainName : openvpn SearchDomains : <array> { openvpn } }
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/Global/SMB = No such key
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Expected by process-network-changes:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/OpenVPN/DNS = <dictionary> { ServerAddresses : <array> { 8.8.8.8 8.8.4.4 } DomainName : openvpn SearchDomains : <array> { openvpn } }
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/OpenVPN/SMB = <dictionary> { TunnelblickNoSuchKey : true }
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and SMB configurations for later use
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor system configuration with leasewatch
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn
--cd
/Users/simbafish/Library/Application Support/Tunnelblick/Configurations
--daemon
--management
127.0.0.1
1337
--config
/Users/simbafish/Library/Application Support/Tunnelblick/Configurations/CactusVPN-NL-Amsterdam.ovpn
--log
/Library/Application Support/Tunnelblick/Logs/-SUsers-Ssimbafish-SLibrary-SApplication Support-STunnelblick-SConfigurations-SCactusVPN--NL--Amsterdam.ovpn.1_0_0_0_114.1337.openvpn.log
--management-query-passwords
--management-hold
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw
--up-restart
--route-pre-down
/Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw
2012-08-08 13:32:30 *Tunnelblick: Established communication with OpenVPN
2012-08-08 13:32:30 *Tunnelblick: Obtained VPN username and password from the Keychain
2012-08-08 13:32:40 *Tunnelblick: Flushed the DNS cache
2012-08-08 13:32:41 *Tunnelblick: This computer's apparent public IP address changed from 71.203.XX.XX before connection to 95.211.XXX.XX after connection
2012-08-08 13:32:49 *Tunnelblick leasewatch: A system configuration change was ignored because it was not relevant
Turn Airport OFF, OpenVPN alert sound, then sits "waiting" for connection. Why does it NEVER Disconnect?
2012-08-08 13:33:49 write UDPv4: No route to host (code=65)
2012-08-08 13:33:49 write UDPv4: No route to host (code=65)
2012-08-08 13:33:49 write UDPv4: No route to host (code=65)
2012-08-08 13:33:49 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:52 write UDPv4: No route to host (code=65)
2012-08-08 13:33:52 write UDPv4: No route to host (code=65)
2012-08-08 13:33:53 write UDPv4: No route to host (code=65)
2012-08-08 13:33:53 write UDPv4: No route to host (code=65)
2012-08-08 13:33:53 write UDPv4: No route to host (code=65)
2012-08-08 13:33:53 write UDPv4: No route to host (code=65)
2012-08-08 13:33:54 write UDPv4: No route to host (code=65)
2012-08-08 13:33:54 write UDPv4: No route to host (code=65)
2012-08-08 13:33:54 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:56 write UDPv4: No route to host (code=65)
2012-08-08 13:33:56 *Tunnelblick leasewatch: A network configuration change was detected
* DNS configuration has changed:
* --- BEGIN EXPECTED DNS CFG ---
* DomainName : openvpn
* |ServerAddresses : <array> {
--down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw
--up-restart
--route-pre-down
/Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw
2012-08-08 13:32:30 *Tunnelblick: Established communication with OpenVPN
2012-08-08 13:32:30 *Tunnelblick: Obtained VPN username and password from the Keychain
2012-08-08 13:32:40 *Tunnelblick: Flushed the DNS cache
2012-08-08 13:32:41 *Tunnelblick: This computer's apparent public IP address changed from 71.203.XX.XX before connection to 95.211.XXX.XX after connection
2012-08-08 13:32:49 *Tunnelblick leasewatch: A system configuration change was ignored because it was not relevant
Turn Airport OFF, OpenVPN alert sound, then sits "waiting" for connection. Why does it NEVER Disconnect?
2012-08-08 13:33:49 write UDPv4: No route to host (code=65)
2012-08-08 13:33:49 write UDPv4: No route to host (code=65)
2012-08-08 13:33:49 write UDPv4: No route to host (code=65)
2012-08-08 13:33:49 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:52 write UDPv4: No route to host (code=65)
2012-08-08 13:33:52 write UDPv4: No route to host (code=65)
2012-08-08 13:33:53 write UDPv4: No route to host (code=65)
2012-08-08 13:33:53 write UDPv4: No route to host (code=65)
2012-08-08 13:33:53 write UDPv4: No route to host (code=65)
2012-08-08 13:33:53 write UDPv4: No route to host (code=65)
2012-08-08 13:33:54 write UDPv4: No route to host (code=65)
2012-08-08 13:33:54 write UDPv4: No route to host (code=65)
2012-08-08 13:33:54 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:56 write UDPv4: No route to host (code=65)
2012-08-08 13:33:56 *Tunnelblick leasewatch: A network configuration change was detected
* DNS configuration has changed:
* --- BEGIN EXPECTED DNS CFG ---
* DomainName : openvpn
* |ServerAddresses : <array> {
* 0 : 8.8.8.8
* 1 : 8.8.4.4
* }
* |SearchDomains : <array> {
* 0 : openvpn
* }
* |
* ---- END EXPECTED DNS CFG ----
*
* --- BEGIN CURRENT DNS CFG ---
*
* ---- END CURRENT DNS CFG ----
*
* --- BEGIN PRE-VPN DNS CFG ---
* DomainName : hsd1.fl.comcast.net.
* |ServerAddresses : <array> {
* 0 : 10.0.1.1
* }
* |
* ---- END PRE-VPN DNS CFG ----
* Sending USR1 to OpenVPN (process ID 4344) to restart the connection.
2012-08-08 13:33:57 event_wait : Interrupted system call (code=4)
2012-08-08 13:33:57 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
No such key
No such key
2012-08-08 13:33:58 SIGUSR1[hard,] received, process restarting
2012-08-08 13:33:58 MANAGEMENT: >STATE:1344447238,RECONNECTING,SIGUSR1,,
2012-08-08 13:33:58 MANAGEMENT: CMD 'hold release'
2012-08-08 13:33:58 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 13:33:58 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 13:33:58 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 13:33:58 UDPv4 link local: [undef]
2012-08-08 13:33:58 UDPv4 link remote: [AF_INET]95.211.XXX.XX:443
2012-08-08 13:33:58 MANAGEMENT: >STATE:1344447238,WAIT,,,
2012-08-08 13:33:58 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:33:58 *Tunnelblick client.down.tunnelblick.sh: Cancelled monitoring of system configuration changes
2012-08-08 13:33:58 *Tunnelblick client.down.tunnelblick.sh: DEBUG: Removing 'Setup:' DNS key
2012-08-08 13:33:58 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS and SMB configurations
2012-08-08 13:34:00 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:34:04 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:34:12 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:34:28 write UDPv4: Can't assign requested address (code=49)
Turn Airport ON again
2012-08-08 13:34:58 [UNDEF] Inactivity timeout (--ping-restart), restarting
2012-08-08 13:34:58 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 13:35:00 *Tunnelblick client.down.tunnelblick.sh: WARNING: No existing OpenVPN DNS configuration found; not tearing down anything; exiting.
2012-08-08 13:35:00 SIGUSR1[soft,ping-restart] received, process restarting
2012-08-08 13:35:00 MANAGEMENT: >STATE:1344447300,RECONNECTING,ping-restart,,
2012-08-08 13:35:00 MANAGEMENT: CMD 'hold release'
2012-08-08 13:35:00 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 13:35:00 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 13:35:00 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 13:35:00 UDPv4 link local: [undef]
2012-08-08 13:35:00 UDPv4 link remote: [AF_INET]95.211.XXX.XX:443
2012-08-08 13:35:00 MANAGEMENT: >STATE:1344447300,WAIT,,,
2012-08-08 13:35:00 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:35:02 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:35:06 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:35:14 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:35:30 MANAGEMENT: >STATE:1344447330,AUTH,,,
2012-08-08 13:35:30 TLS: Initial packet from [AF_INET]95.211.XXX.XX:443, sid=796903c5 8f30e164
2012-08-08 13:35:31 VERIFY OK: depth=1, C=RO, ST=VS, L=Vaslui, O=CactusVPN, CN=CactusVPN CA, emailAddress=ser...@cactusvpn.com
2012-08-08 13:35:31 VERIFY OK: nsCertType=SERVER
2012-08-08 13:35:31 VERIFY OK: depth=0, C=RO, ST=VS, L=Vaslui, O=CactusVPN, CN=server, emailAddress=ser...@cactusvpn.com
2012-08-08 13:35:32 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 13:35:32 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 13:35:32 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 13:35:32 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 13:35:32 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2012-08-08 13:35:32 [server] Peer Connection Initiated with [AF_INET]95.211.XXX.XX:443
2012-08-08 13:35:33 MANAGEMENT: >STATE:1344447333,GET_CONFIG,,,
2012-08-08 13:35:34 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-08-08 13:35:34 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway def1,route-gateway 10.11.0.1,ping 10,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.11.16.33 255.255.0.0'
2012-08-08 13:35:34 OPTIONS IMPORT: timers and/or timeouts modified
2012-08-08 13:35:34 OPTIONS IMPORT: --socket-flags option modified
2012-08-08 13:35:34 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 13:35:34 OPTIONS IMPORT: --ifconfig/up options modified
2012-08-08 13:35:34 OPTIONS IMPORT: route options modified
2012-08-08 13:35:34 OPTIONS IMPORT: route-related options modified
2012-08-08 13:35:34 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2012-08-08 13:35:34 Preserving previous TUN/TAP instance: tap0
2012-08-08 13:35:34 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atADGNWradsgnw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 13:35:37 Initialization Sequence Completed
2012-08-08 13:35:37 MANAGEMENT: >STATE:1344447337,CONNECTED,SUCCESS,10.11.16.33,95.211.XXX.XX
2012-08-08 13:35:40 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 0 seconds to wait for DHCP to finish setup.
2012-08-08 13:35:40 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 1 seconds to wait for DHCP to finish setup.
2012-08-08 13:35:41 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 2 seconds to wait for DHCP to finish setup.
2012-08-08 13:35:43 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 3 seconds to wait for DHCP to finish setup.
2012-08-08 13:35:46 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 4 seconds to wait for DHCP to finish setup.
No Connection even though openvpn says there is one.
CONFIGURATION
*
* --- BEGIN CURRENT DNS CFG ---
*
* ---- END CURRENT DNS CFG ----
*
* --- BEGIN PRE-VPN DNS CFG ---
* DomainName : hsd1.fl.comcast.net.
* |ServerAddresses : <array> {
* 0 : 10.0.1.1
* }
* |
* ---- END PRE-VPN DNS CFG ----
* Sending USR1 to OpenVPN (process ID 4344) to restart the connection.
2012-08-08 13:33:57 event_wait : Interrupted system call (code=4)
2012-08-08 13:33:57 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
No such key
No such key
2012-08-08 13:33:58 SIGUSR1[hard,] received, process restarting
2012-08-08 13:33:58 MANAGEMENT: >STATE:1344447238,RECONNECTING,SIGUSR1,,
2012-08-08 13:33:58 MANAGEMENT: CMD 'hold release'
2012-08-08 13:33:58 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 13:33:58 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 13:33:58 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 13:33:58 UDPv4 link local: [undef]
2012-08-08 13:33:58 UDPv4 link remote: [AF_INET]95.211.XXX.XX:443
2012-08-08 13:33:58 MANAGEMENT: >STATE:1344447238,WAIT,,,
2012-08-08 13:33:58 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:33:58 *Tunnelblick client.down.tunnelblick.sh: Cancelled monitoring of system configuration changes
2012-08-08 13:33:58 *Tunnelblick client.down.tunnelblick.sh: DEBUG: Removing 'Setup:' DNS key
2012-08-08 13:33:58 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS and SMB configurations
2012-08-08 13:34:00 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:34:04 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:34:12 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:34:28 write UDPv4: Can't assign requested address (code=49)
Turn Airport ON again
2012-08-08 13:34:58 [UNDEF] Inactivity timeout (--ping-restart), restarting
2012-08-08 13:34:58 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 13:35:00 *Tunnelblick client.down.tunnelblick.sh: WARNING: No existing OpenVPN DNS configuration found; not tearing down anything; exiting.
2012-08-08 13:35:00 SIGUSR1[soft,ping-restart] received, process restarting
2012-08-08 13:35:00 MANAGEMENT: >STATE:1344447300,RECONNECTING,ping-restart,,
2012-08-08 13:35:00 MANAGEMENT: CMD 'hold release'
2012-08-08 13:35:00 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 13:35:00 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 13:35:00 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 13:35:00 UDPv4 link local: [undef]
2012-08-08 13:35:00 UDPv4 link remote: [AF_INET]95.211.XXX.XX:443
2012-08-08 13:35:00 MANAGEMENT: >STATE:1344447300,WAIT,,,
2012-08-08 13:35:00 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:35:02 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:35:06 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:35:14 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:35:30 MANAGEMENT: >STATE:1344447330,AUTH,,,
2012-08-08 13:35:30 TLS: Initial packet from [AF_INET]95.211.XXX.XX:443, sid=796903c5 8f30e164
2012-08-08 13:35:31 VERIFY OK: depth=1, C=RO, ST=VS, L=Vaslui, O=CactusVPN, CN=CactusVPN CA, emailAddress=ser...@cactusvpn.com
2012-08-08 13:35:31 VERIFY OK: nsCertType=SERVER
2012-08-08 13:35:31 VERIFY OK: depth=0, C=RO, ST=VS, L=Vaslui, O=CactusVPN, CN=server, emailAddress=ser...@cactusvpn.com
2012-08-08 13:35:32 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 13:35:32 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 13:35:32 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 13:35:32 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 13:35:32 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2012-08-08 13:35:32 [server] Peer Connection Initiated with [AF_INET]95.211.XXX.XX:443
2012-08-08 13:35:33 MANAGEMENT: >STATE:1344447333,GET_CONFIG,,,
2012-08-08 13:35:34 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-08-08 13:35:34 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway def1,route-gateway 10.11.0.1,ping 10,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.11.16.33 255.255.0.0'
2012-08-08 13:35:34 OPTIONS IMPORT: timers and/or timeouts modified
2012-08-08 13:35:34 OPTIONS IMPORT: --socket-flags option modified
2012-08-08 13:35:34 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 13:35:34 OPTIONS IMPORT: --ifconfig/up options modified
2012-08-08 13:35:34 OPTIONS IMPORT: route options modified
2012-08-08 13:35:34 OPTIONS IMPORT: route-related options modified
2012-08-08 13:35:34 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2012-08-08 13:35:34 Preserving previous TUN/TAP instance: tap0
2012-08-08 13:35:34 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atADGNWradsgnw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 13:35:37 Initialization Sequence Completed
2012-08-08 13:35:37 MANAGEMENT: >STATE:1344447337,CONNECTED,SUCCESS,10.11.16.33,95.211.XXX.XX
2012-08-08 13:35:40 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 0 seconds to wait for DHCP to finish setup.
2012-08-08 13:35:40 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 1 seconds to wait for DHCP to finish setup.
2012-08-08 13:35:41 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 2 seconds to wait for DHCP to finish setup.
2012-08-08 13:35:43 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 3 seconds to wait for DHCP to finish setup.
2012-08-08 13:35:46 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 4 seconds to wait for DHCP to finish setup.
No Connection even though openvpn says there is one.
CONFIGURATION
client
ping 5
ping-exit 30
dev tap
fast-io
proto udp
remote 95.211.138.75 443
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ca ca.crt
cert cactuspremium.crt
key cactuspremium.key
reneg-sec 0
ns-cert-type server
auth-user-pass
verb 3
Thanks
also, please try an IP address for www.google.com:
Reply all
Reply to author
Forward
0 new messages