I reinstalled Tunnelblick with 3.3beta18 version and openvpn 2.3-alpha1. Connection to the Internet was made, as before, without a problem. Typed in both IP addresses given, verified. But same issues as before. Will not Disconnect after turning Airport OFF, just keeps waiting. Got the warning, “After connecting to server, DNS does not appear to be working. This may mean that your VPN is not configured correctly”. Rebooted the Mac. Problem still there. Waiting, but never disconnects. If I click Disconnect, then turn Airport back ON, and then click Connect, I connect OK, verified.
Discovered that when I turn Airport OFF and Openvpn is waiting, if I 1) quit Firefox, then 2) turn Airport ON and openvpn reconnects automatically (supposedly), 3) when I start Firefox again, it cannot connect to the Internet. Basically when I lose signal, I should not touch Firefox as it will come back on line when the signal is regained. Repeated many times, same results. If I want to quit Firefox, then openvpn must go from Waiting to Disconnect, turn on Airport, Connect OpenVPN, then open Firefox again.
At no time does openvpn Disconnect when there is a loss of signal. Why?
Under Details/Configurations/Setting there are the choices for Alert Sounds when “connection” is made and when “Unexpected disconnection”. These are the alerts I was referencing in my previous email.
Can you repeat this testing using 3.3beta18? It includes more logging so I can see what's happening.
Loading, Authorizing and Connecting with openvpn 2.3-alpha1
2012-08-08 13:32:28 *Tunnelblick: OS X 10.6.8; Tunnelblick 3.3beta18 (build 3081)
2012-08-08 13:32:28 *Tunnelblick: Attempting connection with CactusVPN-NL-Amsterdam; Set nameserver = 1; monitoring connection
2012-08-08 13:32:28 *Tunnelblick: /Applications/Tunnelblick.app/Contents/Resources/openvpnstart start CactusVPN-NL-Amsterdam.ovpn 1337 1 0 0 0 114 -atADGNWradsgnw
2012-08-08 13:32:29 *Tunnelblick: openvpnstart starting OpenVPN:
* /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn --cd /Users/simbafish/Library/Application Support/Tunnelblick/Configurations --daemon --management 127.0.0.1 1337 --config /Users/simbafish/Library/Application Support/Tunnelblick/Configurations/CactusVPN-NL-Amsterdam.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Ssimbafish-SLibrary-SApplication Support-STunnelblick-SConfigurations-SCactusVPN--NL--Amsterdam.ovpn.1_0_0_0_114.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atADGNWradsgnw --down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw --up-restart --route-pre-down /Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw
2012-08-08 13:32:30 *Tunnelblick: openvpnstart message: Loading tap.kext
2012-08-08 13:32:30 OpenVPN 2.3-alpha1 i386-apple-darwin10.8.0 [SSL (OpenSSL)] [LZO2] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110522-1 (2.2.0)] built on Aug 3 2012
2012-08-08 13:32:30 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
2012-08-08 13:32:30 Need hold release from management interface, waiting...
2012-08-08 13:32:30 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
2012-08-08 13:32:30 MANAGEMENT: CMD 'pid'
2012-08-08 13:32:30 MANAGEMENT: CMD 'state on'
2012-08-08 13:32:30 MANAGEMENT: CMD 'state'
2012-08-08 13:32:30 MANAGEMENT: CMD 'bytecount 1'
2012-08-08 13:32:30 MANAGEMENT: CMD 'hold release'
2012-08-08 13:32:30 MANAGEMENT: CMD 'username "Auth" "vrdvocxb"'
2012-08-08 13:32:30 MANAGEMENT: CMD 'password [...]'
2012-08-08 13:32:30 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 13:32:30 WARNING: file 'cactuspremium.key' is group or others accessible
2012-08-08 13:32:30 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 13:32:30 UDPv4 link local: [undef]
2012-08-08 13:32:30 UDPv4 link remote: [AF_INET]95.211.XXX.XX:443
2012-08-08 13:32:30 MANAGEMENT: >STATE:1344447150,WAIT,,,
2012-08-08 13:32:30 MANAGEMENT: >STATE:1344447150,AUTH,,,
2012-08-08 13:32:30 TLS: Initial packet from [AF_INET]95.211.XXX.XX:443, sid=c85aa165 15fc4ec6
2012-08-08 13:32:30 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2012-08-08 13:32:31 VERIFY OK: depth=1, C=RO, ST=VS, L=Vaslui, O=CactusVPN, CN=CactusVPN CA, emailAddress=ser...@cactusvpn.com
2012-08-08 13:32:31 VERIFY OK: nsCertType=SERVER
2012-08-08 13:32:31 VERIFY OK: depth=0, C=RO, ST=VS, L=Vaslui, O=CactusVPN, CN=server, emailAddress=ser...@cactusvpn.com
2012-08-08 13:32:32 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 13:32:32 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 13:32:32 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 13:32:32 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 13:32:32 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2012-08-08 13:32:32 [server] Peer Connection Initiated with [AF_INET]95.211.XXX.XX:443
2012-08-08 13:32:33 MANAGEMENT: >STATE:1344447153,GET_CONFIG,,,
2012-08-08 13:32:34 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-08-08 13:32:34 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway def1,route-gateway 10.11.0.1,ping 10,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.11.16.33 255.255.0.0'
2012-08-08 13:32:34 OPTIONS IMPORT: timers and/or timeouts modified
2012-08-08 13:32:34 OPTIONS IMPORT: --socket-flags option modified
2012-08-08 13:32:34 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 13:32:34 OPTIONS IMPORT: --ifconfig/up options modified
2012-08-08 13:32:34 OPTIONS IMPORT: route options modified
2012-08-08 13:32:34 OPTIONS IMPORT: route-related options modified
2012-08-08 13:32:34 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2012-08-08 13:32:34 ROUTE_GATEWAY 10.0.1.1/255.255.255.0 IFACE=en1 HWADDR=04:1e:64:f0:f9:89
2012-08-08 13:32:34 TUN/TAP device /dev/tap0 opened
2012-08-08 13:32:34 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
2012-08-08 13:32:34 MANAGEMENT: >STATE:1344447154,ASSIGN_IP,,10.11.16.33,
2012-08-08 13:32:34 /sbin/ifconfig tap0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
add net 95.211.XXX.XX: gateway 10.0.1.1
2012-08-08 13:32:39 /sbin/route add -net 0.0.0.0 10.11.0.1 128.0.0.0
2012-08-08 13:32:39 /sbin/route add -net 128.0.0.0 10.11.0.1 128.0.0.0
2012-08-08 13:32:39 Initialization Sequence Completed
2012-08-08 13:32:39 MANAGEMENT: >STATE:1344447159,CONNECTED,SUCCESS,10.11.16.33,95.211.XXX.XX
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Configurations as read back after changes:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/.../DNS = <dictionary> { ServerAddresses : <array> { 8.8.8.8 8.8.4.4 } DomainName : openvpn SearchDomains : <array> { openvpn } }
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/.../SMB = No such key
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Setup:/.../DNS = No such key
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Setup:/.../SMB = No such key
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/Global/DNS = <dictionary> { ServerAddresses : <array> { 8.8.8.8 8.8.4.4 } DomainName : openvpn SearchDomains : <array> { openvpn } }
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/Global/SMB = No such key
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Expected by process-network-changes:
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/OpenVPN/DNS = <dictionary> { ServerAddresses : <array> { 8.8.8.8 8.8.4.4 } DomainName : openvpn SearchDomains : <array> { openvpn } }
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/OpenVPN/SMB = <dictionary> { TunnelblickNoSuchKey : true }
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and SMB configurations for later use
2012-08-08 13:32:39 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor system configuration with leasewatch
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn
--cd
/Users/simbafish/Library/Application Support/Tunnelblick/Configurations
--daemon
--management
127.0.0.1
1337
--config
/Users/simbafish/Library/Application Support/Tunnelblick/Configurations/CactusVPN-NL-Amsterdam.ovpn
--log
/Library/Application Support/Tunnelblick/Logs/-SUsers-Ssimbafish-SLibrary-SApplication Support-STunnelblick-SConfigurations-SCactusVPN--NL--Amsterdam.ovpn.1_0_0_0_114.1337.openvpn.log
--management-query-passwords
--management-hold
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw
--up-restart
--route-pre-down
/Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw
2012-08-08 13:32:30 *Tunnelblick: Established communication with OpenVPN
2012-08-08 13:32:30 *Tunnelblick: Obtained VPN username and password from the Keychain
2012-08-08 13:32:40 *Tunnelblick: Flushed the DNS cache
2012-08-08 13:32:41 *Tunnelblick: This computer's apparent public IP address changed from 71.203.XX.XX before connection to 95.211.XXX.XX after connection
2012-08-08 13:32:49 *Tunnelblick leasewatch: A system configuration change was ignored because it was not relevant
Turn Airport OFF, OpenVPN alert sound, then sits "waiting" for connection. Why does it NEVER Disconnect?
2012-08-08 13:33:49 write UDPv4: No route to host (code=65)
2012-08-08 13:33:49 write UDPv4: No route to host (code=65)
2012-08-08 13:33:49 write UDPv4: No route to host (code=65)
2012-08-08 13:33:49 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:50 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:51 write UDPv4: No route to host (code=65)
2012-08-08 13:33:52 write UDPv4: No route to host (code=65)
2012-08-08 13:33:52 write UDPv4: No route to host (code=65)
2012-08-08 13:33:53 write UDPv4: No route to host (code=65)
2012-08-08 13:33:53 write UDPv4: No route to host (code=65)
2012-08-08 13:33:53 write UDPv4: No route to host (code=65)
2012-08-08 13:33:53 write UDPv4: No route to host (code=65)
2012-08-08 13:33:54 write UDPv4: No route to host (code=65)
2012-08-08 13:33:54 write UDPv4: No route to host (code=65)
2012-08-08 13:33:54 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:55 write UDPv4: No route to host (code=65)
2012-08-08 13:33:56 write UDPv4: No route to host (code=65)
2012-08-08 13:33:56 *Tunnelblick leasewatch: A network configuration change was detected
* DNS configuration has changed:
* --- BEGIN EXPECTED DNS CFG ---
* DomainName : openvpn
* |ServerAddresses : <array> {
* 0 : 8.8.8.8
* 1 : 8.8.4.4
* }
* |SearchDomains : <array> {
* ---- END EXPECTED DNS CFG ----
*
* --- BEGIN CURRENT DNS CFG ---
*
* ---- END CURRENT DNS CFG ----
*
* --- BEGIN PRE-VPN DNS CFG ---
* DomainName : hsd1.fl.comcast.net.
* |ServerAddresses : <array> {
* 0 : 10.0.1.1
* }
* |
* ---- END PRE-VPN DNS CFG ----
* Sending USR1 to OpenVPN (process ID 4344) to restart the connection.
2012-08-08 13:33:57 event_wait : Interrupted system call (code=4)
2012-08-08 13:33:57 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
No such key
No such key
2012-08-08 13:33:58 SIGUSR1[hard,] received, process restarting
2012-08-08 13:33:58 MANAGEMENT: >STATE:1344447238,RECONNECTING,SIGUSR1,,
2012-08-08 13:33:58 MANAGEMENT: CMD 'hold release'
2012-08-08 13:33:58 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 13:33:58 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 13:33:58 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 13:33:58 UDPv4 link local: [undef]
2012-08-08 13:33:58 UDPv4 link remote: [AF_INET]95.211.XXX.XX:443
2012-08-08 13:33:58 MANAGEMENT: >STATE:1344447238,WAIT,,,
2012-08-08 13:33:58 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:33:58 *Tunnelblick client.down.tunnelblick.sh: Cancelled monitoring of system configuration changes
2012-08-08 13:33:58 *Tunnelblick client.down.tunnelblick.sh: DEBUG: Removing 'Setup:' DNS key
2012-08-08 13:33:58 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS and SMB configurations
2012-08-08 13:34:00 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:34:04 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:34:12 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:34:28 write UDPv4: Can't assign requested address (code=49)
Turn Airport ON again
2012-08-08 13:34:58 [UNDEF] Inactivity timeout (--ping-restart), restarting
2012-08-08 13:34:58 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -atADGNWradsgnw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 13:35:00 *Tunnelblick client.down.tunnelblick.sh: WARNING: No existing OpenVPN DNS configuration found; not tearing down anything; exiting.
2012-08-08 13:35:00 SIGUSR1[soft,ping-restart] received, process restarting
2012-08-08 13:35:00 MANAGEMENT: >STATE:1344447300,RECONNECTING,ping-restart,,
2012-08-08 13:35:00 MANAGEMENT: CMD 'hold release'
2012-08-08 13:35:00 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-08-08 13:35:00 Socket Buffers: R=[42080->65536] S=[9216->65536]
2012-08-08 13:35:00 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 13:35:00 UDPv4 link local: [undef]
2012-08-08 13:35:00 UDPv4 link remote: [AF_INET]95.211.XXX.XX:443
2012-08-08 13:35:00 MANAGEMENT: >STATE:1344447300,WAIT,,,
2012-08-08 13:35:00 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:35:02 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:35:06 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:35:14 write UDPv4: Can't assign requested address (code=49)
2012-08-08 13:35:30 MANAGEMENT: >STATE:1344447330,AUTH,,,
2012-08-08 13:35:30 TLS: Initial packet from [AF_INET]95.211.XXX.XX:443, sid=796903c5 8f30e164
2012-08-08 13:35:31 VERIFY OK: depth=1, C=RO, ST=VS, L=Vaslui, O=CactusVPN, CN=CactusVPN CA, emailAddress=ser...@cactusvpn.com
2012-08-08 13:35:31 VERIFY OK: nsCertType=SERVER
2012-08-08 13:35:31 VERIFY OK: depth=0, C=RO, ST=VS, L=Vaslui, O=CactusVPN, CN=server, emailAddress=ser...@cactusvpn.com
2012-08-08 13:35:32 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 13:35:32 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 13:35:32 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-08-08 13:35:32 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-08-08 13:35:32 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2012-08-08 13:35:32 [server] Peer Connection Initiated with [AF_INET]95.211.XXX.XX:443
2012-08-08 13:35:33 MANAGEMENT: >STATE:1344447333,GET_CONFIG,,,
2012-08-08 13:35:34 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-08-08 13:35:34 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway def1,route-gateway 10.11.0.1,ping 10,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.11.16.33 255.255.0.0'
2012-08-08 13:35:34 OPTIONS IMPORT: timers and/or timeouts modified
2012-08-08 13:35:34 OPTIONS IMPORT: --socket-flags option modified
2012-08-08 13:35:34 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2012-08-08 13:35:34 OPTIONS IMPORT: --ifconfig/up options modified
2012-08-08 13:35:34 OPTIONS IMPORT: route options modified
2012-08-08 13:35:34 OPTIONS IMPORT: route-related options modified
2012-08-08 13:35:34 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2012-08-08 13:35:34 Preserving previous TUN/TAP instance: tap0
2012-08-08 13:35:34 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -a -atADGNWradsgnw tap0 1500 1573 10.11.16.33 255.255.0.0 restart
2012-08-08 13:35:37 Initialization Sequence Completed
2012-08-08 13:35:37 MANAGEMENT: >STATE:1344447337,CONNECTED,SUCCESS,10.11.16.33,95.211.XXX.XX
2012-08-08 13:35:40 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 0 seconds to wait for DHCP to finish setup.
2012-08-08 13:35:40 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 1 seconds to wait for DHCP to finish setup.
2012-08-08 13:35:41 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 2 seconds to wait for DHCP to finish setup.
2012-08-08 13:35:43 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 3 seconds to wait for DHCP to finish setup.
2012-08-08 13:35:46 *Tunnelblick client.up.tunnelblick.sh: Sleeping for 4 seconds to wait for DHCP to finish setup.
No Connection even though openvpn says there is one.
CONFIGURATION
client
ping 5
ping-exit 30
dev tap
fast-io
proto udp
remote 95.211.138.75 443
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ca ca.crt
cert cactuspremium.crt
key cactuspremium.key
reneg-sec 0
ns-cert-type server
auth-user-pass
verb 3
Thanks