Hello
Thanks for your reply.
here is the data:
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Windows adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote
anon.xxx.org 1194
;remote my-server-2 1194
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca ca.crt
cert anon.crt
key anon_enc.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
#
http://openvpn.net/howto.html#mitm#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
;ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
2013-11-17 15:20:32 *Tunnelblick: OS X 10.9.0; Tunnelblick 3.4beta14 (build 3649)
2013-11-17 15:20:32 *Tunnelblick: Attempting connection with yyyy using shadow copy; Set nameserver = 1; monitoring connection
2013-11-17 15:20:32 *Tunnelblick: openvpnstart start yyyy.tblk 1337 1 0 1 0 305 -ptADGNWradsgnw 2.2.1
2013-11-17 15:20:33 *Tunnelblick: openvpnstart log:
Loading tun-signed.kext
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn
--cd
/Library/Application Support/Tunnelblick/Users/hox/yyyy.tblk/Contents/Resources
--daemon
--management
127.0.0.1
1337
--config
/Library/Application Support/Tunnelblick/Users/hox/yyyy.tblk/Contents/Resources/config.ovpn
--log
/Library/Application Support/Tunnelblick/Logs/-SUsers-Shox-SLibrary-SApplication Support-STunnelblick-SConfigurations-Syyyy.tblk-SContents-SResources-Sconfig.ovpn.1_0_1_0_305.1337.openvpn.log
--management-query-passwords
--management-hold
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/
client.up.tunnelblick.sh -m -w -d -f -ptADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/
client.down.tunnelblick.sh -m -w -d -f -ptADGNWradsgnw
--up-restart
2013-11-17 15:20:32 *Tunnelblick: openvpnstart starting OpenVPN:
* /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn --cd /Library/Application Support/Tunnelblick/Users/hox/yyyy.tblk/Contents/Resources --daemon --management 127.0.0.1 1337 --config /Library/Application Support/Tunnelblick/Users/hox/yyyy.tblk/Contents/Resources/config.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Shox-SLibrary-SApplication Support-STunnelblick-SConfigurations-Syyyy.tblk-SContents-SResources-Sconfig.ovpn.1_0_1_0_305.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Tunnelblick.app/Contents/Resources/
client.up.tunnelblick.sh -m -w -d -f -ptADGNWradsgnw --down /Applications/Tunnelblick.app/Contents/Resources/
client.down.tunnelblick.sh -m -w -d -f -ptADGNWradsgnw --up-restart
2013-11-17 15:20:33 *Tunnelblick: Established communication with OpenVPN
2013-11-17 15:20:33 OpenVPN 2.2.1 i386-apple-darwin10.8.0 [SSL] [LZO2] [PKCS11] [eurephia] built on Oct 25 2013
2013-11-17 15:20:33 MANAGEMENT: TCP Socket listening on
127.0.0.1:13372013-11-17 15:20:33 Need hold release from management interface, waiting...
2013-11-17 15:20:33 MANAGEMENT: Client connected from
127.0.0.1:13372013-11-17 15:20:33 MANAGEMENT: CMD 'pid'
2013-11-17 15:20:33 MANAGEMENT: CMD 'state on'
2013-11-17 15:20:33 MANAGEMENT: CMD 'state'
2013-11-17 15:20:33 MANAGEMENT: CMD 'bytecount 1'
2013-11-17 15:20:33 MANAGEMENT: CMD 'hold release'
2013-11-17 15:20:33 WARNING: No server certificate verification method has been enabled. See
http://openvpn.net/howto.html#mitm for more info.
2013-11-17 15:20:33 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2013-11-17 15:20:33 *Tunnelblick: Obtained VPN passphrase from the Keychain
2013-11-17 15:20:33 MANAGEMENT: CMD 'password [...]'
2013-11-17 15:20:33 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2013-11-17 15:20:33 LZO compression initialized
2013-11-17 15:20:33 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
2013-11-17 15:20:33 Socket Buffers: R=[196724->65536] S=[9216->65536]
2013-11-17 15:20:33 MANAGEMENT: >STATE:1384698033,RESOLVE,,,
2013-11-17 15:20:34 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
2013-11-17 15:20:34 Local Options hash (VER=V4): '41690919'
2013-11-17 15:20:34 Expected Remote Options hash (VER=V4): '530fdded'
2013-11-17 15:20:34 UDPv4 link local: [undef]
2013-11-17 15:20:34 UDPv4 link remote: x.x.x.x:1194
2013-11-17 15:20:34 MANAGEMENT: >STATE:1384698034,WAIT,,,
2013-11-17 15:20:34 MANAGEMENT: >STATE:1384698034,AUTH,,,
2013-11-17 15:20:34 TLS: Initial packet from x.x.x.x:1194, sid=06f89532 a60a944e
2013-11-17 15:20:37 VERIFY OK: depth=1, /CN=ca-yyyy
2013-11-17 15:20:37 VERIFY OK: depth=0, /CN=
yyyy.dyndns.org2013-11-17 15:20:42 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2013-11-17 15:20:42 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2013-11-17 15:20:42 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2013-11-17 15:20:42 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2013-11-17 15:20:42 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA
2013-11-17 15:20:42 [
yyyy.dyndns.org] Peer Connection Initiated with x.x.x.x:1194
2013-11-17 15:20:44 MANAGEMENT: >STATE:1384698044,GET_CONFIG,,,
2013-11-17 15:20:45 SENT CONTROL [
yyyy.dyndns.org]: 'PUSH_REQUEST' (status=1)
2013-11-17 15:20:45 PUSH: Received control message: 'PUSH_REPLY,route 192.168.3.0 255.255.255.0,dhcp-option DNS 192.168.3.1,redirect-gateway def1,route 10.8.0.1,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5'
2013-11-17 15:20:45 OPTIONS IMPORT: timers and/or timeouts modified
2013-11-17 15:20:45 OPTIONS IMPORT: --ifconfig/up options modified
2013-11-17 15:20:45 OPTIONS IMPORT: route options modified
2013-11-17 15:20:45 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2013-11-17 15:20:45 ROUTE default_gateway=192.168.1.1
2013-11-17 15:20:45 TUN/TAP device /dev/tun0 opened
2013-11-17 15:20:45 MANAGEMENT: >STATE:1384698045,ASSIGN_IP,,10.8.0.6,
2013-11-17 15:20:45 /sbin/ifconfig tun0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2013-11-17 15:20:45 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2013-11-17 15:20:45 /sbin/ifconfig tun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up
2013-11-17 15:20:45 /Applications/Tunnelblick.app/Contents/Resources/
client.up.tunnelblick.sh -m -w -d -f -ptADGNWradsgnw tun0 1500 1542 10.8.0.6 10.8.0.5 init
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: Retrieved from OpenVPN: name server(s) [ 192.168.3.1 ], search domain(s) [ ] and SMB server(s) [ ] and using default domain name [ openvpn ]
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: MAN_DNS_CONFIG = No such key
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: MAN_SMB_CONFIG = No such key
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: CUR_DNS_CONFIG = <dictionary> { ServerAddresses : <array> { 192.168.1.1 } }
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: CUR_SMB_CONFIG = No such key
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: DYN_DNS_DN = openvpn; DYN_DNS_SA = 192.168.3.1; DYN_DNS_SD =
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: DYN_SMB_NN = ; DYN_SMB_WG = ; DYN_SMB_WA =
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: MAN_DNS_DN = ; MAN_DNS_SA = ; MAN_DNS_SD =
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: MAN_SMB_NN = ; MAN_SMB_WG = ; MAN_SMB_WA =
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: CUR_DNS_DN = ; CUR_DNS_SA = 192.168.1.1; CUR_DNS_SD =
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: CUR_SMB_NN = ; CUR_SMB_WG = ; CUR_SMB_WA =
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: ServerAddresses were not aggregated because running on OS X 10.6 or higher
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: Setting search domains to 'openvpn' because running under OS X 10.6 or higher and the search domains were not set manually and 'Prepend domain name to search domains' was not selected
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: FIN_DNS_DN = openvpn; FIN_DNS_SA = 192.168.3.1; FIN_DNS_SD = openvpn
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: FIN_SMB_NN = ; FIN_SMB_WG = ; FIN_SMB_WA =
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: OS X 10.8 or higher, so will modify DNS settings using Setup: in addition to State:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: SKP_DNS = ; SKP_DNS_SA = ; SKP_DNS_SD = ; SKP_DNS_DN =
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: SKP_SETUP_DNS =
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: SKP_SMB = #; SKP_SMB_NN = #; SKP_SMB_WG = #; SKP_SMB_WA = #
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: /etc/resolve = nameserver 192.168.1.1
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: scutil --dns BEFORE CHANGES = DNS configuration resolver #1 nameserver[0] : 192.168.1.1 if_index : 4 (en0) flags : Request A records reach : Reachable,Directly Reachable Address resolver #2 domain : local options : mdns timeout : 5 flags : Request A records order : 300000 resolver #3 domain : 254.169.in-addr.arpa options : mdns timeout : 5 flags : Request A records order : 300200 resolver #4 domain : 8.e.f.ip6.arpa options : mdns timeout : 5 flags : Request A records order : 300400 resolver #5 domain : 9.e.f.ip6.arpa options : mdns timeout : 5 flags : Request A records order : 300600 resolver #6 domain : a.e.f.ip6.arpa options : mdns timeout : 5 flags : Request A records order : 300800 resolver #7 domain : b.e.f.ip6.arpa options : mdns timeout : 5 flags : Request A records order : 301000 DNS configuration (for scoped queries) resolver #1 nameserver[0] : 192.168.1.1 if_index : 4 (en0) flags : Scoped, Request A records reach : Reachable,Directly Reachable Address
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: Configuration changes:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: ADD State: ServerAddresses 192.168.3.1
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: ADD State: SearchDomains openvpn
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: ADD State: DomainName openvpn
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: ADD Setup: ServerAddresses 192.168.3.1
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: ADD Setup: SearchDomains openvpn
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: ADD Setup: DomainName openvpn
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: ##ADD State: NetBIOSName
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: ##ADD State: Workgroup
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: ##ADD State: WINSAddresses
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:47 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: Pause for configuration changes to be propagated to State:/Network/Global/DNS and .../SMB
2013-11-17 15:20:48 /sbin/route add -net x.x.x.x 192.168.1.1 255.255.255.255
add net x.x.x.x: gateway 192.168.1.1
2013-11-17 15:20:48 /sbin/route add -net 0.0.0.0 10.8.0.5 128.0.0.0
add net
0.0.0.0: gateway 10.8.0.5
2013-11-17 15:20:48 /sbin/route add -net 128.0.0.0 10.8.0.5 128.0.0.0
add net
128.0.0.0: gateway 10.8.0.5
2013-11-17 15:20:48 MANAGEMENT: >STATE:1384698048,ADD_ROUTES,,,
2013-11-17 15:20:48 /sbin/route add -net 192.168.3.0 10.8.0.5 255.255.255.0
add net
192.168.3.0: gateway 10.8.0.5
2013-11-17 15:20:48 /sbin/route add -net 10.8.0.1 10.8.0.5 255.255.255.255
add net
10.8.0.1: gateway 10.8.0.5
2013-11-17 15:20:48 Initialization Sequence Completed
2013-11-17 15:20:48 MANAGEMENT: >STATE:1384698048,CONNECTED,SUCCESS,10.8.0.6,x.x.x.x
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: Configurations as read back after changes:
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: State:/.../DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 192.168.3.1 } }
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: State:/.../SMB = No such key
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: Setup:/.../DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 192.168.3.1 } }
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: Setup:/.../SMB = No such key
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: State:/Network/Global/DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 192.168.3.1 } }
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: State:/Network/Global/SMB = No such key
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: Expected by process-network-changes:
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: State:/Network/OpenVPN/DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 192.168.3.1 } }
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: State:/Network/OpenVPN/SMB = <dictionary> { TunnelblickNoSuchKey : true }
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: /etc/resolve = search openvpn nameserver 192.168.3.1
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG: scutil --dns AFTER CHANGES = DNS configuration resolver #1 search domain[0] : openvpn nameserver[0] : 192.168.3.1 flags : Request A records reach : Reachable resolver #2 domain : local options : mdns timeout : 5 flags : Request A records order : 300000 resolver #3 domain : 254.169.in-addr.arpa options : mdns timeout : 5 flags : Request A records order : 300200 resolver #4 domain : 8.e.f.ip6.arpa options : mdns timeout : 5 flags : Request A records order : 300400 resolver #5 domain : 9.e.f.ip6.arpa options : mdns timeout : 5 flags : Request A records order : 300600 resolver #6 domain : a.e.f.ip6.arpa options : mdns timeout : 5 flags : Request A records order : 300800 resolver #7 domain : b.e.f.ip6.arpa options : mdns timeout : 5 flags : Request A records order : 301000 DNS configuration (for scoped queries) resolver #1 search domain[0] : openvpn nameserver[0] : 192.168.3.1 if_index : 4 (en0) flags : Scoped, Request A records reach : Reachable
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: DEBUG:
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: Saved the DNS and SMB configurations for later use
2013-11-17 15:20:48 *Tunnelblick: No 'connected.sh' script to execute
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: Flushed the DNS Cache
2013-11-17 15:20:48 *Tunnelblick
client.up.tunnelblick.sh: Set up to monitor system configuration with process-network-changes
2013-11-17 15:20:53 *Tunnelblick process-network-changes: A system configuration change was ignored
2013-11-17 15:20:54 *Tunnelblick: This computer's apparent public IP address changed from y.y.y.y before connection to x.x.x.x after connection
2013-11-17 15:21:01 *Tunnelblick: Disconnecting; 'disconnect' button pressed
2013-11-17 15:21:01 *Tunnelblick: Disconnecting using 'killall'
2013-11-17 15:21:01 event_wait : Interrupted system call (code=4)
2013-11-17 15:21:01 TCP/UDP: Closing socket
2013-11-17 15:21:01 /sbin/route delete -net 10.8.0.1 10.8.0.5 255.255.255.255
delete net
10.8.0.1: gateway 10.8.0.5
2013-11-17 15:21:01 /sbin/route delete -net 192.168.3.0 10.8.0.5 255.255.255.0
delete net
192.168.3.0: gateway 10.8.0.5
2013-11-17 15:21:01 /sbin/route delete -net x.x.x.x 192.168.1.1 255.255.255.255
delete net x.x.x.x: gateway 192.168.1.1
2013-11-17 15:21:01 /sbin/route delete -net 0.0.0.0 10.8.0.5 128.0.0.0
delete net
0.0.0.0: gateway 10.8.0.5
2013-11-17 15:21:01 /sbin/route delete -net 128.0.0.0 10.8.0.5 128.0.0.0
delete net
128.0.0.0: gateway 10.8.0.5
2013-11-17 15:21:01 Closing TUN/TAP interface
2013-11-17 15:21:01 /Applications/Tunnelblick.app/Contents/Resources/
client.down.tunnelblick.sh -m -w -d -f -ptADGNWradsgnw tun0 1500 1542 10.8.0.6 10.8.0.5 init
2013-11-17 15:21:01 *Tunnelblick
client.down.tunnelblick.sh: Cancelled monitoring of system configuration changes
2013-11-17 15:21:01 *Tunnelblick
client.down.tunnelblick.sh: DEBUG: Removing 'Setup:' DNS key
No such key
2013-11-17 15:21:01 SIGTERM[hard,] received, process exiting
2013-11-17 15:21:01 MANAGEMENT: >STATE:1384698061,EXITING,SIGTERM,,
2013-11-17 15:21:01 *Tunnelblick
client.down.tunnelblick.sh: Restored the DNS and SMB configurations
2013-11-17 15:21:01 *Tunnelblick
client.down.tunnelblick.sh: DEBUG:
2013-11-17 15:21:01 *Tunnelblick
client.down.tunnelblick.sh: DEBUG: /etc/resolve = nameserver 192.168.1.1
2013-11-17 15:21:01 *Tunnelblick
client.down.tunnelblick.sh: DEBUG:
2013-11-17 15:21:01 *Tunnelblick
client.down.tunnelblick.sh: DEBUG: scutil --dns = DNS configuration resolver #1 nameserver[0] : 192.168.1.1 if_index : 4 (en0) flags : Request A records reach : Reachable,Directly Reachable Address resolver #2 domain : local options : mdns timeout : 5 flags : Request A records order : 300000 resolver #3 domain : 254.169.in-addr.arpa options : mdns timeout : 5 flags : Request A records order : 300200 resolver #4 domain : 8.e.f.ip6.arpa options : mdns timeout : 5 flags : Request A records order : 300400 resolver #5 domain : 9.e.f.ip6.arpa options : mdns timeout : 5 flags : Request A records order : 300600 resolver #6 domain : a.e.f.ip6.arpa options : mdns timeout : 5 flags : Request A records order : 300800 resolver #7 domain : b.e.f.ip6.arpa options : mdns timeout : 5 flags : Request A records order : 301000 DNS configuration (for scoped queries) resolver #1 nameserver[0] : 192.168.1.1 if_index : 4 (en0) flags : Scoped, Request A records reach : Reachable,Directly Reachable Address
2013-11-17 15:21:01 *Tunnelblick
client.down.tunnelblick.sh: DEBUG:
2013-11-17 15:21:01 *Tunnelblick
client.down.tunnelblick.sh: Flushed the DNS Cache
2013-11-17 15:21:02 *Tunnelblick: No 'post-disconnect.sh' script to execute
Nov 17 15:19:59 mysterian Tunnelblick[381]: Warning: Preferences contain unknown preference '*-notOKToCheckThatIPAddressDidNotChangeAfterConnection'
Nov 17 15:20:02 mysterian Tunnelblick[381]: Set program update feedURL to
https://www.tunnelblick.net/appcast-b.rssNov 17 15:20:02 mysterian Tunnelblick[381]: DEBUG: Updater: systemVersion 10.9.0 satisfies minimumSystemVersion 10.4.0
Nov 17 15:20:33 mysterian Tunnelblick[381]: Keychain item retrieved successfully for service = 'Tunnelblick-Auth-anon' account = 'privateKey'
Thanks for also considering what I wrote in my first post!
Somehow Tunnelblick thinks that "openvpn" would be my Domain name.
Why does it believe that? Does it take that from the server's certificate?
How can I configure Tunnelblick, such that it does only assign a DNS but without a search domain?
Thanks for any hints on that!