Tunnelblick appears to be using a cached DNS entry to try and connect to my home VPN server as even though I'm using the same Dynamic DNS name that resolves correctly with DIG commands, Tunnelblick tries to connect to a very old, potentially cached IP address, that isn't mine any more. I've looked at every setting in Tunnelblick and can't find anything that would be causing this for the past year or so (trying the various new releases of Tunnelblick along the way). I can connect just fine if I manually change my VPN file to use my current dynamic IP address for home, which is resolving properly as well, as confirmed by Dig.
I have also tried uninstalling and reinstalling Tunnelblick to no avail as well.
Thanks in advance for any help that you can provide and below is a current diagnostics log (from the current version), as requested.
Stach
*Tunnelblick: OS X 10.13.5; Tunnelblick 3.7.6 (build 5060); prior version 3.7.5a (build 5011); Admin user
git commit 97cf07d5d8675473cd114a94759b495fcef9b2ad
Configuration NewHome-Full-443T
"Sanitized" condensed configuration file for /Library/Application Support/Tunnelblick/Shared/NewHome-Full-443T.tblk:
client
dev tun
proto tcp-client
float
ncp-ciphers AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CBC
cipher AES-128-CBC
comp-lzo adaptive
keepalive 15 60
remote-cert-tls server
<ca>
[Security-related line(s) omitted]
</ca>
<cert>
[Security-related line(s) omitted]
</cert>
<key>
[Security-related line(s) omitted]
</key>
resolv-retry infinite
nobind
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
80 0 0xffffff7f80cbb000 0x7000 0x7000 com.joshuawise.kexts.HoRNDIS (6) 2FF769BE-1667-3CE2-A8AE-C9D86BAF30D4 <52 15 5 4 3 1>
89 0 0xffffff7f80eac000 0x7000 0x7000 com.sony.driver.dsccamDeviceInfo00 (1) 1C4F8BAF-0AB0-35A4-8ED2-168DF963273C <27 26 25 4 3>
151 3 0xffffff7f85c16000 0x64000 0x64000 org.virtualbox.kext.VBoxDrv (5.2.8) E68480EC-6423-30BA-9728-D1B0B5D606FE <7 5 4 3 1>
159 0 0xffffff7f85c7a000 0x8000 0x8000 org.virtualbox.kext.VBoxUSB (5.2.8) 6D97A7F9-6650-3AF5-9477-144D758EB0F0 <158 151 52 7 5 4 3 1>
160 0 0xffffff7f85c82000 0x5000 0x5000 org.virtualbox.kext.VBoxNetFlt (5.2.8) 324CE487-51AE-38A0-AED2-8F8DED2CFD8F <151 7 5 4 3 1>
161 0 0xffffff7f85c87000 0x6000 0x6000 org.virtualbox.kext.VBoxNetAdp (5.2.8) 85257673-062A-35FB-9221-8AB980E0CE5A <151 5 4 1>
================================================================================
There are no unusual files in NewHome-Full-443T.tblk
================================================================================
Configuration preferences:
-skipWarningThatMayNotConnectInFutureBecauseOfOpenVPNOptions = 1
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
-lastConnectionSucceeded = 0
================================================================================
Wildcard preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
================================================================================
Program preferences:
skipWarningAboutUnavailableOpenvpnVersions = 1
launchAtNextLogin = 1
notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
tunnelblickVersionHistory = (
"3.7.6 (build 5060)",
"3.7.5a (build 5011)",
"3.7.5 (build 5010)",
"3.7.5beta08 (build 5003)",
"3.7.1b (build 4813)",
"3.7.5beta08 (build 5003)",
"3.7.4b (build 4921)",
"3.7.4 (build 4900)",
"3.7.3 (build 4880)",
"3.7.2 (build 4850)"
)
statusDisplayNumber = 0
lastLaunchTime = 550328256.003153
lastLanguageAtLaunchWasRTL = 0
connectionWindowDisplayCriteria = showWhenConnecting
maxLogDisplaySize = 102400
lastConnectedDisplayName = NewHome-Full-443T
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
NSWindow Frame SettingsSheetWindow = 831 141 829 524 0 0 1680 1027
NSWindow Frame ConnectingWindow = 645 630 389 187 0 0 1680 1027
NSWindow Frame SUUpdateAlert = 530 476 620 392 0 0 1680 1027
NSWindow Frame ListingWindow = 428 144 500 422 0 0 1680 1027
detailsWindowFrameVersion = 5011
detailsWindowFrame = {{379, 420}, {920, 468}}
detailsWindowLeftFrame = {{0, 0}, {165, 350}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = log
leftNavSelectedDisplayName = NewHome-Full-443T
AdvancedWindowTabIdentifier = connectingAndDisconnecting
haveDealtWithOldTunTapPreferences = 1
haveDealtWithOldLoginItem = 1
haveDealtWithAfterDisconnect = 1
SUEnableAutomaticChecks = 1
SUScheduledCheckInterval = 86400
SUSendProfileInfo = 0
SULastCheckTime = 2018-06-10 12:57:36 +0000
SUHasLaunchedBefore = 1
WebKitDefaultFontSize = 11
WebKitStandardFont = .AppleSystemUIFont
userAgreementVersionAgreedTo = 1
askedUserIfOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
haveDealtWithSparkle1dot5b6 = 1
tunnelblickdHash = 004cdba8e08abd144bc48409040bc80e29c12ee9741ed7d73754f51d2547f7ea
tunnelblickdPlistHash = ce400d395d1801b003398461b5420021f4d591822783a04b79b2f43956d28620
updateSendProfileInfo = 0
================================================================================
Tunnelblick Log:
*Tunnelblick: OS X 10.13.5; Tunnelblick 3.7.6 (build 5060); prior version 3.7.5a (build 5011)
2018-06-10 08:37:23 *Tunnelblick: Attempting connection with NewHome-Full-443T; Set nameserver = 769; monitoring connection
2018-06-10 08:37:23 *Tunnelblick: openvpnstart start NewHome-Full-443T.tblk 58772 769 0 3 0 1065264 -ptADGNWradsgnw 2.4.6-openssl-1.0.2o
2018-06-10 08:37:23 *Tunnelblick: openvpnstart log:
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.4.6-openssl-1.0.2o/openvpn
--daemon
--log
/Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-SNewHome--Full--443T.tblk-SContents-SResources-Sconfig.ovpn.769_0_3_0_1065264.58772.openvpn.log
--cd
/Library/Application Support/Tunnelblick/Shared/NewHome-Full-443T.tblk/Contents/Resources
--setenv
IV_GUI_VER
"net.tunnelblick.tunnelblick 5060 3.7.6 (build 5060)"
--verb
3
--config
/Library/Application Support/Tunnelblick/Shared/NewHome-Full-443T.tblk/Contents/Resources/config.ovpn
--verb
3
--cd
/Library/Application Support/Tunnelblick/Shared/NewHome-Full-443T.tblk/Contents/Resources
--management
127.0.0.1
58772
/Library/Application Support/Tunnelblick/kidlmeeapfmdookhkhbajggdpjcdjedddcfaiach.mip
--management-query-passwords
--management-hold
--script-security
2
--up
--down
2018-06-10 08:37:23 *Tunnelblick: Established communication with OpenVPN
2018-06-10 08:37:23 OpenVPN 2.4.6 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Jun 9 2018
2018-06-10 08:37:23 library versions: OpenSSL 1.0.2o 27 Mar 2018, LZO 2.10
2018-06-10 08:37:23 MANAGEMENT: TCP Socket listening on [AF_INET]
127.0.0.1:587722018-06-10 08:37:23 Need hold release from management interface, waiting...
2018-06-10 08:37:23 MANAGEMENT: Client connected from [AF_INET]
127.0.0.1:587722018-06-10 08:37:23 MANAGEMENT: CMD 'pid'
2018-06-10 08:37:23 MANAGEMENT: CMD 'state on'
2018-06-10 08:37:23 MANAGEMENT: CMD 'state'
2018-06-10 08:37:23 MANAGEMENT: CMD 'bytecount 1'
2018-06-10 08:37:23 MANAGEMENT: CMD 'hold release'
2018-06-10 08:37:23 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-06-10 08:37:23 MANAGEMENT: >STATE:1528637843,RESOLVE,,,,,,
2018-06-10 08:37:23 TCP/UDP: Preserving recently used remote address: [AF_INET]
75.100.85.217:4432018-06-10 08:37:23 Socket Buffers: R=[131072->131072] S=[131072->131072]
2018-06-10 08:37:23 Attempting to establish TCP connection with [AF_INET]
75.100.85.217:443 [nonblock]
2018-06-10 08:37:23 MANAGEMENT: >STATE:1528637843,TCP_CONNECT,,,,,,
2018-06-10 08:37:23 *Tunnelblick: openvpnstart starting OpenVPN
================================================================================
"Sanitized" full configuration file
client
dev tun
proto tcp-client
float
ncp-ciphers AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CBC
cipher AES-128-CBC
comp-lzo adaptive
keepalive 15 60
remote-cert-tls server
<ca>
[Security-related line(s) omitted]
</ca>
<cert>
[Security-related line(s) omitted]
</cert>
<key>
[Security-related line(s) omitted]
</key>
resolv-retry infinite
nobind
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
XHC20: flags=0<> mtu 0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 34:36:3b:d2:0b:0e
inet6 fe80::b0:2430:eb0c:bb12%en0 prefixlen 64 secured scopeid 0x5
inet 192.168.23.110 netmask 0xffffff00 broadcast 192.168.23.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether 06:36:3b:d2:0b:0e
media: autoselect
status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
ether 02:2d:84:c0:56:d4
inet6 fe80::2d:84ff:fec0:56d4%awdl0 prefixlen 64 scopeid 0x7
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether 72:00:07:33:49:20
media: autoselect <full-duplex>
status: inactive
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether 72:00:07:33:49:21
media: autoselect <full-duplex>
status: inactive
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether 72:00:07:33:49:20
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x2
member: en1 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 8 priority 0 path cost 0
member: en2 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 9 priority 0 path cost 0
nd6 options=201<PERFORMNUD,DAD>
media: <unknown type>
status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
inet6 fe80::152:aa91:b4a5:51d4%utun0 prefixlen 64 scopeid 0xb
nd6 options=201<PERFORMNUD,DAD>
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::4142:d59e:167f:6ca4%utun1 prefixlen 64 scopeid 0xc
nd6 options=201<PERFORMNUD,DAD>
utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::38b5:a652:c6a4:20a6%utun2 prefixlen 64 scopeid 0xd
nd6 options=201<PERFORMNUD,DAD>
utun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::669a:73c0:3a98:5fc5%utun3 prefixlen 64 scopeid 0xe
nd6 options=201<PERFORMNUD,DAD>
================================================================================
Console Log:
2018-06-10 07:56:56 Tunnelblick[15687] Tunnelblick: OS X 10.13.5; Tunnelblick 3.7.5a (build 5011)
2018-06-10 07:56:57 Tunnelblick[15687] Sparkle: ===== Tunnelblick =====
2018-06-10 07:56:57 Tunnelblick[15687] Sparkle: Verified appcast signature
2018-06-10 07:57:20 Tunnelblick[15687] Sparkle: Extracting using '/usr/bin/ditto' '-x' '-k' '-' < '/Users/Stach/Library/Caches/net.tunnelblick.tunnelblick/org.sparkle-project.Sparkle/Tunnelblick 5060/Tunnelblick_3.7.6_build_5060.zip' '/Users/Stach/Library/Caches/net.tunnelblick.tunnelblick/org.sparkle-project.Sparkle/Tunnelblick 5060'
2018-06-10 07:57:21 Tunnelblick[15687] updater:willInstallUpdate: Starting cleanup.
2018-06-10 07:57:22 Tunnelblick[15687] updater:willInstallUpdate: Cleanup finished.
2018-06-10 07:57:22 Tunnelblick[15687] applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes
2018-06-10 07:57:22 Tunnelblick[15687] pthread_mutex_trylock( &cleanupMutex ) failed; status = 16, errno = 9
2018-06-10 07:57:22 Tunnelblick[15687] pthread_mutex_trylock( &cleanupMutex ) failed is normal and expected when Tunnelblick is updated
2018-06-10 07:57:22 Tunnelblick[15687] Finished shutting down Tunnelblick; allowing termination
2018-06-10 07:57:26 Tunnelblick[15712] Tunnelblick: OS X 10.13.5; Tunnelblick 3.7.6 (build 5060)
2018-06-10 07:57:27 Tunnelblick[15712] Need to replace and/or reload 'tunnelblickd':
daemonHashesMatch = NO
plistHashesMatch = YES
activePlistMatches = YES
2018-06-10 07:57:34 Tunnelblick[15712] Tunnelblick needs to:
• Complete the update
2018-06-10 07:57:34 Tunnelblick[15712] Beginning installation or repair
2018-06-10 07:57:35 Tunnelblick[15712] Installation or repair succeeded; Log:
Tunnelblick installer started 2018-06-10 07:57:35. 1 arguments: 0x0101
Replaced /Library/LaunchDaemons/net.tunnelblick.tunnelblick.tunnelblickd.plist
Used launchctl to load tunnelblickd
Tunnelblick installer finished without error
2018-06-10 07:57:36 Tunnelblick[15712] Sparkle: ===== Tunnelblick =====
2018-06-10 07:57:36 Tunnelblick[15712] Sparkle: Verified appcast signature
2018-06-10 07:58:26 Tunnelblick[15712] Set 'expect disconnect' flag
2018-06-10 08:36:34 Tunnelblick[15712] Tunnelblick needs to perform an action that requires a computer administrator's authorization.
2018-06-10 08:36:34 Tunnelblick[15712] Beginning installation or repair
2018-06-10 08:36:34 Tunnelblick[15712] Installation or repair succeeded; Log:
Tunnelblick installer started 2018-06-10 08:36:34. 2 arguments: 0x2001
/Users/Stach/Library/Application Support/Tunnelblick/Configurations/NewHome-Full-443T.tblk
removed /Users/Stach/Library/Application Support/Tunnelblick/Configurations/NewHome-Full-443T.tblk
removed /Library/Application Support/Tunnelblick/Users/Stach/NewHome-Full-443T.tblk
Tunnelblick installer finished without error
2018-06-10 08:36:34 Tunnelblick[15712] Uninstalled configuration file /Users/Stach/Library/Application Support/Tunnelblick/Configurations/NewHome-Full-443T.tblk
2018-06-10 08:36:34 Tunnelblick[15712] localNameFromDisplayName: 'NewHome-Full-443T' is not a known displayName
2018-06-10 08:36:35 Tunnelblick[15712] Configuration Home-Full-Fast will use OpenVPN 2.4.6 - OpenSSL v1.0.2o instead of 2.4.4 - OpenSSL v1.0.2n
2018-06-10 08:36:35 Tunnelblick[15712] localNameFromDisplayName: 'NewHome-Full-443T' is not a known displayName
2018-06-10 08:36:35 Tunnelblick[15712] Configuration Home-Full-Fast will use OpenVPN 2.4.6 - OpenSSL v1.0.2o instead of 2.4.4 - OpenSSL v1.0.2n
2018-06-10 08:36:35 Tunnelblick[15712] localNameFromDisplayName: 'NewHome-Full-443T' is not a known displayName
2018-06-10 08:36:35 Tunnelblick[15712] localNameFromDisplayName: 'NewHome-Full-443T' is not a known displayName
2018-06-10 08:36:35 Tunnelblick[15712] localNameFromDisplayName: 'NewHome-Full-443T' is not a known displayName
2018-06-10 08:36:35 Tunnelblick[15712] Configuration Home-Full-Fast will use OpenVPN 2.4.6 - OpenSSL v1.0.2o instead of 2.4.4 - OpenSSL v1.0.2n
2018-06-10 08:36:35 Tunnelblick[15712] Configuration Home-Full-Fast will use OpenVPN 2.4.6 - OpenSSL v1.0.2o instead of 2.4.4 - OpenSSL v1.0.2n
2018-06-10 08:36:35 Tunnelblick[15712] localNameFromDisplayName: 'NewHome-Full-443T' is not a known displayName
2018-06-10 08:36:35 Tunnelblick[15712] localNameFromDisplayName: 'NewHome-Full-443T' is not a known displayName
2018-06-10 08:37:10 Tunnelblick[15712] Converting/Installing /Users/Shared/Downloads/Hardware/Networking/OpenVPN Client Configuration/Home-Full-443T/NewHome-Full-443T.ovpn: One or more CR characters have been removed or replaced with LF characters
2018-06-10 08:37:10 Tunnelblick[15712] Converting/Installing /Users/Shared/Downloads/Hardware/Networking/OpenVPN Client Configuration/Home-Full-443T/NewHome-Full-443T.ovpn: One or more CR characters have been removed or replaced with LF characters
2018-06-10 08:37:10 Tunnelblick[15712] Converting/Installing /Users/Shared/Downloads/Hardware/Networking/OpenVPN Client Configuration/Home-Full-443T/NewHome-Full-443T.ovpn: Converted OpenVPN configuration
2018-06-10 08:37:10 Tunnelblick[15712] Configuration Home-Full-Fast will use OpenVPN 2.4.6 - OpenSSL v1.0.2o instead of 2.4.4 - OpenSSL v1.0.2n
2018-06-10 08:37:14 Tunnelblick[15712] localNameFromDisplayName: 'NewHome-Full-443T' is not a known displayName
2018-06-10 08:37:14 Tunnelblick[15712] Tunnelblick needs to perform an action that requires a computer administrator's authorization.
2018-06-10 08:37:14 Tunnelblick[15712] Beginning installation or repair
2018-06-10 08:37:14 Tunnelblick[15712] Installation or repair succeeded; Log:
Tunnelblick installer started 2018-06-10 08:37:14. 3 arguments: 0x0001
/Library/Application Support/Tunnelblick/Shared/NewHome-Full-443T.tblk
/private/var/folders/q7/zqrj9n8x5xgcsrjwyzr5qzkm0000gp/T/Tunnelblick-sGqR6Y/NewHome-Full-443T.tblk
Copied /private/var/folders/q7/zqrj9n8x5xgcsrjwyzr5qzkm0000gp/T/Tunnelblick-sGqR6Y/NewHome-Full-443T.tblk
to /Library/Application Support/Tunnelblick/Shared/NewHome-Full-443T.tblk.temp
Renamed /Library/Application Support/Tunnelblick/Shared/NewHome-Full-443T.tblk.temp
to /Library/Application Support/Tunnelblick/Shared/NewHome-Full-443T.tblk
Changed ownership of /Library/Application Support/Tunnelblick/Shared/NewHome-Full-443T.tblk and its contents from 502:20 to 0:0
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Shared/NewHome-Full-443T.tblk
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Shared/NewHome-Full-443T.tblk/Contents
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Shared/NewHome-Full-443T.tblk/Contents/Resources
Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Shared/NewHome-Full-443T.tblk/Contents/Resources/config.ovpn
Tunnelblick installer finished without error
2018-06-10 08:37:14 Tunnelblick[15712] Configuration Home-Full-Fast will use OpenVPN 2.4.6 - OpenSSL v1.0.2o instead of 2.4.4 - OpenSSL v1.0.2n
2018-06-10 08:37:14 Tunnelblick[15712] Configuration Home-Full-Fast will use OpenVPN 2.4.6 - OpenSSL v1.0.2o instead of 2.4.4 - OpenSSL v1.0.2n
2018-06-10 08:37:15 Tunnelblick[15712] Configuration Home-Full-Fast will use OpenVPN 2.4.6 - OpenSSL v1.0.2o instead of 2.4.4 - OpenSSL v1.0.2n