TAP0 not receiving an IP via DHCP on OpenVPN Server
Joachim von Caron
jkbull...gmail.com
Joachim von Caron
Have read the document before I posted and yes I have the latest beta installed. I tested on two OSX computers. And both of them not getting an IP for the TAP0 device. The computer itself is getting by DHCP.
jvc
jkbull...gmail.com
2 Please follow the instructions at Read Before You Post to get the info needed to diagnose problems and post the info.
Joachim von Caron
*Tunnelblick: OS X 10.11.3; Tunnelblick 3.6beta24 (build 4530); prior version 3.5.8 (build 4270.4530); Admin user
Configuration server
"Sanitized" condensed configuration file for /Users/joachim/Library/Application Support/Tunnelblick/Configurations/server.tblk:
port 1194
proto udp
dev tap0
ca "ca.crt"
cert "joachim.crt"
key "joachim.key" # This file should be kept secret
dh "dh4096.pem"
server-bridge 192.168.142.1 255.255.255.0 192.168.142.51 192.168.142.59
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 192.168.142.240"
client-to-client
keepalive 10 120
comp-lzo
max-clients 10
persist-key
persist-tun
status openvpn-status.log
verb 3
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
134 0 0xffffff7f8344f000 0x7000 0x7000 com.parallels.virtualsound (1.0.36 36) E9131806-D073-8482-AC46-B4AAE55EA6FE <105 5 4 3 1>
144 0 0xffffff7f83456000 0x5000 0x5000 com.parallels.virtualhid (1.0.3 3) B0C355DF-4268-359B-9654-0A67F4305F7B <34 5 4 3 1>
148 0 0xffffff7f8345b000 0x7000 0x7000 com.McAfee.kext.AppProtection (3.3.2) 371CFEEA-CEA7-356C-8311-EB5EDCC8F3AA <4 1>
149 0 0xffffff7f83462000 0x1c000 0x1c000 com.McAfee.SFKext (1) 37B23206-E15B-39EF-B9A6-AEC330504407 <5 4 1>
150 0 0xffffff7f8347e000 0xe000 0xe000 com.McAfee.AVKext (1) A3CBB2E2-EBB5-3638-B351-3A58C356B908 <4 1>
226 0 0xffffff7f834a8000 0x7000 0x7000 net.tunnelblick.tap (4530.3) 1B812D89-C5EC-37EF-B40A-55C215442E18 <7 5 4 1>
================================================================================
There are no unusual files in server.tblk
================================================================================
Configuration preferences:
-routeAllTrafficThroughVpn = 0
-keychainHasPrivateKey = 0
-keychainHasUsernameAndPassword = 0
-keychainHasUsername = 0
-loadTun =
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
-lastConnectionSucceeded = 1
================================================================================
Wildcard preferences:
================================================================================
Program preferences:
skipWarningThatIPAddressDidNotChangeAfterConnection = 1
skipWarningThatInternetIsNotReachable = 1
launchAtNextLogin = 1
notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
askedUserIfOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
tunnelblickVersionHistory = (
"3.6beta24 (build 4530)",
"3.5.8 (build 4270.4530)"
)
lastLaunchTime = 478981735.968466
connectionWindowDisplayCriteria = showWhenConnecting
maxLogDisplaySize = 102400
lastConnectedDisplayName = server
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
updateSendProfileInfo = 0
NSWindow Frame SettingsSheetWindow = 574 443 829 524 0 0 1920 1177
NSWindow Frame ConnectingWindow = 765 743 389 187 0 0 1920 1177
detailsWindowFrameVersion = 4270.4530
detailsWindowFrame = {{829, 561}, {916, 468}}
detailsWindowLeftFrame = {{0, 0}, {165, 350}}
leftNavSelectedDisplayName = server
AdvancedWindowTabIdentifier = vpnCredentials
haveDealtWithSparkle1dot5b6 = 1
haveDealtWithOldTunTapPreferences = 1
haveDealtWithOldLoginItem = 1
SUEnableAutomaticChecks = 1
SUFeedURL = https://www.tunnelblick.net/appcast-b.rss
SUScheduledCheckInterval = 86400
SUSendProfileInfo = 0
SULastCheckTime = 2016-03-06 18:28:55 +0000
SUHasLaunchedBefore = 1
WebKitDefaultFontSize = 16
WebKitStandardFont = Times
================================================================================
Tunnelblick Log:
2016-03-06 19:30:27 *Tunnelblick: OS X 10.11.3; Tunnelblick 3.6beta24 (build 4530); prior version 3.5.8 (build 4270.4530)
2016-03-06 19:30:27 *Tunnelblick: Attempting connection with server using shadow copy; Set nameserver = 1; monitoring connection
2016-03-06 19:30:27 *Tunnelblick: openvpnstart start server.tblk 1337 1 0 1 0 541042 -ptADGNWradsgnw 2.3.10
2016-03-06 19:30:28 *Tunnelblick: openvpnstart log:
Loading tap-signed.kext
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.10/openvpn
--daemon
--log
/Library/Application Support/Tunnelblick/Logs/-SUsers-Sjoachim-SLibrary-SApplication Support-STunnelblick-SConfigurations-Sserver.tblk-SContents-SResources-Sconfig.ovpn.1_0_1_0_541042.1337.openvpn.log
--cd
/Library/Application Support/Tunnelblick/Users/joachim/server.tblk/Contents/Resources
--verb
3
--config
/Library/Application Support/Tunnelblick/Users/joachim/server.tblk/Contents/Resources/config.ovpn
--cd
/Library/Application Support/Tunnelblick/Users/joachim/server.tblk/Contents/Resources
--management
127.0.0.1
1337
--management-query-passwords
--management-hold
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw
--route-pre-down
/Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw
2016-03-06 19:30:27 OpenVPN 2.3.10 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Mar 2 2016
2016-03-06 19:30:27 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.09
2016-03-06 19:30:27 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
2016-03-06 19:30:27 Need hold release from management interface, waiting...
2016-03-06 19:30:27 *Tunnelblick: openvpnstart starting OpenVPN
2016-03-06 19:30:28 *Tunnelblick: Established communication with OpenVPN
2016-03-06 19:30:28 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
2016-03-06 19:30:28 MANAGEMENT: CMD 'pid'
2016-03-06 19:30:28 MANAGEMENT: CMD 'state on'
2016-03-06 19:30:28 MANAGEMENT: CMD 'state'
2016-03-06 19:30:28 MANAGEMENT: CMD 'bytecount 1'
2016-03-06 19:30:28 MANAGEMENT: CMD 'hold release'
2016-03-06 19:30:28 NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to
2016-03-06 19:30:28 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2016-03-06 19:30:28 Diffie-Hellman initialized with 4096 bit key
2016-03-06 19:30:28 Socket Buffers: R=[196724->196724] S=[9216->9216]
2016-03-06 19:30:28 TUN/TAP device /dev/tap0 opened
2016-03-06 19:30:28 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw tap0 1500 1574 init
**********************************************
Start of output from client.up.tunnelblick.sh
Did 'ipconfig set "tap0" DHCP'
Configuring tap DNS via DHCP asynchronously
End of output from client.up.tunnelblick.sh
**********************************************
2016-03-06 19:30:30 UDPv4 link local (bound): [undef]
2016-03-06 19:30:30 UDPv4 link remote: [undef]
2016-03-06 19:30:30 MULTI: multi_init called, r=256 v=256
2016-03-06 19:30:30 IFCONFIG POOL: base=192.168.142.51 size=9, ipv6=0
2016-03-06 19:30:30 Initialization Sequence Completed
2016-03-06 19:30:30 MANAGEMENT: >STATE:1457289030,CONNECTED,SUCCESS,,
2016-03-06 19:30:30 *Tunnelblick: No 'connected.sh' script to execute
Sleeping for 0 seconds to wait for DHCP to finish setup.
Sleeping for 1 seconds to wait for DHCP to finish setup.
Sleeping for 2 seconds to wait for DHCP to finish setup.
Sleeping for 3 seconds to wait for DHCP to finish setup.
Sleeping for 4 seconds to wait for DHCP to finish setup.
WARNING: No DNS information received from OpenVPN via DHCP, so no network/DNS configuration changes need to be made.
WARNING: Will NOT monitor for other network configuration changes.
DNS servers '192.168.142.240' will be used for DNS queries when the VPN is active
NOTE: The DNS servers do not include any free public DNS servers known to Tunnelblick. This may cause DNS queries to fail or be intercepted or falsified even if they are directed through the VPN. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.
Flushed the DNS cache via dscacheutil
/usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
Notified mDNSResponder that the DNS cache was flushed
================================================================================
"Sanitized" full configuration file
;local 192.168.142.242
port 1194
proto udp
dev tap0
ca "ca.crt"
cert "joachim.crt"
key "joachim.key" # This file should be kept secret
dh "dh4096.pem"
server-bridge 192.168.142.1 255.255.255.0 192.168.142.51 192.168.142.59
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 192.168.142.240"
client-to-client
keepalive 10 120
comp-lzo
max-clients 10
persist-key
persist-tun
status openvpn-status.log
verb 3
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=1<PERFORMNUD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 28:cf:e9:13:65:31
inet6 fe80::2acf:e9ff:fe13:6531%en0 prefixlen 64 scopeid 0x4
inet 192.168.142.100 netmask 0xffffff00 broadcast 192.168.142.255
nd6 options=1<PERFORMNUD>
media: autoselect
status: active
en1: flags=963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX> mtu 1500
options=60<TSO4,TSO6>
ether 32:00:16:5f:b7:80
media: autoselect <full-duplex>
status: inactive
en2: flags=963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX> mtu 1500
options=60<TSO4,TSO6>
ether 32:00:16:5f:b7:81
media: autoselect <full-duplex>
status: inactive
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether 0a:cf:e9:13:65:31
media: autoselect
status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
ether 36:9c:d7:d5:33:64
inet6 fe80::349c:d7ff:fed5:3364%awdl0 prefixlen 64 scopeid 0x8
nd6 options=1<PERFORMNUD>
media: autoselect
status: active
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether 2a:cf:e9:31:67:00
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x2
member: en1 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 5 priority 0 path cost 0
member: en2 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 6 priority 0 path cost 0
nd6 options=1<PERFORMNUD>
media: <unknown type>
status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::554b:a19e:79c1:4762%utun0 prefixlen 64 scopeid 0xa
inet6 fd27:1187:b500:42ca:554b:a19e:79c1:4762 prefixlen 64
nd6 options=1<PERFORMNUD>
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
inet6 fe80::ef7c:6e:2fbe:5f51%utun1 prefixlen 64 scopeid 0xd
nd6 options=1<PERFORMNUD>
utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
inet6 fe80::a123:5684:c195:a3a2%utun2 prefixlen 64 scopeid 0xe
nd6 options=1<PERFORMNUD>
tap0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether e6:81:5a:8d:ba:41
inet 169.254.96.164 netmask 0xffff0000 broadcast 169.254.255.255
media: autoselect
status: active
open (pid 93970)
================================================================================
Console Log:
2016-03-06 19:27:15 Tunnelblick[93820] Set program update feedURL to https://www.tunnelblick.net/appcast-s.rss
2016-03-06 19:27:39 Tunnelblick[93820] applicationShouldTerminate: termination for unknown reason, probably Command-Q; delayed until 'shutdownTunnelblick' finishes
2016-03-06 19:27:40 Tunnelblick[93820] runTunnelblickd: no data available from tunnelblickd socket; sleeping 0.100000 seconds...
2016-03-06 19:27:40 Tunnelblick[93820] runTunnelblickd: no data available from tunnelblickd socket; sleeping 0.200000 seconds...
2016-03-06 19:27:40 Tunnelblick[93820] runTunnelblickd: no data available from tunnelblickd socket; sleeping 0.400000 seconds...
2016-03-06 19:27:40 tunnelblickd[93830] Status = 0 from tunnelblick-helper command 'unloadKexts 2'
2016-03-06 19:27:41 Tunnelblick[93820] runTunnelblickd: no data available from tunnelblickd socket; sleeping 0.100000 seconds...
2016-03-06 19:27:41 Tunnelblick[93820] runTunnelblickd: no data available from tunnelblickd socket; sleeping 0.200000 seconds...
2016-03-06 19:27:41 Tunnelblick[93820] runTunnelblickd: no data available from tunnelblickd socket; sleeping 0.400000 seconds...
2016-03-06 19:27:41 tunnelblickd[93830] Status = 0 from tunnelblick-helper command 'deleteLogs'
2016-03-06 19:27:41 Tunnelblick[93820] Finished shutting down Tunnelblick; allowing termination
2016-03-06 19:28:31 kernel[0] hfs: mounted Tunnelblick on device disk2s1
2016-03-06 19:28:31 mds[82] (Volume.Normal:2464) volume:0x7fb0e3841800 ********** Bootstrapped Creating a default store:1 SpotLoc:(null) SpotVerLoc:(null) occlude:0 /Volumes/Tunnelblick
2016-03-06 19:28:42 Tunnelblick[93883] Tunnelblick: OS X 10.11.3; Tunnelblick 3.6beta24 (build 4530)
2016-03-06 19:28:43 Tunnelblick[93883] Tunnelblick cannot run when it is on /Volumes because the volume has the MNT_NOSUID statfs flag set.
2016-03-06 19:28:48 Tunnelblick[93883] Beginning installation or repair
2016-03-06 19:28:48 authexec[93890] executing /Volumes/Tunnelblick/Tunnelblick.app/Contents/Resources/installer
2016-03-06 19:28:54 Tunnelblick[93883] Installation or repair succeeded; Log:
Tunnelblick installer started 2016-03-06 19:28:48. 1 arguments: 0x0017
Moved /Applications/Tunnelblick.app to the Trash
Copied /Volumes/Tunnelblick/Tunnelblick.app to /Applications/Tunnelblick.app
Changed ownership of /Applications/Tunnelblick.app and its contents from 501:80 to 0:0
Changed ownership of the contents of /Users/joachim/Library/Application Support/Tunnelblick/Configurations from 501:80 to 501:80
Changed permissions from 644 to 740 on /Users/joachim/Library/Application Support/Tunnelblick/Configurations/server.tblk/Contents/Resources/dh4096.pem
Changed permissions from 600 to 700 on /Library/Application Support/Tunnelblick/Users/joachim/server.tblk/Contents/Resources/openvpn-status.log
Used launchctl to load tunnelblickd
Tunnelblick installer finished without error
2016-03-06 19:28:54 Tunnelblick[93883] applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes
2016-03-06 19:28:54 Tunnelblick[93924] Tunnelblick: OS X 10.11.3; Tunnelblick 3.6beta24 (build 4530)
2016-03-06 19:28:55 Tunnelblick[93924] Set program update feedURL to https://www.tunnelblick.net/appcast-b.rss
2016-03-06 19:28:55 Tunnelblick[93883] Finished shutting down Tunnelblick; allowing termination
2016-03-06 19:28:55 kernel[0] hfs: unmount initiated on Tunnelblick on device disk2s1
2016-03-06 19:28:55 deleted[1268] normalizeUserMountpoint:736 volRoot failed for /Volumes/Tunnelblick
2016-03-06 19:28:55 deleted[1268] _validateVolume:758 unable to normalize volume: "/Volumes/Tunnelblick", vol: (null)
2016-03-06 19:30:22 tunnelblickd[93954] Status = 252 from tunnelblick-helper command 'compareShadowCopy server'
2016-03-06 19:30:22 Tunnelblick[93924] tunnelblickd status from compareShadowCopy: 252
2016-03-06 19:30:26 Tunnelblick[93924] Beginning installation or repair
2016-03-06 19:30:26 authexec[93959] executing /Applications/Tunnelblick.app/Contents/Resources/installer
2016-03-06 19:30:27 Tunnelblick[93924] Installation or repair succeeded; Log:
Tunnelblick installer started 2016-03-06 19:30:26. 3 arguments: 0x0001
/Library/Application Support/Tunnelblick/Users/joachim/server.tblk
/Users/joachim/Library/Application Support/Tunnelblick/Configurations/server.tblk
Copied /Users/joachim/Library/Application Support/Tunnelblick/Configurations/server.tblk
to /Library/Application Support/Tunnelblick/Users/joachim/server.tblk.temp
Renamed /Library/Application Support/Tunnelblick/Users/joachim/server.tblk.temp
to /Library/Application Support/Tunnelblick/Users/joachim/server.tblk
Changed ownership of /Library/Application Support/Tunnelblick/Users/joachim/server.tblk and its contents from 501:80 to 0:0
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/joachim/server.tblk
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/joachim/server.tblk/Contents
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/joachim/server.tblk/Contents/Resources
Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Users/joachim/server.tblk/Contents/Resources/ca.crt
Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Users/joachim/server.tblk/Contents/Resources/config.ovpn
Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Users/joachim/server.tblk/Contents/Resources/dh4096.pem
Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Users/joachim/server.tblk/Contents/Resources/joachim.crt
Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Users/joachim/server.tblk/Contents/Resources/joachim.key
Tunnelblick installer finished without error
2016-03-06 19:30:27 Tunnelblick[93924] Created or updated secure (shadow) copy of configuration file /Users/joachim/Library/Application Support/Tunnelblick/Configurations/server.tblk
jkbull...gmail.com
Joachim von Caron
jkbull...gmail.com
ups, I missed. True and thx for this.Anyhow the TAP0 interface on the server has no IP. Is this correct?
Connecting from the client, I cannot ping anything.