OpenVPN 2.2.1 and SOCKS Server

338 views
Skip to first unread message

Wolfgang Werner

unread,
Jul 21, 2011, 10:19:23 AM7/21/11
to tunnelbli...@googlegroups.com
I upgraded OS X to Lion and Tunnelblick to the latest beta 3.2.beta26

Normal operation is fine for me (direct connections to OpenVPN server).

However, when I try to connect to one of our customers I have to use a socks server (to get the outgoing ip address right). This worked fine before.

Now the openVPN sends a username to the socks server (c...@xxx.xxx.xxx.xxx), but our socks server does not need / alowes for one.

In the OpenVPN change log (http://openvpn.net/index.php/open-source/documentation/change-log/425-changelog-for-openvpn-22.html) I found

Pierre Bourdon (1): Adding support for SOCKS plain text authentication

I need to switch of the transfer of the user name. In my config file no user name is given. From the Log:

2011-07-21 16:13:49 MANAGEMENT: >STATE:1311257629,TCP_CONNECT,,,
2011-07-21 16:13:50 *Tunnelblick: Flushed the DNS cache
2011-07-21 16:13:50 TCP connection established with xx.xx.xx.xxx:1080
2011-07-21 16:13:50 socks_handshake: server asked for username/login auth but we were not provided any credentials
2011-07-21 16:13:50 TCP/UDP: Closing socket
2011-07-21 16:13:50 SIGTERM[soft,init_instance] received, process exiting

Any help is appreciated, thanks in advance!

Best, Wolfgang

jkbull...gmail.com

unread,
Jul 21, 2011, 11:06:17 AM7/21/11
to tunnelbli...@googlegroups.com
If this is caused by  a change in OpenVPN, you could try using an older version of OpenVPN with the latest version of Tunnelblick. Tunnelblick should work with any OpenVPN version of 2.0 and higher, but I recommend you use the latest version that doesn't cause this problem.

The OpenVPN binary in any version of Tunnelblick is located in Tunnelblick.app/Contents/Resources/ and is named openvpn. You can just replace it with an older version from an older version of Tunnelblick. (You can see inside a Tunnelblick.app doing a Control-click on it and selecting "Show Package Contents".)

If you know what version of Tunnelblick you upgraded from, try the OpenVPN contained in it. Otherwise, here's a list of versions of Tunnelblick and the versions of OpenVPN that they contain:

Tunnelblick 3.2beta24 uses OpenVPN 2.2.1
Tunnelblick 3.2beta10 uses OpenVPN 2.2
Tunnelblick 3.1beta22 uses OpenVPN 2.1.4 <----------- This is your best bet -- it is before the SOCKS change you mentioned
Tunnelblick 3.1beta14 uses OpenVPN 2.1.3
Tunnelblick 3.0b26 uses OpenVPN 2.1.1
Tunnelblick 3.0b22 uses OpenVPN 2.1_rc20
Tunnelblick 3.0b16 uses OpenVPN 2.1_rc19
Tunnelblick 3.0b10 uses OpenVPN 2.1_rc15

These may all be downloaded from the Downloads page or the Security Risk Downloads page. (The security risks are in Tunnelblick, not OpenVPN.)

If you resolve your problem, please remember to post how you did, so others may benefit.

Wolfgang Werner

unread,
Jul 22, 2011, 9:45:46 AM7/22/11
to tunnelbli...@googlegroups.com
Thanks a lot. 

after downloading the recommended version I copied the included files

Installer/Contents/Resources/
- openvpn
- openvpn-down.so
- openvpn.conf

to

/Applications/Tunnelblick/Contents/Resources

and now it works perfectly. 

Thanks a lot for the hint. Performing a full downgrade of Tunnelblick was not an option with Lion.

jkbull...gmail.com

unread,
Jul 22, 2011, 10:15:21 AM7/22/11
to tunnelbli...@googlegroups.com
I'm glad its working for you now.

And good catch about openvpn-down-root.so. That should be copied.

It isn't necessary to copy openvpn.conf, though -- it is just a sample configuration file, not used for connecting.

And, for anyone reading this thread, do not copy openvpnstart.
Reply all
Reply to author
Forward
0 new messages