Can't configure some profiles to use OpenVPN 2.4
210 views
Skip to first unread message
m...@grg.pw
Apr 4, 2020, 5:04:10 PM4/4/20
to tunnelblick-discuss
Hello,
I'm on Tunnelblick 3.8.3beta01 and have a weird issue which only happens when I'm connecting to the server via IPv6: VPN gets established successfully, but no traffic, IPv4 or IPv6 can flow through it. After a few minutes, the VPN itself will timeout.
While digging into this, I found the following log lines:
2020-04-04 21:37:39.000000 Options error: unknown --redirect-gateway flag: ipv6
2020-04-04 21:37:39.000000 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:10: redirect-gateway-ipv6 (2.3.18)And at this point figured out I was for some reason using OpenVPN 2.3 instead of 2.4, which is the default. If I try to switch this configuration to OpenVPN 2.4, a popup will show stating:
'STARG-VGW will connect using OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of the requested version (OpenVPN 2.4.8-openssl-1.1.1e)'I found an old post with a similar issue so tried to clean up my config with the below, but nothing changes.
defaults delete net.tunnelblick.tunnelblick "STARG-openvpnVersion"This error shows up immediately after I pick 2.4 in the dropdown menu, it's extremely weird.
Does anybody have a clue or an idea where I can find out what's exactly causing this?
Thanks
Giorgio
Tunnelblick developer
Apr 4, 2020, 5:06:02 PM4/4/20
to tunnelblick-discuss
Please post the diagnostic info obtained by following the instructions at Read Before You Post (https://tunnelblick.net/cBeforeYouPost.html).
m...@grg.pw
Apr 4, 2020, 5:56:44 PM4/4/20
to tunnelblick-discuss
Sure, here you are. The console log contains about 800 lines, I've cut it to the last hour or so (I did multiple tests).
*Tunnelblick: macOS 10.15.3 (19D76); Tunnelblick 3.8.3beta01 (build 5490); prior version 3.8.2 (build 5480); Admin user
git commit b44a1fd2c3b0393d1923d37c3a51bbf978cf8dbd
Configuration STARG-VGW
"Sanitized" condensed configuration file for /Users/grg/Library/Application Support/Tunnelblick/Configurations/STARG-VGW.tblk:
[Lines that appear to be security-related have been omitted]
setenv UV_ID 2cb4ffa9ded24df780739c4a8147d36b
setenv UV_NAME snowy-plains-7838
client
dev tun
dev-type tun
remote REDACTED 12457 udp6
remote REDACTED 12457 udp
remote-random
nobind
persist-tun
cipher AES-128-CBC
auth SHA256
verb 2
mute 3
push-peer-info
ping 15
ping-restart 30
hand-window 70
server-poll-timeout 4
reneg-sec 2592000
sndbuf 393216
rcvbuf 393216
max-routes 1000
remote-cert-tls server
comp-lzo no
auth-user-pass
key-direction 1
<ca>
[Security-related line(s) omitted]
</ca>
<tls-auth>
[Security-related line(s) omitted]
</tls-auth>
<cert>
[Security-related line(s) omitted]
</cert>
<key>
[Security-related line(s) omitted]
</key>
================================================================================
Files in STARG-VGW.tblk:
Contents/Resources/config.ovpn
================================================================================
Configuration preferences:
useDNS = 1
-openvpnVersion = 2.3.18-libressl-2.7.1
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
-loggingLevel = 3
================================================================================
Wildcard preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
================================================================================
Program preferences:
skipWarningAboutPreAuthorizedActivity = 1
placeIconInStandardPositionInStatusBar = 1
launchAtNextLogin = 1
notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
tunnelblickVersionHistory = (
"3.8.3beta01 (build 5490)",
"3.8.2 (build 5480)",
"3.8.3beta01 (build 5490)",
"3.8.2beta07 (build 5470)",
"3.8.2beta06 (build 5460)",
"3.8.2beta05 (build 5450)",
"3.8.2beta04 (build 5440)",
"3.8.1 (build 5400)",
"3.8.0 (build 5370)",
"3.7.9a (build 5321)"
)
statusDisplayNumber = 0
lastLaunchTime = 607729795.989866
doNotShowDisconnectedNotificationWindows = 1
doNotShowConnectionSubmenus = 1
showConnectedDurations = 0
lastLanguageAtLaunchWasRTL = 0
connectionWindowDisplayCriteria = showWhenConnecting
maxLogDisplaySize = 102400
lastConnectedDisplayName = STARG-VGW.v4
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
NSWindow Frame ConnectingWindow = 445 459 389 187 0 0 1280 777
NSWindow Frame SUUpdateAlert = 558 207 620 392 0 0 1280 777
detailsWindowFrameVersion = 5490
detailsWindowFrame = {{180, 248}, {920, 468}}
detailsWindowLeftFrame = {{0, 0}, {167, 350}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = settings
leftNavSelectedDisplayName = STARG-VGW
AdvancedWindowTabIdentifier = connectingAndDisconnecting
haveDealtWithOldTunTapPreferences = 1
haveDealtWithOldLoginItem = 1
haveDealtWithAfterDisconnect = 1
SUEnableAutomaticChecks = 1
SUFeedURL = https://www.tunnelblick.net/appcast-s.rss
SUScheduledCheckInterval = 86400
SUSendProfileInfo = 1
SULastCheckTime = 2020-04-04 21:49:56 +0000
SULastProfileSubmissionDate = 2020-03-29 00:00:27 +0000
SUHasLaunchedBefore = 1
WebKitDefaultFontSize = 11
WebKitStandardFont = .AppleSystemUIFont
askedUserIfOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
haveDealtWithSparkle1dot5b6 = 1
tunnelblickdHash = 004cdba8e08abd144bc48409040bc80e29c12ee9741ed7d73754f51d2547f7ea
tunnelblickdPlistHash = ce400d395d1801b003398461b5420021f4d591822783a04b79b2f43956d28620
updateSendProfileInfo = 1
================================================================================
Tunnelblick Log:
2020-04-04 22:49:55.203857 *Tunnelblick: macOS 10.15.3 (19D76); Tunnelblick 3.8.3beta01 (build 5490); prior version 3.8.2 (build 5480)
================================================================================
Down log:
22:44:01 *Tunnelblick: **********************************************
22:44:01 *Tunnelblick: Start of output from client.down.tunnelblick.sh
22:44:01 *Tunnelblick: Cancelled monitoring system configuration changes
22:44:01 *Tunnelblick: Restored State:DNS
22:44:01 *Tunnelblick: REDACTED Setup:DNS
22:44:01 *Tunnelblick: REDACTED State:SMB
22:44:01 *Tunnelblick: Restored DNS and SMB settings
22:44:01 *Tunnelblick: Re-enabled IPv6 (automatic) for "Thunderbolt Ethernet"
22:44:01 *Tunnelblick: Re-enabled IPv6 (automatic) for "Wi-Fi"
22:44:01 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache
22:44:01 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
22:44:01 *Tunnelblick: End of output from client.down.tunnelblick.sh
22:44:01 *Tunnelblick: **********************************************
================================================================================
Previous down log:
22:36:03 *Tunnelblick: **********************************************
22:36:03 *Tunnelblick: Start of output from client.down.tunnelblick.sh
22:36:03 *Tunnelblick: Cancelled monitoring system configuration changes
22:36:03 *Tunnelblick: Restored State:DNS
22:36:03 *Tunnelblick: REDACTED Setup:DNS
22:36:03 *Tunnelblick: REDACTED State:SMB
22:36:03 *Tunnelblick: Restored DNS and SMB settings
22:36:03 *Tunnelblick: Re-enabled IPv6 (automatic) for "Thunderbolt Ethernet"
22:36:03 *Tunnelblick: Re-enabled IPv6 (automatic) for "Wi-Fi"
22:36:03 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache
22:36:03 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
22:36:04 *Tunnelblick: End of output from client.down.tunnelblick.sh
22:36:04 *Tunnelblick: **********************************************
================================================================================
Network services:
An asterisk (*) denotes that a network service is disabled.
Thunderbolt Ethernet
Wi-Fi
*Wi-Fi (Secondary)
Bluetooth PAN
REDACTED
REDACTED (Split)
Wi-Fi Power (en0): On
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 60:f8:1d:c4:9b:22
inet 172.18.34.72 netmask 0xffffff00 broadcast 172.18.34.255
inet6 fe80::14de:180c:bdd9:b8f9%en0 prefixlen 64 secured scopeid 0x4
inet6 fd00::55:6371:676d:9720 prefixlen 64 autoconf secured
inet6 fd00::d15d:f192:c7a9:aac2 prefixlen 64 autoconf temporary
inet6 REDACTED prefixlen 64 autoconf secured
inet6 REDACTED prefixlen 64 autoconf temporary
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
bridge0: flags=8822<BROADCAST,SMART,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether 82:0f:1e:3d:18:40
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x2
member: en1 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 6 priority 0 path cost 0
member: en2 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 7 priority 0 path cost 0
media: <unknown type>
status: inactive
en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=460<TSO4,TSO6,CHANNEL_IO>
ether 82:0f:1e:3d:18:40
media: autoselect <full-duplex>
status: inactive
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=460<TSO4,TSO6,CHANNEL_IO>
ether 82:0f:1e:3d:18:41
media: autoselect <full-duplex>
status: inactive
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
options=400<CHANNEL_IO>
ether 02:f8:1d:c4:9b:22
media: autoselect
status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
options=400<CHANNEL_IO>
ether 26:c4:4b:8f:c0:a4
inet6 fe80::24c4:4bff:fe8f:c0a4%awdl0 prefixlen 64 scopeid 0x9
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
llw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 26:c4:4b:8f:c0:a4
inet6 fe80::24c4:4bff:fe8f:c0a4%llw0 prefixlen 64 scopeid 0xa
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::6bd:69ad:1812:be2d%utun0 prefixlen 64 scopeid 0xb
nd6 options=201<PERFORMNUD,DAD>
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
inet6 fe80::4d86:b3bc:b11a:2263%utun1 prefixlen 64 scopeid 0xc
nd6 options=201<PERFORMNUD,DAD>
utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::b8f0:7381:4df:b5e5%utun2 prefixlen 64 scopeid 0xd
nd6 options=201<PERFORMNUD,DAD>
utun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::18ad:9b19:77cb:8588%utun3 prefixlen 64 scopeid 0xe
nd6 options=201<PERFORMNUD,DAD>
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
164 3 0xffffff7f83c8c000 0xf0000 0xf0000 org.virtualbox.kext.VBoxDrv (6.0.18) 96270992-93C7-3FCE-9AA2-37A8A7DCC926 <8 6 5 3 1>
168 0 0xffffff7f83d7c000 0x8000 0x8000 org.virtualbox.kext.VBoxUSB (6.0.18) B9318296-40DB-31E6-AD39-0806529AA3F2 <167 164 59 8 6 5 3 1>
169 0 0xffffff7f83d84000 0x5000 0x5000 org.virtualbox.kext.VBoxNetFlt (6.0.18) 336536F2-3A17-3603-9F72-77A72B523230 <164 8 6 5 3 1>
170 0 0xffffff7f83d89000 0x6000 0x6000 org.virtualbox.kext.VBoxNetAdp (6.0.18) D7DDC615-34B1-3AFF-BD69-D60CF308B972 <164 6 5 1>
================================================================================
Quit Log:
2020-04-04 22:49:50.693284 applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes)
2020-04-04 22:49:50.695638 shutDownTunnelblick: started.
2020-04-04 22:49:50.696622 shutDownTunnelblick: Starting cleanup.
2020-04-04 22:49:50.697165 cleanup: Entering cleanup
2020-04-04 22:49:50.697632 synchronized user defaults
2020-04-04 22:49:51.664547 shutDownTunnelblick: Cleanup finished.
2020-04-04 22:49:51.665273 Finished shutting down Tunnelblick; allowing termination
================================================================================
Console Log:
2020-04-04 21:41:07.933495 Tunnelblick[22610] The OpenVPN log contains the following message:
"Unrecognized option or missing parameter(s)".
This error means that an option that is contained in the OpenVPN configuration file or was "pushed" by the OpenVPN server:
• has been misspelled,
• has missing or extra arguments, or
• is not implemented by the version of OpenVPN which is being used for this configuration. It may be a new option that is not implemented in an old version of OpenVPN, or an old option that has been removed in a new version of OpenVPN. You can choose what version of OpenVPN to use with this configuration in the "Settings" tab of the "Configurations" panel of Tunnelblick's "VPN Details" window.
See the VPN log in the "Log" tab of the "Configurations" panel of Tunnelblick's "VPN Details" window for details.
2020-04-04 22:32:53.590256 Tunnelblick[22610] Configuration STARG-VGW.v4 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:32:53.601481 Tunnelblick[22610] Converting/Installing /Users/grg/Library/Application Support/Tunnelblick/Configurations/STARG-VGW.tblk/Contents/Resources/config.ovpn: Converted OpenVPN configuration
2020-04-04 22:32:56.110596 Tunnelblick[22610] Configuration STARG-VGW.v4 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:36:02.765416 Tunnelblick[22610] Set 'expect disconnect 1 -SLibrary-SApplication Support-STunnelblick-SUsers-Sgrg-SSTARG--VGW--NL-Dv4-Dtblk-SContents-SResources'
2020-04-04 22:36:02.787675 Tunnelblick[22610] Configuration STARG-VGW.v4 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:36:04.250917 tunnelblickd[23637] Status = 248 from tunnelblick-helper command 'kill 22761'
2020-04-04 22:36:04.265850 Tunnelblick[22610] tunnelblickd status from kill: 248
tunnelblickd stderr:
'killOneOpenvpn(22761): Process does not exist
'
2020-04-04 22:36:04.927097 Tunnelblick[22610] Configuration STARG-VGW.v4 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:36:04.954074 Tunnelblick[22610] Configuration STARG-VGW.v4 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:36:13.009025 Tunnelblick[22610] Configuration STARG-VGW-IT.v6 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:36:13.009155 Tunnelblick[22610] Preference 'STARG-VGW-IT.v6-skipWarningThatNotUsingSpecifiedOpenVPN' is TRUE, so not displaying the warning dialog.
2020-04-04 22:36:13.011926 Tunnelblick[22610] Configuration STARG-VGW-IT.v6 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:36:13.161375 Tunnelblick[22610] Configuration STARG-VGW-IT.v6 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:36:13.693914 Tunnelblick[22610] Configuration STARG-VGW.v4 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:36:13.696379 Tunnelblick[22610] Configuration STARG-VGW.v4 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:36:13.839321 Tunnelblick[22610] Configuration STARG-VGW.v4 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:36:17.615996 Tunnelblick[22610] Configuration STARG-VGW.v4 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:36:57.488057 Tunnelblick[22610] Configuration STARG-VGW.v4 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:36:59.056214 tunnelblickd[23790] Status = 252 from tunnelblick-helper command 'compareShadowCopy STARG-VGW.v4'
2020-04-04 22:36:59.189685 Tunnelblick[22610] tunnelblickd status from compareShadowCopy: 252
2020-04-04 22:37:08.650298 tunnelblickd[23790] Status = 164 from tunnelblick-helper command 'printSanitizedConfigurationFile STARG-VGW.v4.tblk 0'
2020-04-04 22:37:08.657370 Tunnelblick[22610] tunnelblickd status from printSanitizedConfigurationFile: 164
2020-04-04 22:37:08.657498 Tunnelblick[22610] Error status 164 returned from 'openvpnstart printSanitizedConfigurationFile STARG-VGW.v4 0'
2020-04-04 22:37:08.657582 Tunnelblick[22610] stderr returned from 'openvpnstart printSanitizedConfigurationFile STARG-VGW.v4 0':
Tunnelblick: Error parsing configuration at line 31; unterminated <ca> at line 29
There was a problem in the configuration file at /Users/grg/Library/Application Support/Tunnelblick/Configurations/STARG-VGW.v4.tblk/Contents/Resources/config.ovpn
2020-04-04 22:37:52.650817 tunnelblickd[23798] Status = 252 from tunnelblick-helper command 'compareShadowCopy STARG-VGW.v4'
2020-04-04 22:37:52.795946 Tunnelblick[22610] tunnelblickd status from compareShadowCopy: 252
2020-04-04 22:37:58.755810 Tunnelblick[22610] Tunnelblick needs to perform an action that requires a computer administrator's authorization.
2020-04-04 22:37:58.755909 Tunnelblick[22610] Beginning installation or repair
2020-04-04 22:37:58.882381 Tunnelblick[22610] Installation or repair succeeded; Log:
Tunnelblick installer started 2020-04-04 22:37:58.851903. 3 arguments: 0x0001
/Library/Application Support/Tunnelblick/Users/grg/STARG-VGW.v4.tblk
/Users/grg/Library/Application Support/Tunnelblick/Configurations/STARG-VGW.v4.tblk
getuid() = 501; getgid() = 20; geteuid() = 0; getegid() = 20
Copied /Users/grg/Library/Application Support/Tunnelblick/Configurations/STARG-VGW.v4.tblk
to /Library/Application Support/Tunnelblick/Users/grg/STARG-VGW.v4.tblk.temp
Renamed /Library/Application Support/Tunnelblick/Users/grg/STARG-VGW.v4.tblk.temp
to /Library/Application Support/Tunnelblick/Users/grg/STARG-VGW.v4.tblk
Changed ownership of /Library/Application Support/Tunnelblick/Users/grg/STARG-VGW.v4.tblk and its contents from 501:80 to 0:0
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/grg/STARG-VGW.v4.tblk
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/grg/STARG-VGW.v4.tblk/Contents
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/grg/STARG-VGW.v4.tblk/Contents/Resources
Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Users/grg/STARG-VGW.v4.tblk/Contents/Resources/config.ovpn
Tunnelblick installer finished without error
2020-04-04 22:37:58.882491 Tunnelblick[22610] Created or updated secure (shadow) copy of configuration file /Users/grg/Library/Application Support/Tunnelblick/Configurations/STARG-VGW.v4.tblk
2020-04-04 22:37:59.188056 Tunnelblick[22610] Configuration STARG-VGW.v4 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:42:47.999132 Tunnelblick[22610] Configuration STARG-VGW.v4 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:44:01.219112 Tunnelblick[22610] Set 'expect disconnect 1 -SLibrary-SApplication Support-STunnelblick-SUsers-Sgrg-SSTARG--VGW--NL-Dv4-Dtblk-SContents-SResources'
2020-04-04 22:49:09.676842 Tunnelblick[22610] Configuration STARG-VGW-IT.v6 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:49:09.676952 Tunnelblick[22610] Preference 'STARG-VGW-IT.v6-skipWarningThatNotUsingSpecifiedOpenVPN' is TRUE, so not displaying the warning dialog.
2020-04-04 22:49:09.680623 Tunnelblick[22610] Configuration STARG-VGW-IT.v6 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:49:09.835440 Tunnelblick[22610] Configuration STARG-VGW-IT.v6 will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:49:12.745836 Tunnelblick[22610] Configuration STARG-VGW will use OpenVPN 2.3.18 - LibreSSL v2.7.1 instead of 2.4.8-openssl-1.1.1e
2020-04-04 22:49:50.697080 Tunnelblick[22610] cleanup: Entering cleanup
2020-04-04 22:49:50.697572 Tunnelblick[22610] synchronized user defaults
2020-04-04 22:49:51.147134 Tunnelblick[22610] Set 'expect disconnect 0 ALL'
2020-04-04 22:49:51.665171 Tunnelblick[22610] Finished shutting down Tunnelblick; allowing termination
2020-04-04 22:49:54.300025 Tunnelblick[24543] Tunnelblick: macOS 10.15.3; Tunnelblick 3.8.3beta01 (build 5490)
2020-04-04 22:49:54.408874 Tunnelblick[24543] Warning: preferences contain unknown preference 'userAgreementVersionAgreedTo'
2020-04-04 22:49:56.079132 Tunnelblick[24543] Sparkle: ===== Tunnelblick =====
2020-04-04 22:49:56.079829 Tunnelblick[24543] Sparkle: Verified appcast signature
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
164 3 0xffffff7f83c8c000 0xf0000 0xf0000 org.virtualbox.kext.VBoxDrv (6.0.18) 96270992-93C7-3FCE-9AA2-37A8A7DCC926 <8 6 5 3 1>
168 0 0xffffff7f83d7c000 0x8000 0x8000 org.virtualbox.kext.VBoxUSB (6.0.18) B9318296-40DB-31E6-AD39-0806529AA3F2 <167 164 59 8 6 5 3 1>
169 0 0xffffff7f83d84000 0x5000 0x5000 org.virtualbox.kext.VBoxNetFlt (6.0.18) 336536F2-3A17-3603-9F72-77A72B523230 <164 8 6 5 3 1>
170 0 0xffffff7f83d89000 0x6000 0x6000 org.virtualbox.kext.VBoxNetAdp (6.0.18) D7DDC615-34B1-3AFF-BD69-D60CF308B972 <164 6 5 1>
================================================================================
Quit Log:
2020-04-04 22:49:50.693284 applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes)
2020-04-04 22:49:50.695638 shutDownTunnelblick: started.
2020-04-04 22:49:50.696622 shutDownTunnelblick: Starting cleanup.
2020-04-04 22:49:50.697165 cleanup: Entering cleanup
2020-04-04 22:49:50.697632 synchronized user defaults
2020-04-04 22:49:51.664547 shutDownTunnelblick: Cleanup finished.
2020-04-04 22:49:51.665273 Finished shutting down Tunnelblick; allowing termination
================================================================================
m...@grg.pw
Apr 4, 2020, 5:58:30 PM4/4/20
to tunnelblick-discuss
Also, a couple of additional things:
Also solves my issue with IPv6 so this feels like the right path.
- it happens with 3.8.2 as well
- manually connecting via the below works as expected
sudo ./openvpn-2.4.8-openssl-1.1.1e/openvpn --config /Users/grg/Library/Application\ Support/Tunnelblick/Configurations/STARG-VGW.tblk/Contents/Resources/config.ovpnTunnelblick developer
Apr 4, 2020, 6:17:07 PM4/4/20
to tunnelblick-discuss
Your configuration is named "STARG-VGW", so you need to use
So first do that, then "Reset Disabled Warnings" on the "Preferences" panel of Tunnelblick's "VPN Details" window, and then try to select OpenVPN 2.4.
defaults delete net.tunnelblick.tunnelblick STARG-VGW-openvpnVersion
not
defaults delete net.tunnelblick.tunnelblick STARG-openvpnVersion
m...@grg.pw
Apr 4, 2020, 6:27:03 PM4/4/20
to tunnelblick-discuss
Sorry for the confusion, I've been running multiple tests with multiple configs. STARG-VGW was the initial one, other STARG-xx are subsequent tests, so I confirm when I cleaned that up, I cleaned the right one.
Here it is again anyway - deleted everything:
grg@GN-08 ~ % defaults read net.tunnelblick.tunnelblick | grep openvpnVersion
grg@GN-08 ~ % And nothing changes in the GUI.
m...@grg.pw
Apr 4, 2020, 6:39:29 PM4/4/20
to tunnelblick-discuss
Some additional progress: looks like it's due to this parameter in config, deprecated (but not removed) in 2.4:
Does it make sense to you?
max-routes 1000
If I remove it from my config, save, click on "Connect", then "Secure the Configuration", then when selecting 2.4 from the dropdown this choice will be honoured.
Confusing because the parameter below is in the same place (deprecated in 2.4) but doesn't cause this issue.
comp-lzo noDoes it make sense to you?
Thanks
Giorgio
Then saved the config, clicked on connect and then on
Tunnelblick developer
Apr 4, 2020, 9:54:38 PM4/4/20
to tunnelblick-discuss
Thanks for all your work investigating this – it's very much appreciated!
Tunnelblick had not been updated to indicate that max-routes was not removed from 2.4 (which was the plan a while ago). I fixed that via 40fa924e; the fix will be in the next beta release.
m...@grg.pw
Apr 5, 2020, 3:27:32 AM4/5/20
to tunnelblick-discuss
Amazing, thanks! As an additional improvement would you be able to add some details on what's causing the downgrade in the error message?
The behaviour here was a bit counter intuitive and debugging it literally drove me nuts (I raised this thread here after at least 3/4 hours of debugging on my side).
Tunnelblick developer
Apr 5, 2020, 7:48:57 AM4/5/20
to tunnelblick-discuss
Thanks again for finding this bug and doing all the work to discover what was happening!
Tunnelblick developer
Jul 22, 2020, 9:00:24 AM7/22/20
to tunnelblick-discuss
This bug was fixed in 3.8.3beta02 build 5500 (2020-05-22).
Reply all
Reply to author
Forward
0 new messages