tunnelbrick stuck on making TCP connection
203 views
Skip to first unread message
laila mwakalukwa
Apr 3, 2024, 5:00:47 PM4/3/24
to tunnelblick-discuss
*Tunnelblick: macOS 12.5.1 (21G83); Tunnelblick 5.0.0beta02 (build 6010); prior version 4.0.1 (build 5971); Admin user
git commit 2d9a5bc30943c891005969bafcef3c656247b956
The Tunnelblick.app process is not being translated (arm64)
System Integrity Protection is enabled
Model: Mac14,2
================================================================================
Configuration darcc__ssl_vpn_config
"Sanitized" condensed configuration file for /Users/leilamwakalukwa/Library/Application Support/Tunnelblick/Configurations/darcc__ssl_vpn_config.tblk:
client
dev tun
proto tcp
verify-x509-name "C=TZ, ST=Tanzania, L=Dar es Salaam, O=e-Government Authority, OU=OU, CN=SophosApplianceCertificate_C1B103C6PHXB455, emailAddress=grou...@ega.go.tz"
route remote_host 255.255.255.255 net_gateway
resolv-retry infinite
nobind
persist-key
persist-tun
<ca>
[Security-related line(s) omitted]
</ca>
<cert>
[Security-related line(s) omitted]
</cert>
<key>
[Security-related line(s) omitted]
</key>
auth-user-pass
cipher AES-128-CBC
auth SHA256
comp-lzo no
route-delay 4
verb 3
reneg-sec 0
remote 154.118.224.134 8443
remote 2.2.2.2 8443
remote 10.255.0.1 8443
remote 172.16.8.82 8443
================================================================================
Files in darcc__ssl_vpn_config.tblk:
Contents/Resources/config.ovpn
================================================================================
Configuration preferences:
-keychainHasUsernameAndPassword = 1
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
-loginWindowSecurityTokenCheckboxIsChecked = 0
-lastConnectionSucceeded = 0
================================================================================
Wildcard preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
================================================================================
Program preferences:
launchAtNextLogin = 1
tunnelblickVersionHistory = (
"5.0.0beta02 (build 6010)",
"4.0.1 (build 5971)",
"5.0.0beta02 (build 6010)",
"4.0.1 (build 5971)",
"3.8.8g (build 5779.3)",
"3.8.8e (build 5779.1)"
)
lastLaunchTime = 733870461.8888201
lastLanguageAtLaunchWasRTL = 0
connectionWindowDisplayCriteria = showWhenConnecting
maxLogDisplaySize = 102400
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
NSWindow Frame ConnectingWindow = 540 538 389 217 0 0 1470 919
NSWindow Frame SUStatusFrame = 444 131 400 135 0 0 1470 919
NSWindow Frame SUUpdateAlert = 425 403 620 398 0 0 1470 919
detailsWindowFrameVersion = 5971
detailsWindowFrame = {{275, 310}, {920, 522}}
detailsWindowLeftFrame = {{0, 0}, {167, 402}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = log
leftNavSelectedDisplayName = darcc__ssl_vpn_config
AdvancedWindowTabIdentifier = connectingAndDisconnecting
haveDealtWithOldTunTapPreferences = 1
haveDealtWithAlwaysShowLoginWindow = 1
haveDealtWithOldLoginItem = 1
haveDealtWithAfterDisconnect = 1
SUEnableAutomaticChecks = 1
SUScheduledCheckInterval = 86400
SULastCheckTime = 2024-04-03 20:54:23 +0000
SUHasLaunchedBefore = 1
================================================================================
Forced preferences:
(None)
================================================================================
Deployed forced preferences:
(None)
================================================================================
Tunnelblick Kext Policy Data:
================================================================================
Tunnelblick Log:
2024-04-03 13:54:34.788239 *Tunnelblick: macOS 12.5.1 (21G83); Tunnelblick 5.0.0beta02 (build 6010); prior version 4.0.1 (build 5971)
2024-04-03 13:54:35.348858 *Tunnelblick: Attempting connection with darcc__ssl_vpn_config using shadow copy; Set nameserver = 0x00000301; monitoring connection
2024-04-03 13:54:35.349048 *Tunnelblick: openvpnstart start darcc__ssl_vpn_config.tblk 54337 0x00000301 0 1 0 0x0210c130 -ptADGNWradsgnw 2.6.9-openssl-3.0.13 <password>
2024-04-03 13:54:35.367207 *Tunnelblick: openvpnstart starting OpenVPN
2024-04-03 13:54:35.748566 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
2024-04-03 13:54:35.748880 OpenVPN 2.6.9 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD]
2024-04-03 13:54:35.748944 library versions: OpenSSL 3.0.13 30 Jan 2024, LZO 2.10
2024-04-03 13:54:35.750860 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:54337
2024-04-03 13:54:35.750907 Need hold release from management interface, waiting...
2024-04-03 13:54:35.974594 *Tunnelblick: openvpnstart log:
OpenVPN started successfully.
Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.6.9-openssl-3.0.13/openvpn
--daemon
--log-append /Library/Application Support/Tunnelblick/Logs/-SUsers-Sleilamwakalukwa-SLibrary-SApplication Support-STunnelblick-SConfigurations-Sdarcc__ssl_vpn_config.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_34652464.54337.openvpn.log
--cd /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk/Contents/Resources
--machine-readable-output
--setenv IV_GUI_VER "net.tunnelblick.tunnelblick 6010 5.0.0beta02 (build 6010)"
--verb 3
--config /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk/Contents/Resources/config.ovpn
--setenv TUNNELBLICK_CONFIG_FOLDER /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk/Contents/Resources
--verb 3
--cd /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk/Contents/Resources
--management 127.0.0.1 54337 /Library/Application Support/Tunnelblick/Mips/darcc__ssl_vpn_config.tblk.mip
--setenv IV_SSO webauth
--management-query-passwords
--management-hold
--script-security 2
--route-up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
--down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
2024-04-03 13:54:35.976684 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:49298
2024-04-03 13:54:36.022642 MANAGEMENT: CMD 'pid'
2024-04-03 13:54:36.022670 *Tunnelblick: Established communication with OpenVPN
2024-04-03 13:54:36.022685 MANAGEMENT: CMD 'auth-retry interact'
2024-04-03 13:54:36.022707 MANAGEMENT: CMD 'state on'
2024-04-03 13:54:36.022723 MANAGEMENT: CMD 'state'
2024-04-03 13:54:36.022752 MANAGEMENT: CMD 'bytecount 1'
2024-04-03 13:54:36.023110 *Tunnelblick: >INFO:OpenVPN Management Interface Version 5 -- type 'help' for more info
2024-04-03 13:54:36.023550 MANAGEMENT: CMD 'hold release'
2024-04-03 13:54:36.028228 *Tunnelblick: Obtained VPN username and password from the Keychain
2024-04-03 13:54:36.028787 MANAGEMENT: CMD 'username "Auth" "darcc"'
2024-04-03 13:54:36.028842 MANAGEMENT: CMD 'password [...]'
2024-04-03 13:54:36.029102 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2024-04-03 13:54:36.039097 TCP/UDP: Preserving recently used remote address: [AF_INET]154.118.224.134:8443
2024-04-03 13:54:36.039245 Socket Buffers: R=[131072->131072] S=[131072->131072]
2024-04-03 13:54:36.039265 Attempting to establish TCP connection with [AF_INET]154.118.224.134:8443
2024-04-03 13:54:36.039277 MANAGEMENT: >STATE:1712177676,TCP_CONNECT,,,,,,
2024-04-03 13:54:36.080878 TCP connection established with [AF_INET]154.118.224.134:8443
2024-04-03 13:54:36.081019 TCPv4_CLIENT link local: (not bound)
2024-04-03 13:54:36.081061 TCPv4_CLIENT link remote: [AF_INET]154.118.224.134:8443
2024-04-03 13:54:36.081194 MANAGEMENT: >STATE:1712177676,WAIT,,,,,,
2024-04-03 13:54:36.120158 MANAGEMENT: >STATE:1712177676,AUTH,,,,,,
2024-04-03 13:54:36.120268 TLS: Initial packet from [AF_INET]154.118.224.134:8443, sid=db199d91 d87cfd59
2024-04-03 13:54:36.120385 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2024-04-03 13:54:36.275704 TLS error: Unsupported protocol. This typically indicates that client and server have no common TLS version enabled. This can be caused by mismatched tls-version-min and tls-version-max options on client and server. If your OpenVPN client is between v2.3.6 and v2.3.2 try adding tls-version-min 1.0 to the client configuration to use TLS 1.0+ instead of TLS 1.0 only
2024-04-03 13:54:36.275819 OpenSSL: error:0A000102:SSL routines::unsupported protocol:
2024-04-03 13:54:36.275850 TLS_ERROR: BIO read tls_read_plaintext error
2024-04-03 13:54:36.275873 TLS Error: TLS object -> incoming plaintext read error
2024-04-03 13:54:36.275896 TLS Error: TLS handshake failed
2024-04-03 13:54:36.276094 Fatal TLS error (check_tls_errors_co), restarting
2024-04-03 13:54:36.276275 SIGUSR1[soft,tls-error] received, process restarting
2024-04-03 13:54:36.276316 MANAGEMENT: >STATE:1712177676,RECONNECTING,tls-error,,,,,
2024-04-03 13:54:36.277113 MANAGEMENT: CMD 'hold release'
2024-04-03 13:54:36.277175 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2024-04-03 13:54:36.277482 TCP/UDP: Preserving recently used remote address: [AF_INET]2.2.2.2:8443
2024-04-03 13:54:36.277628 Socket Buffers: R=[131072->131072] S=[131072->131072]
2024-04-03 13:54:36.277659 Attempting to establish TCP connection with [AF_INET]2.2.2.2:8443
2024-04-03 13:54:36.277690 MANAGEMENT: >STATE:1712177676,TCP_CONNECT,,,,,,
2024-04-03 13:54:38.280030 MANAGEMENT: CMD 'hold release'
================================================================================
Installer log:
Tunnelblick installer started 2024-04-03 13:54:27.055256; getuid() = 501; geteuid() = 0; getgid() = 20; getegid() = 20
currentDirectoryPath = '/'; 3 arguments:
0x0001
/Users/leilamwakalukwa/Library/Application Support/Tunnelblick/Configurations/darcc__ssl_vpn_config.tblk
/private/var/folders/q0/kq9qxxws60j8db8m7vh2hgzc0000gn/T/net.tunnelblick.tunnelblick-hTRcIy/darcc__ssl_vpn_config.tblk
Determined username 'leilamwakalukwa' from getuid(): 501
renamex_np() tests succeeded for /Applications
renamex_np() tests succeeded for /Library/Application Support/Tunnelblick
renamex_np() tests succeeded for /Users/leilamwakalukwa/Library/Application Support/Tunnelblick/Configurations
renamex_np() succeeded renaming /Library/Application Support/Tunnelblick/installer-temp to /Users/leilamwakalukwa/Library/Application Support/Tunnelblick/Configurations/darcc__ssl_vpn_config.tblk
Changed ownership of /Users/leilamwakalukwa/Library/Application Support/Tunnelblick/Configurations/darcc__ssl_vpn_config.tblk and its contents from 0:0 to 501:80
renamex_np() succeeded renaming /Library/Application Support/Tunnelblick/installer-temp to /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk/Contents
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk/Contents/Resources
Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk/Contents/Resources/config.ovpn
Tunnelblick installer succeeded
================================================================================
Down log:
12:50:10 *Tunnelblick: **********************************************
12:50:10 *Tunnelblick: Start of output from client.down.tunnelblick.sh
12:50:11 *Tunnelblick: WARNING: Not restoring network settings because no saved Tunnelblick DNS information was found.
12:50:11 *Tunnelblick: End of output from client.down.tunnelblick.sh
12:50:11 *Tunnelblick: **********************************************
================================================================================
Previous down log:
04:53:29 *Tunnelblick: **********************************************
04:53:30 *Tunnelblick: Start of output from client.down.tunnelblick.sh
04:53:30 *Tunnelblick: Cancelled monitoring system configuration changes
04:53:30 *Tunnelblick: Restored State:DNS
04:53:30 *Tunnelblick: Removed Setup:DNS
04:53:30 *Tunnelblick: Removed State:SMB
04:53:30 *Tunnelblick: Restored DNS and SMB settings
04:53:30 *Tunnelblick: Re-enabled IPv6 (automatic) for "USB 10/100/1000 LAN"
04:53:30 *Tunnelblick: Re-enabled IPv6 (automatic) for "Wi-Fi"
04:53:30 *Tunnelblick: Re-enabled IPv6 (automatic) for "Thunderbolt Bridge"
04:53:30 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache
04:53:30 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
04:53:30 *Tunnelblick: End of output from client.down.tunnelblick.sh
04:53:30 *Tunnelblick: **********************************************
================================================================================
Network services:
An asterisk (*) denotes that a network service is disabled.
USB 10/100/1000 LAN
Wi-Fi
Thunderbolt Bridge
Wi-Fi Power (en0): On
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
anpi1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 2e:23:6f:0e:8a:cb
inet6 fe80::2c23:6fff:fe0e:8acb%anpi1 prefixlen 64 scopeid 0x4
nd6 options=201<PERFORMNUD,DAD>
media: none
status: inactive
anpi0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 2e:23:6f:0e:8a:ca
inet6 fe80::2c23:6fff:fe0e:8aca%anpi0 prefixlen 64 scopeid 0x5
nd6 options=201<PERFORMNUD,DAD>
media: none
status: inactive
en3: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 2e:23:6f:0e:8a:aa
nd6 options=201<PERFORMNUD,DAD>
media: none
status: inactive
en4: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 2e:23:6f:0e:8a:ab
nd6 options=201<PERFORMNUD,DAD>
media: none
status: inactive
en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=460<TSO4,TSO6,CHANNEL_IO>
ether 36:f4:fc:7d:2c:00
media: autoselect <full-duplex>
status: inactive
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=460<TSO4,TSO6,CHANNEL_IO>
ether 36:f4:fc:7d:2c:04
media: autoselect <full-duplex>
status: inactive
ap1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether aa:8f:d9:3d:8d:59
media: autoselect
status: inactive
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=6463<RXCSUM,TXCSUM,TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
ether a8:8f:d9:3d:8d:59
inet6 fe80::14cc:6ddd:fb0a:5f31%en0 prefixlen 64 secured scopeid 0xb
inet 192.168.191.51 netmask 0xffffff00 broadcast 192.168.191.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether d2:5d:4e:82:6e:7e
inet6 fe80::d05d:4eff:fe82:6e7e%awdl0 prefixlen 64 scopeid 0xc
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
llw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether d2:5d:4e:82:6e:7e
inet6 fe80::d05d:4eff:fe82:6e7e%llw0 prefixlen 64 scopeid 0xd
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1400
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether 36:f4:fc:7d:2c:00
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x0
member: en1 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 8 priority 0 path cost 0
member: en2 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 9 priority 0 path cost 0
media: <unknown type>
status: inactive
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
inet6 fe80::2c55:4e12:179e:5fe7%utun1 prefixlen 64 scopeid 0x10
nd6 options=201<PERFORMNUD,DAD>
utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::6318:d038:5e88:24db%utun2 prefixlen 64 scopeid 0x11
nd6 options=201<PERFORMNUD,DAD>
utun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1000
inet6 fe80::ce81:b1c:bd2c:69e%utun3 prefixlen 64 scopeid 0x12
nd6 options=201<PERFORMNUD,DAD>
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
================================================================================
Quit Log:
2024-04-03 13:54:08.848448 applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes)
2024-04-03 13:54:08.871112 shutDownTunnelblick: started.
2024-04-03 13:54:08.871768 shutDownTunnelblick: Starting cleanup.
2024-04-03 13:54:08.872172 cleanup: Entering cleanup
2024-04-03 13:54:08.872492 cleanup aborted because Tunnelblick did not finish launching
2024-04-03 13:54:08.872762 shutDownTunnelblick: Cleanup finished.
2024-04-03 13:54:08.873039 Finished shutting down Tunnelblick; allowing termination
================================================================================
Traces Log:
================================================================================
Console Log:
git commit 2d9a5bc30943c891005969bafcef3c656247b956
The Tunnelblick.app process is not being translated (arm64)
System Integrity Protection is enabled
Model: Mac14,2
================================================================================
Configuration darcc__ssl_vpn_config
"Sanitized" condensed configuration file for /Users/leilamwakalukwa/Library/Application Support/Tunnelblick/Configurations/darcc__ssl_vpn_config.tblk:
client
dev tun
proto tcp
verify-x509-name "C=TZ, ST=Tanzania, L=Dar es Salaam, O=e-Government Authority, OU=OU, CN=SophosApplianceCertificate_C1B103C6PHXB455, emailAddress=grou...@ega.go.tz"
route remote_host 255.255.255.255 net_gateway
resolv-retry infinite
nobind
persist-key
persist-tun
<ca>
[Security-related line(s) omitted]
</ca>
<cert>
[Security-related line(s) omitted]
</cert>
<key>
[Security-related line(s) omitted]
</key>
auth-user-pass
cipher AES-128-CBC
auth SHA256
comp-lzo no
route-delay 4
verb 3
reneg-sec 0
remote 154.118.224.134 8443
remote 2.2.2.2 8443
remote 10.255.0.1 8443
remote 172.16.8.82 8443
================================================================================
Files in darcc__ssl_vpn_config.tblk:
Contents/Resources/config.ovpn
================================================================================
Configuration preferences:
-keychainHasUsernameAndPassword = 1
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
-loginWindowSecurityTokenCheckboxIsChecked = 0
-lastConnectionSucceeded = 0
================================================================================
Wildcard preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
================================================================================
Program preferences:
launchAtNextLogin = 1
tunnelblickVersionHistory = (
"5.0.0beta02 (build 6010)",
"4.0.1 (build 5971)",
"5.0.0beta02 (build 6010)",
"4.0.1 (build 5971)",
"3.8.8g (build 5779.3)",
"3.8.8e (build 5779.1)"
)
lastLaunchTime = 733870461.8888201
lastLanguageAtLaunchWasRTL = 0
connectionWindowDisplayCriteria = showWhenConnecting
maxLogDisplaySize = 102400
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
NSWindow Frame ConnectingWindow = 540 538 389 217 0 0 1470 919
NSWindow Frame SUStatusFrame = 444 131 400 135 0 0 1470 919
NSWindow Frame SUUpdateAlert = 425 403 620 398 0 0 1470 919
detailsWindowFrameVersion = 5971
detailsWindowFrame = {{275, 310}, {920, 522}}
detailsWindowLeftFrame = {{0, 0}, {167, 402}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = log
leftNavSelectedDisplayName = darcc__ssl_vpn_config
AdvancedWindowTabIdentifier = connectingAndDisconnecting
haveDealtWithOldTunTapPreferences = 1
haveDealtWithAlwaysShowLoginWindow = 1
haveDealtWithOldLoginItem = 1
haveDealtWithAfterDisconnect = 1
SUEnableAutomaticChecks = 1
SUScheduledCheckInterval = 86400
SULastCheckTime = 2024-04-03 20:54:23 +0000
SUHasLaunchedBefore = 1
================================================================================
Forced preferences:
(None)
================================================================================
Deployed forced preferences:
(None)
================================================================================
Tunnelblick Kext Policy Data:
================================================================================
Tunnelblick Log:
2024-04-03 13:54:34.788239 *Tunnelblick: macOS 12.5.1 (21G83); Tunnelblick 5.0.0beta02 (build 6010); prior version 4.0.1 (build 5971)
2024-04-03 13:54:35.348858 *Tunnelblick: Attempting connection with darcc__ssl_vpn_config using shadow copy; Set nameserver = 0x00000301; monitoring connection
2024-04-03 13:54:35.349048 *Tunnelblick: openvpnstart start darcc__ssl_vpn_config.tblk 54337 0x00000301 0 1 0 0x0210c130 -ptADGNWradsgnw 2.6.9-openssl-3.0.13 <password>
2024-04-03 13:54:35.367207 *Tunnelblick: openvpnstart starting OpenVPN
2024-04-03 13:54:35.748566 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
2024-04-03 13:54:35.748880 OpenVPN 2.6.9 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD]
2024-04-03 13:54:35.748944 library versions: OpenSSL 3.0.13 30 Jan 2024, LZO 2.10
2024-04-03 13:54:35.750860 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:54337
2024-04-03 13:54:35.750907 Need hold release from management interface, waiting...
2024-04-03 13:54:35.974594 *Tunnelblick: openvpnstart log:
OpenVPN started successfully.
Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.6.9-openssl-3.0.13/openvpn
--daemon
--log-append /Library/Application Support/Tunnelblick/Logs/-SUsers-Sleilamwakalukwa-SLibrary-SApplication Support-STunnelblick-SConfigurations-Sdarcc__ssl_vpn_config.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_34652464.54337.openvpn.log
--cd /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk/Contents/Resources
--machine-readable-output
--setenv IV_GUI_VER "net.tunnelblick.tunnelblick 6010 5.0.0beta02 (build 6010)"
--verb 3
--config /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk/Contents/Resources/config.ovpn
--setenv TUNNELBLICK_CONFIG_FOLDER /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk/Contents/Resources
--verb 3
--cd /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk/Contents/Resources
--management 127.0.0.1 54337 /Library/Application Support/Tunnelblick/Mips/darcc__ssl_vpn_config.tblk.mip
--setenv IV_SSO webauth
--management-query-passwords
--management-hold
--script-security 2
--route-up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
--down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
2024-04-03 13:54:35.976684 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:49298
2024-04-03 13:54:36.022642 MANAGEMENT: CMD 'pid'
2024-04-03 13:54:36.022670 *Tunnelblick: Established communication with OpenVPN
2024-04-03 13:54:36.022685 MANAGEMENT: CMD 'auth-retry interact'
2024-04-03 13:54:36.022707 MANAGEMENT: CMD 'state on'
2024-04-03 13:54:36.022723 MANAGEMENT: CMD 'state'
2024-04-03 13:54:36.022752 MANAGEMENT: CMD 'bytecount 1'
2024-04-03 13:54:36.023110 *Tunnelblick: >INFO:OpenVPN Management Interface Version 5 -- type 'help' for more info
2024-04-03 13:54:36.023550 MANAGEMENT: CMD 'hold release'
2024-04-03 13:54:36.028228 *Tunnelblick: Obtained VPN username and password from the Keychain
2024-04-03 13:54:36.028787 MANAGEMENT: CMD 'username "Auth" "darcc"'
2024-04-03 13:54:36.028842 MANAGEMENT: CMD 'password [...]'
2024-04-03 13:54:36.029102 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2024-04-03 13:54:36.039097 TCP/UDP: Preserving recently used remote address: [AF_INET]154.118.224.134:8443
2024-04-03 13:54:36.039245 Socket Buffers: R=[131072->131072] S=[131072->131072]
2024-04-03 13:54:36.039265 Attempting to establish TCP connection with [AF_INET]154.118.224.134:8443
2024-04-03 13:54:36.039277 MANAGEMENT: >STATE:1712177676,TCP_CONNECT,,,,,,
2024-04-03 13:54:36.080878 TCP connection established with [AF_INET]154.118.224.134:8443
2024-04-03 13:54:36.081019 TCPv4_CLIENT link local: (not bound)
2024-04-03 13:54:36.081061 TCPv4_CLIENT link remote: [AF_INET]154.118.224.134:8443
2024-04-03 13:54:36.081194 MANAGEMENT: >STATE:1712177676,WAIT,,,,,,
2024-04-03 13:54:36.120158 MANAGEMENT: >STATE:1712177676,AUTH,,,,,,
2024-04-03 13:54:36.120268 TLS: Initial packet from [AF_INET]154.118.224.134:8443, sid=db199d91 d87cfd59
2024-04-03 13:54:36.120385 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2024-04-03 13:54:36.275704 TLS error: Unsupported protocol. This typically indicates that client and server have no common TLS version enabled. This can be caused by mismatched tls-version-min and tls-version-max options on client and server. If your OpenVPN client is between v2.3.6 and v2.3.2 try adding tls-version-min 1.0 to the client configuration to use TLS 1.0+ instead of TLS 1.0 only
2024-04-03 13:54:36.275819 OpenSSL: error:0A000102:SSL routines::unsupported protocol:
2024-04-03 13:54:36.275850 TLS_ERROR: BIO read tls_read_plaintext error
2024-04-03 13:54:36.275873 TLS Error: TLS object -> incoming plaintext read error
2024-04-03 13:54:36.275896 TLS Error: TLS handshake failed
2024-04-03 13:54:36.276094 Fatal TLS error (check_tls_errors_co), restarting
2024-04-03 13:54:36.276275 SIGUSR1[soft,tls-error] received, process restarting
2024-04-03 13:54:36.276316 MANAGEMENT: >STATE:1712177676,RECONNECTING,tls-error,,,,,
2024-04-03 13:54:36.277113 MANAGEMENT: CMD 'hold release'
2024-04-03 13:54:36.277175 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2024-04-03 13:54:36.277482 TCP/UDP: Preserving recently used remote address: [AF_INET]2.2.2.2:8443
2024-04-03 13:54:36.277628 Socket Buffers: R=[131072->131072] S=[131072->131072]
2024-04-03 13:54:36.277659 Attempting to establish TCP connection with [AF_INET]2.2.2.2:8443
2024-04-03 13:54:36.277690 MANAGEMENT: >STATE:1712177676,TCP_CONNECT,,,,,,
2024-04-03 13:54:38.280030 MANAGEMENT: CMD 'hold release'
================================================================================
Installer log:
Tunnelblick installer started 2024-04-03 13:54:27.055256; getuid() = 501; geteuid() = 0; getgid() = 20; getegid() = 20
currentDirectoryPath = '/'; 3 arguments:
0x0001
/Users/leilamwakalukwa/Library/Application Support/Tunnelblick/Configurations/darcc__ssl_vpn_config.tblk
/private/var/folders/q0/kq9qxxws60j8db8m7vh2hgzc0000gn/T/net.tunnelblick.tunnelblick-hTRcIy/darcc__ssl_vpn_config.tblk
Determined username 'leilamwakalukwa' from getuid(): 501
renamex_np() tests succeeded for /Applications
renamex_np() tests succeeded for /Library/Application Support/Tunnelblick
renamex_np() tests succeeded for /Users/leilamwakalukwa/Library/Application Support/Tunnelblick/Configurations
renamex_np() succeeded renaming /Library/Application Support/Tunnelblick/installer-temp to /Users/leilamwakalukwa/Library/Application Support/Tunnelblick/Configurations/darcc__ssl_vpn_config.tblk
Changed ownership of /Users/leilamwakalukwa/Library/Application Support/Tunnelblick/Configurations/darcc__ssl_vpn_config.tblk and its contents from 0:0 to 501:80
renamex_np() succeeded renaming /Library/Application Support/Tunnelblick/installer-temp to /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk/Contents
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk/Contents/Resources
Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Users/leilamwakalukwa/darcc__ssl_vpn_config.tblk/Contents/Resources/config.ovpn
Tunnelblick installer succeeded
================================================================================
Down log:
12:50:10 *Tunnelblick: **********************************************
12:50:10 *Tunnelblick: Start of output from client.down.tunnelblick.sh
12:50:11 *Tunnelblick: WARNING: Not restoring network settings because no saved Tunnelblick DNS information was found.
12:50:11 *Tunnelblick: End of output from client.down.tunnelblick.sh
12:50:11 *Tunnelblick: **********************************************
================================================================================
Previous down log:
04:53:29 *Tunnelblick: **********************************************
04:53:30 *Tunnelblick: Start of output from client.down.tunnelblick.sh
04:53:30 *Tunnelblick: Cancelled monitoring system configuration changes
04:53:30 *Tunnelblick: Restored State:DNS
04:53:30 *Tunnelblick: Removed Setup:DNS
04:53:30 *Tunnelblick: Removed State:SMB
04:53:30 *Tunnelblick: Restored DNS and SMB settings
04:53:30 *Tunnelblick: Re-enabled IPv6 (automatic) for "USB 10/100/1000 LAN"
04:53:30 *Tunnelblick: Re-enabled IPv6 (automatic) for "Wi-Fi"
04:53:30 *Tunnelblick: Re-enabled IPv6 (automatic) for "Thunderbolt Bridge"
04:53:30 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache
04:53:30 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
04:53:30 *Tunnelblick: End of output from client.down.tunnelblick.sh
04:53:30 *Tunnelblick: **********************************************
================================================================================
Network services:
An asterisk (*) denotes that a network service is disabled.
USB 10/100/1000 LAN
Wi-Fi
Thunderbolt Bridge
Wi-Fi Power (en0): On
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
anpi1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 2e:23:6f:0e:8a:cb
inet6 fe80::2c23:6fff:fe0e:8acb%anpi1 prefixlen 64 scopeid 0x4
nd6 options=201<PERFORMNUD,DAD>
media: none
status: inactive
anpi0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 2e:23:6f:0e:8a:ca
inet6 fe80::2c23:6fff:fe0e:8aca%anpi0 prefixlen 64 scopeid 0x5
nd6 options=201<PERFORMNUD,DAD>
media: none
status: inactive
en3: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 2e:23:6f:0e:8a:aa
nd6 options=201<PERFORMNUD,DAD>
media: none
status: inactive
en4: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 2e:23:6f:0e:8a:ab
nd6 options=201<PERFORMNUD,DAD>
media: none
status: inactive
en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=460<TSO4,TSO6,CHANNEL_IO>
ether 36:f4:fc:7d:2c:00
media: autoselect <full-duplex>
status: inactive
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=460<TSO4,TSO6,CHANNEL_IO>
ether 36:f4:fc:7d:2c:04
media: autoselect <full-duplex>
status: inactive
ap1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether aa:8f:d9:3d:8d:59
media: autoselect
status: inactive
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=6463<RXCSUM,TXCSUM,TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
ether a8:8f:d9:3d:8d:59
inet6 fe80::14cc:6ddd:fb0a:5f31%en0 prefixlen 64 secured scopeid 0xb
inet 192.168.191.51 netmask 0xffffff00 broadcast 192.168.191.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether d2:5d:4e:82:6e:7e
inet6 fe80::d05d:4eff:fe82:6e7e%awdl0 prefixlen 64 scopeid 0xc
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
llw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether d2:5d:4e:82:6e:7e
inet6 fe80::d05d:4eff:fe82:6e7e%llw0 prefixlen 64 scopeid 0xd
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1400
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether 36:f4:fc:7d:2c:00
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x0
member: en1 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 8 priority 0 path cost 0
member: en2 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 9 priority 0 path cost 0
media: <unknown type>
status: inactive
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
inet6 fe80::2c55:4e12:179e:5fe7%utun1 prefixlen 64 scopeid 0x10
nd6 options=201<PERFORMNUD,DAD>
utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::6318:d038:5e88:24db%utun2 prefixlen 64 scopeid 0x11
nd6 options=201<PERFORMNUD,DAD>
utun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1000
inet6 fe80::ce81:b1c:bd2c:69e%utun3 prefixlen 64 scopeid 0x12
nd6 options=201<PERFORMNUD,DAD>
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
================================================================================
Quit Log:
2024-04-03 13:54:08.848448 applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes)
2024-04-03 13:54:08.871112 shutDownTunnelblick: started.
2024-04-03 13:54:08.871768 shutDownTunnelblick: Starting cleanup.
2024-04-03 13:54:08.872172 cleanup: Entering cleanup
2024-04-03 13:54:08.872492 cleanup aborted because Tunnelblick did not finish launching
2024-04-03 13:54:08.872762 shutDownTunnelblick: Cleanup finished.
2024-04-03 13:54:08.873039 Finished shutting down Tunnelblick; allowing termination
================================================================================
Traces Log:
================================================================================
Console Log:
Tunnelblick developer
Apr 3, 2024, 5:20:16 PM4/3/24
to tunnelblick-discuss
Thanks for posting the diagnostic info.
This:
means you have an obsolete VPN setup. Please see Tunnelblick 4 for some workarounds and more details.
Reply all
Reply to author
Forward
0 new messages