Re: VPN access worked yesterday but not today.

80 views
Skip to first unread message
Message has been deleted

Jonathan K. Bullard

unread,
Nov 17, 2012, 2:58:52 PM11/17/12
to tunnelbli...@googlegroups.com, ech...@gmail.com
Most likely it is the server, or a firewall (hardware or software) between the client and server.

On Sat, Nov 17, 2012 at 1:17 PM, Denis Dervisevic <ech...@gmail.com> wrote:
Hello everyone, I'm guessing this could be a problem with the server or the access to it but i thought I'd check if it was me before checking that on monday. It worked last night, now i get Waiting for server response. I did play around some with my ssh keys but I don't think it should affect it, perhaps it did. I restored the old keys but still doesn't work. Posting log & config below. Removed IPs and Domains. Any help is appreciated. 

Config:

client
dev tun
proto udp

remote vpn.xxx.xxx 1194

resolv-retry infinite
nobind

user nobody
group nogroup
persist-key
persist-tun

mute-replay-warnings

ca cacert.pem
cert cert.pem
key key.pem

ns-cert-type server
tls-auth ta.key 1

cipher BF-CBC
comp-lzo

verb 3
mute 20
--------------
LOG:

2012-11-17 19:12:51 *Tunnelblick: OS X 10.8.2; Tunnelblick 3.3beta21a (build 3114.1)
2012-11-17 19:12:51 *Tunnelblick: Attempting connection with VPN; Set nameserver = 3; monitoring connection
2012-11-17 19:12:51 *Tunnelblick: /Applications/Tunnelblick.app/Contents/Resources/openvpnstart start VPN.tblk 1337 3 0 0 0 49 -atADGNWradsgnw 
2012-11-17 19:12:51 *Tunnelblick: openvpnstart output:

Warning: Tunnelblick is using 'openvpn-down-root.so', so the route-pre-down script will not be used. You can override this by providing a custom route-pre-down script (which may be a copy of Tunnelblick's standard route-pre-down script) in a Tunnelblick VPN Configuration. However, that script will not be executed as root unless the 'user' and 'group' options are removed from the OpenVPN configuration file. If the 'user' and 'group' options are removed, then you don't need to use a custom route-pre-down script.

2012-11-17 19:12:51 *Tunnelblick: openvpnstart message: Loading tun.kext

OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):

     /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn
     --cd
     /Users/Denis/Library/Application Support/Tunnelblick/Configurations/VPN.tblk/Contents/Resources
     --daemon
     --management
     127.0.0.1
     1337
     --config
     /Users/Denis/Library/Application Support/Tunnelblick/Configurations/VPN.tblk/Contents/Resources/config.ovpn
     --log
     /Library/Application Support/Tunnelblick/Logs/-SUsers-SDenis-SLibrary-SApplication Support-STunnelblick-SConfigurations--SVPN.tblk-SContents-SResources-Sconfig.ovpn.3_0_0_0_49.1337.openvpn.log
     --management-query-passwords
     --management-hold
     --script-security
     2
     --up
     /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -atADGNWradsgnw
     --plugin
     /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn-down-root.so
     /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -atADGNWradsgnw
     --up-restart
2012-11-17 19:12:51 *Tunnelblick: Established communication with OpenVPN
2012-11-17 19:12:51 *Tunnelblick: Obtained VPN passphrase from the Keychain
2012-11-17 19:12:51 OpenVPN 2.3-alpha1 i386-apple-darwin10.8.0 [SSL (OpenSSL)] [LZO2] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110522-1 (2.2.0)] built on Sep 12 2012
2012-11-17 19:12:51 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
2012-11-17 19:12:51 Need hold release from management interface, waiting...
2012-11-17 19:12:51 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
2012-11-17 19:12:51 MANAGEMENT: CMD 'pid'
2012-11-17 19:12:51 MANAGEMENT: CMD 'state on'
2012-11-17 19:12:51 MANAGEMENT: CMD 'state'
2012-11-17 19:12:51 MANAGEMENT: CMD 'bytecount 1'
2012-11-17 19:12:51 MANAGEMENT: CMD 'hold release'
2012-11-17 19:12:51 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-11-17 19:12:51 PLUGIN_INIT: POST /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn-down-root.so '[/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn-down-root.so] [/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh] [-m] [-w] [-d] [-atADGNWradsgnw]' intercepted=PLUGIN_UP|PLUGIN_DOWN 
2012-11-17 19:12:51 MANAGEMENT: CMD 'password [...]'
2012-11-17 19:12:51 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2012-11-17 19:12:51 WARNING: file 'key.pem' is group or others accessible
2012-11-17 19:12:51 WARNING: file 'ta.key' is group or others accessible
2012-11-17 19:12:51 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
2012-11-17 19:12:51 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-11-17 19:12:51 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-11-17 19:12:51 Socket Buffers: R=[196724->65536] S=[9216->65536]
2012-11-17 19:12:51 MANAGEMENT: >STATE:1353175971,RESOLVE,,,
2012-11-17 19:12:51 *Tunnelblick: openvpnstart starting OpenVPN:
                    *                    /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn --cd /Users/Denis/Library/Application Support/Tunnelblick/Configurations/VPN.tblk/Contents/Resources --daemon --management 127.0.0.1 1337 --config /Users/Denis/Library/Application Support/Tunnelblick/Configurations/VPN.tblk/Contents/Resources/config.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SUsers-SDenis-SLibrary-SApplication Support-STunnelblick-SConfigurations--SVPN.tblk-SContents-SResources-Sconfig.ovpn.3_0_0_0_49.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -atADGNWradsgnw --plugin /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn-down-root.so /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -atADGNWradsgnw --up-restart
2012-11-17 19:12:52 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
2012-11-17 19:12:52 UDPv4 link local: [undef]
2012-11-17 19:12:52 UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
2012-11-17 19:12:52 MANAGEMENT: >STATE:1353175972,WAIT,,,

--
You received this message because you are subscribed to the Google Groups "tunnelblick-discuss" group.
To view this discussion on the web visit https://groups.google.com/d/msg/tunnelblick-discuss/-/RVlsZ-dmMTQJ.
To post to this group, send email to tunnelbli...@googlegroups.com.
To unsubscribe from this group, send email to tunnelblick-dis...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/tunnelblick-discuss?hl=en.

Denis Dervisevic

unread,
Nov 17, 2012, 5:44:54 PM11/17/12
to tunnelbli...@googlegroups.com
Ok, it just started working again so seems to probably have been network issues or something.
Reply all
Reply to author
Forward
0 new messages