Mac 10.6.6 openVPN failed
444 views
Skip to first unread message
Johannes Radinger
Jun 14, 2011, 11:55:57 AM6/14/11
to tunnelblick-discuss
Hello I tried for my first time tunnelblick to access to a astaro-vpn
connection of my work. I
got several config-files i put into the correct folder and if I try to
connect i get following:
2011-06-14 17:26:03 *Tunnelblick: OS X 10.6.7; Tunnelblick 3.1.7
(build 2190.2413); OpenVPN 2.1.4
2011-06-14 17:26:06 *Tunnelblick: Attempting connection with
x...@xxx.de; Set nameserver = 1; not monitoring connection
2011-06-14 17:26:06 *Tunnelblick: /Applications/Tunnelblick.app/
Contents/Resources/openvpnstart start x...@xxx.de.ovpn 1337 1 0 0 1 49
2011-06-14 17:26:12 *Tunnelblick: openvpnstart Status #247: /
Applications/Tunnelblick.app/Contents/Resources/tun.kext failed to
load - (libkern/kext) kext (kmod) start/stop routine failed; check the
system/kernel logs for errors or try kextutil(8).
/Applications/Tunnelblick.app/Contents/Resources/tun.kext failed to
load - (libkern/kext) kext (kmod) start/stop routine failed; check the
system/kernel logs for errors or try kextutil(8).
/Applications/Tunnelblick.app/Contents/Resources/tun.kext failed to
load - (libkern/kext) kext (kmod) start/stop routine failed; check the
system/kernel logs for errors or try kextutil(8).
/Applications/Tunnelblick.app/Contents/Resources/tun.kext failed to
load - (libkern/kext) kext (kmod) start/stop routine failed; check the
system/kernel logs for errors or try kextutil(8).
/Applications/Tunnelblick.app/Contents/Resources/tun.kext failed to
load - (libkern/kext) kext (kmod) start/stop routine failed; check the
system/kernel logs for errors or try kextutil(8).
Error: Unable to load net.tunnelblick.tun and/or net.tunnelblick.tap
kexts in 5 tries. Status = 71
what causes the problem, what do I have to do?
I am running Tunnelblick 3.1.7 (updated today)
/J
connection of my work. I
got several config-files i put into the correct folder and if I try to
connect i get following:
2011-06-14 17:26:03 *Tunnelblick: OS X 10.6.7; Tunnelblick 3.1.7
(build 2190.2413); OpenVPN 2.1.4
2011-06-14 17:26:06 *Tunnelblick: Attempting connection with
x...@xxx.de; Set nameserver = 1; not monitoring connection
2011-06-14 17:26:06 *Tunnelblick: /Applications/Tunnelblick.app/
Contents/Resources/openvpnstart start x...@xxx.de.ovpn 1337 1 0 0 1 49
2011-06-14 17:26:12 *Tunnelblick: openvpnstart Status #247: /
Applications/Tunnelblick.app/Contents/Resources/tun.kext failed to
load - (libkern/kext) kext (kmod) start/stop routine failed; check the
system/kernel logs for errors or try kextutil(8).
/Applications/Tunnelblick.app/Contents/Resources/tun.kext failed to
load - (libkern/kext) kext (kmod) start/stop routine failed; check the
system/kernel logs for errors or try kextutil(8).
/Applications/Tunnelblick.app/Contents/Resources/tun.kext failed to
load - (libkern/kext) kext (kmod) start/stop routine failed; check the
system/kernel logs for errors or try kextutil(8).
/Applications/Tunnelblick.app/Contents/Resources/tun.kext failed to
load - (libkern/kext) kext (kmod) start/stop routine failed; check the
system/kernel logs for errors or try kextutil(8).
/Applications/Tunnelblick.app/Contents/Resources/tun.kext failed to
load - (libkern/kext) kext (kmod) start/stop routine failed; check the
system/kernel logs for errors or try kextutil(8).
Error: Unable to load net.tunnelblick.tun and/or net.tunnelblick.tap
kexts in 5 tries. Status = 71
what causes the problem, what do I have to do?
I am running Tunnelblick 3.1.7 (updated today)
/J
jkbull...gmail.com
Jun 14, 2011, 12:12:58 PM6/14/11
to tunnelbli...@googlegroups.com
The problem is "tun.kext failed to load".
You probably have a conflicting tun kext already loaded. Some other VPN programs (Cisco AnyConnect, Viscosity, etc.) load such conflicting kexts. Some load when the system starts, some load only when you run them.
You need to find out what program is loading the conflicting kept. To do that, type the following into /Applications/Utilities/Terminal.app:
kextstat
It will output several dozen lines. Look for items with names that do not start with "com.apple". Copy/paste the output into a reply and we'll take it from there.
Johannes Radinger
Jun 15, 2011, 5:46:04 AM6/15/11
to tunnelblick-discuss
okay here are the lines that don't start with com.apple:
131 0 0x7f471000 0x76000 0x75000
com.parallels.kext.prl_hypervisor (6.0 11800.593005) <14 13 7 5 4 3 1>
132 0 0x7fb2f000 0x3000 0x2000
com.parallels.kext.prl_hid_hook (6.0 11800.593005) <7 5 4 3 1>
133 0 0x7fb28000 0x6000 0x5000
com.parallels.kext.prl_usb_connect (6.0 11800.593005) <36 7 5 4 3 1>
134 0 0x7fb1a000 0xc000 0xb000
com.parallels.kext.prl_netbridge (6.0 11800.593005) <5 4 3 1>
135 0 0x7faf9000 0x4000 0x3000
com.parallels.kext.prl_vnic (6.0 11800.593005) <41 5 4 3 1>
136 0 0x1a3e000 0x6000 0x5000 com.cisco.cscotun (1.0)
<12 11 9 7 4 1>
137 0 0x1a44000 0x6f000 0x6e000 com.cisco.nke.ipsec
(2.0.1) <4 1>
I had on my older macbook cisco anyconnect installed and then I
migrated to the actual macbook, and I deinstalled anyconnect. But it
seems that there are still remainings of the former installation...so
what to do next?
131 0 0x7f471000 0x76000 0x75000
com.parallels.kext.prl_hypervisor (6.0 11800.593005) <14 13 7 5 4 3 1>
132 0 0x7fb2f000 0x3000 0x2000
com.parallels.kext.prl_hid_hook (6.0 11800.593005) <7 5 4 3 1>
133 0 0x7fb28000 0x6000 0x5000
com.parallels.kext.prl_usb_connect (6.0 11800.593005) <36 7 5 4 3 1>
134 0 0x7fb1a000 0xc000 0xb000
com.parallels.kext.prl_netbridge (6.0 11800.593005) <5 4 3 1>
135 0 0x7faf9000 0x4000 0x3000
com.parallels.kext.prl_vnic (6.0 11800.593005) <41 5 4 3 1>
136 0 0x1a3e000 0x6000 0x5000 com.cisco.cscotun (1.0)
<12 11 9 7 4 1>
137 0 0x1a44000 0x6f000 0x6e000 com.cisco.nke.ipsec
(2.0.1) <4 1>
I had on my older macbook cisco anyconnect installed and then I
migrated to the actual macbook, and I deinstalled anyconnect. But it
seems that there are still remainings of the former installation...so
what to do next?
jkbull...gmail.com
Jun 15, 2011, 6:04:19 AM6/15/11
to tunnelbli...@googlegroups.com
According to comment 4 of Tunnelblick Issue 18, do the following from /Applications/Utilities/Terminal.app:
To disable CiscoTUN in order to start Tunnelblick, issue this command: sudo /System/Library/StartupItems/CiscoTUN stop
I think that stops it from loading each time the computer starts, but it may be that it just disables it and it will be started again when the computer restarts.
Based on that comment, I think you can drag /System/Library/StartupItems/CiscoTUN to the Trash; that would stop it from being loaded when the system starts. If you do that you should probably restart your computer to make sure everything is cleared properly.
I think you can (as far as Tunnelblick is concerned) leave the com.cisco.nke.ipsec loaded.
If your OpenVPN configuration uses TAP instead of TUN it should co-exist with Cisco AnyConnect's TUN without conflict. And if you need to use an OpenVPN TUN configuration, there is a set of User-Contributed up/down scripts that unload the Cisco TUN kext when Tunnelblick needs to load its own TUN kext, and then reloads the Cisco kext when Tunnelblick is finished using its own. So you can't have a Cisco TUN at the same time as an OpenVPN TUN connection, but you can have either one any time by using the scripts.
Johannes Radinger
Jun 15, 2011, 6:52:03 AM6/15/11
to tunnelblick-discuss
Hej
I tried to delete /System/Library/StartupItems/CiscoTUN but there are
no cisco items there...
I tried to search for cisco files but there are only cisco files on my
bootcamp-partion I use to run
windows on my mac...but I can't imagine that this is conflicting...
The configuration I use for openvpn is set by the files I got from the
system admin...so I think I have
to stick to TUN but I really don't know.
I tried to delete /System/Library/StartupItems/CiscoTUN but there are
no cisco items there...
I tried to search for cisco files but there are only cisco files on my
bootcamp-partion I use to run
windows on my mac...but I can't imagine that this is conflicting...
The configuration I use for openvpn is set by the files I got from the
system admin...so I think I have
to stick to TUN but I really don't know.
jkbull...gmail.com
Jun 15, 2011, 6:57:28 AM6/15/11
to tunnelbli...@googlegroups.com
Sorry for the confusion -- I put the comments about TAP in for the benefit of others who might look at this thread.
There could be a couple of other places where Cisco stuff could be, too. Spotlight, by default, doesn't search for them, so you might not find them on a search.
Look in /System/Library/LaunchAgents and /System/Library/LaunchDaemons -- they are the "new" folders for such things.
Also try /Users/YOURUSERNAME/Library/LaunchAgents.
Johannes Radinger
Jun 15, 2011, 7:25:43 AM6/15/11
to tunnelblick-discuss
in your mentioned folders I nothing explicitly related to cisco,
but there is a plist file called:
com.apple.third_party_32b_kext_logger.plist
is that the thing I need to delete?
but there is a plist file called:
com.apple.third_party_32b_kext_logger.plist
is that the thing I need to delete?
jkbull...gmail.com
Jun 15, 2011, 7:32:20 AM6/15/11
to tunnelbli...@googlegroups.com
No, I don't think so, and I don't think it is a good idea to modify Apple stuff, so I wouldn't try deleting that. It sounds like a program that Apple uses to keep track of third party kexts.
You might also try disabling any Cisco startup item you find by the technique described in http://www.zimbio.com/Mac+OS+X/articles/43/OS+X+startup+programs -- I'm not sure if that method will find anything different, but it might.
Otherwise, I think you may have to contact Cisco, or find out how to include "system" items in searches.
Reply all
Reply to author
Forward
0 new messages