Unable to connect to server from one network
186 views
Skip to first unread message
gbh
May 10, 2018, 4:56:17 PM5/10/18
to tunnelblick-discuss
I am not able to connect to my OpenVPN server from this particular network, whereas I have been able to connect from other networks. Here's the log file. Any idea of why it won't connect?
*Tunnelblick: OS X 10.13.4; Tunnelblick 3.7.5a (build 5011); prior version 3.5.21 (build 4270.4981); Admin user
git commit 8aa639b020f231f1cea64abfe272e6deedfa916b
Configuration openvpn-credentials-client3
"Sanitized" condensed configuration file for /Users/username/Library/Application Support/Tunnelblick/Configurations/openvpn-credentials-client3.tblk:
client
remote xxx.xxx.xx.xx 443
dev tun
proto tcp-client
resolv-retry infinite
remote-cert-tls server
topology subnet
verb 3
cipher AES-128-CBC
ca ca.crt
cert client3.crt
key client3.key
tls-auth ta.key 1
nobind
persist-key
persist-tun
comp-lzo
<ca>
[Security-related line(s) omitted]
</ca>
<cert>
[Security-related line(s) omitted]
</cert>
<key>
[Security-related line(s) omitted]
</key>
<tls-auth>
[Security-related line(s) omitted]
</tls-auth>
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
160 0 0xffffff7f83a04000 0x8000 0x8000 foo.tun (1.0) FBA9A61D-E7BB-391C-92E2-C1D85BB065B2 <7 5 4 1>
161 0 0xffffff7f83a0c000 0x7000 0x7000 foo.tap (1.0) FF769517-6401-3F61-9190-B967BF20C0B2 <7 5 4 1>
================================================================================
There are no unusual files in openvpn-credentials-client3.tblk
================================================================================
Configuration preferences:
-skipWarningThatMayNotConnectInFutureBecauseOfOpenVPNOptions = 1
-routeAllTrafficThroughVpn = 1
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
-lastConnectionSucceeded = 0
================================================================================
Wildcard preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
================================================================================
Program preferences:
skipWarningThatIPAddressDidNotChangeAfterConnection = 1
launchAtNextLogin = 1
notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
tunnelblickVersionHistory = (
"3.7.5a (build 5011)",
"3.5.21 (build 4270.4981)",
"3.5.3 (build 4270.4371)",
"3.4beta16 (build 3679)",
"3.4beta14 (build 3649)"
)
statusDisplayNumber = 0
lastLaunchTime = 547676830.141745
doNotShowNotificationWindowOnMouseover = 0
doNotShowDisconnectedNotificationWindows = 1
showConnectedDurations = 1
lastLanguageAtLaunchWasRTL = 0
connectionWindowDisplayCriteria = showWhenChanges
maxLogDisplaySize = 102400
lastConnectedDisplayName = openvpn-credentials-client3
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
NSWindow Frame ConnectingWindow = 525 517 389 187 0 0 1440 877
detailsWindowFrameVersion = 5011
detailsWindowFrame = {{21, 23}, {920, 794}}
detailsWindowLeftFrame = {{0, 0}, {189, 676}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = settings
leftNavSelectedDisplayName = openvpn-credentials-client3
AdvancedWindowTabIdentifier = vpnCredentials
haveDealtWithOldTunTapPreferences = 1
haveDealtWithOldLoginItem = 1
haveDealtWithAfterDisconnect = 1
SUEnableAutomaticChecks = 1
SUFeedURL = https://www.tunnelblick.net/appcast-s.rss
SUScheduledCheckInterval = 86400
SUSendProfileInfo = 1
SUAutomaticallyUpdate = 1
SULastCheckTime = 2018-05-10 20:27:10 +0000
SULastProfileSubmissionDate = 2018-05-06 18:01:39 +0000
SUHasLaunchedBefore = 1
WebKitDefaultFontSize = 11
WebKitStandardFont = Lucida Grande
askedUserIfOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
haveDealtWithSparkle1dot5b6 = 1
updateAutomatically = 1
updateSendProfileInfo = 1
================================================================================
Tunnelblick Log:
2018-05-10 16:49:32 OpenVPN 2.4.4 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Mar 27 2018
2018-05-10 16:49:32 library versions: OpenSSL 1.0.2o 27 Mar 2018, LZO 2.10
2018-05-10 16:49:32 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
2018-05-10 16:49:32 Need hold release from management interface, waiting...
*Tunnelblick: OS X 10.13.4; Tunnelblick 3.7.5a (build 5011); prior version 3.5.21 (build 4270.4981)
2018-05-10 16:49:32 *Tunnelblick: Attempting connection with openvpn-credentials-client3 using shadow copy; Set nameserver = 769; monitoring connection
2018-05-10 16:49:32 *Tunnelblick: openvpnstart start openvpn-credentials-client3.tblk 1337 769 0 1 0 1065776 -ptADGNWradsgnw 2.4.4-openssl-1.0.2o
2018-05-10 16:49:33 *Tunnelblick: openvpnstart log:
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.4.4-openssl-1.0.2o/openvpn
--daemon
--log
/Library/Application Support/Tunnelblick/Logs/-SUsers-S username-SLibrary-SApplication Support-STunnelblick-SConfigurations-Sopenvpn--credentials--client3.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_1065776.1337.openvpn.log
--cd
/Library/Application Support/Tunnelblick/Users/username/openvpn-credentials-client3.tblk/Contents/Resources
--setenv
IV_GUI_VER
"net.tunnelblick.tunnelblick 5011 3.7.5a (build 5011)"
--verb
3
--config
/Library/Application Support/Tunnelblick/Users/username/openvpn-credentials-client3.tblk/Contents/Resources/config.ovpn
--verb
3
--cd
/Library/Application Support/Tunnelblick/Users/username/openvpn-credentials-client3.tblk/Contents/Resources
--management
127.0.0.1
1337
/Library/Application Support/Tunnelblick/cmbcgfcpapakhfednmlojagcnbckemhndeoggfnf.mip
--management-query-passwords
--management-hold
--redirect-gateway
def1
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
2018-05-10 16:49:32 *Tunnelblick: openvpnstart starting OpenVPN
2018-05-10 16:49:33 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
2018-05-10 16:49:33 MANAGEMENT: CMD 'pid'
2018-05-10 16:49:33 *Tunnelblick: Established communication with OpenVPN
2018-05-10 16:49:33 MANAGEMENT: CMD 'state on'
2018-05-10 16:49:33 MANAGEMENT: CMD 'state'
2018-05-10 16:49:33 MANAGEMENT: CMD 'bytecount 1'
2018-05-10 16:49:33 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:33 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-05-10 16:49:33 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2018-05-10 16:49:33 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2018-05-10 16:49:33 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:33 Socket Buffers: R=[131072->131072] S=[131072->131072]
2018-05-10 16:49:33 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xx.xx:443 [nonblock]
2018-05-10 16:49:33 MANAGEMENT: >STATE:1525985373,TCP_CONNECT,,,,,,
2018-05-10 16:49:34 TCP connection established with [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:34 TCP_CLIENT link local: (not bound)
2018-05-10 16:49:34 TCP_CLIENT link remote: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:34 MANAGEMENT: >STATE:1525985374,WAIT,,,,,,
2018-05-10 16:49:34 Connection reset, restarting [-1]
2018-05-10 16:49:34 SIGUSR1[soft,connection-reset] received, process restarting
2018-05-10 16:49:34 MANAGEMENT: >STATE:1525985374,RECONNECTING,connection-reset,,,,,
2018-05-10 16:49:34 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:34 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-05-10 16:49:34 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:34 Socket Buffers: R=[131072->131072] S=[131072->131072]
2018-05-10 16:49:34 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xx.xx:443 [nonblock]
2018-05-10 16:49:34 MANAGEMENT: >STATE:1525985374,TCP_CONNECT,,,,,,
2018-05-10 16:49:34 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:35 TCP connection established with [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:35 TCP_CLIENT link local: (not bound)
2018-05-10 16:49:35 TCP_CLIENT link remote: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:35 MANAGEMENT: >STATE:1525985375,WAIT,,,,,,
2018-05-10 16:49:35 Connection reset, restarting [-1]
2018-05-10 16:49:35 SIGUSR1[soft,connection-reset] received, process restarting
2018-05-10 16:49:35 MANAGEMENT: >STATE:1525985375,RECONNECTING,connection-reset,,,,,
2018-05-10 16:49:35 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:35 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-05-10 16:49:35 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:35 Socket Buffers: R=[131072->131072] S=[131072->131072]
2018-05-10 16:49:35 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xx.xx:443 [nonblock]
2018-05-10 16:49:35 MANAGEMENT: >STATE:1525985375,TCP_CONNECT,,,,,,
2018-05-10 16:49:35 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:36 TCP connection established with [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:36 TCP_CLIENT link local: (not bound)
2018-05-10 16:49:36 TCP_CLIENT link remote: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:36 MANAGEMENT: >STATE:1525985376,WAIT,,,,,,
2018-05-10 16:49:36 Connection reset, restarting [-1]
2018-05-10 16:49:36 SIGUSR1[soft,connection-reset] received, process restarting
2018-05-10 16:49:36 MANAGEMENT: >STATE:1525985376,RECONNECTING,connection-reset,,,,,
2018-05-10 16:49:36 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:36 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-05-10 16:49:36 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:36 Socket Buffers: R=[131072->131072] S=[131072->131072]
2018-05-10 16:49:36 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xx.xx:443 [nonblock]
2018-05-10 16:49:36 MANAGEMENT: >STATE:1525985376,TCP_CONNECT,,,,,,
2018-05-10 16:49:36 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:37 TCP connection established with [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:37 TCP_CLIENT link local: (not bound)
2018-05-10 16:49:37 TCP_CLIENT link remote: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:37 MANAGEMENT: >STATE:1525985377,WAIT,,,,,,
2018-05-10 16:49:37 Connection reset, restarting [-1]
2018-05-10 16:49:37 SIGUSR1[soft,connection-reset] received, process restarting
2018-05-10 16:49:37 MANAGEMENT: >STATE:1525985377,RECONNECTING,connection-reset,,,,,
2018-05-10 16:49:37 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:37 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-05-10 16:49:37 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:37 Socket Buffers: R=[131072->131072] S=[131072->131072]
2018-05-10 16:49:37 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xx.xx:443 [nonblock]
2018-05-10 16:49:37 MANAGEMENT: >STATE:1525985377,TCP_CONNECT,,,,,,
2018-05-10 16:49:37 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:38 TCP connection established with [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:38 TCP_CLIENT link local: (not bound)
2018-05-10 16:49:38 TCP_CLIENT link remote: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:38 MANAGEMENT: >STATE:1525985378,WAIT,,,,,,
2018-05-10 16:49:38 Connection reset, restarting [-1]
2018-05-10 16:49:38 SIGUSR1[soft,connection-reset] received, process restarting
2018-05-10 16:49:38 MANAGEMENT: >STATE:1525985378,RECONNECTING,connection-reset,,,,,
2018-05-10 16:49:38 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:38 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-05-10 16:49:38 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:38 Socket Buffers: R=[131072->131072] S=[131072->131072]
2018-05-10 16:49:38 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xx.xx:443 [nonblock]
2018-05-10 16:49:38 MANAGEMENT: >STATE:1525985378,TCP_CONNECT,,,,,,
2018-05-10 16:49:38 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:39 TCP connection established with [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:39 TCP_CLIENT link local: (not bound)
2018-05-10 16:49:39 TCP_CLIENT link remote: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:39 MANAGEMENT: >STATE:1525985379,WAIT,,,,,,
2018-05-10 16:49:39 Connection reset, restarting [-1]
2018-05-10 16:49:39 SIGUSR1[soft,connection-reset] received, process restarting
2018-05-10 16:49:39 MANAGEMENT: >STATE:1525985379,RECONNECTING,connection-reset,,,,,
2018-05-10 16:49:39 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:39 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-05-10 16:49:39 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:39 Socket Buffers: R=[131072->131072] S=[131072->131072]
2018-05-10 16:49:39 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xx.xx:443 [nonblock]
2018-05-10 16:49:39 MANAGEMENT: >STATE:1525985379,TCP_CONNECT,,,,,,
2018-05-10 16:49:39 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:40 TCP connection established with [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:40 TCP_CLIENT link local: (not bound)
2018-05-10 16:49:40 TCP_CLIENT link remote: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:40 MANAGEMENT: >STATE:1525985380,WAIT,,,,,,
2018-05-10 16:49:40 Connection reset, restarting [-1]
2018-05-10 16:49:40 SIGUSR1[soft,connection-reset] received, process restarting
2018-05-10 16:49:40 MANAGEMENT: >STATE:1525985380,RECONNECTING,connection-reset,,,,,
2018-05-10 16:49:40 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:40 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-05-10 16:49:40 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:40 Socket Buffers: R=[131072->131072] S=[131072->131072]
2018-05-10 16:49:40 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xx.xx:443 [nonblock]
2018-05-10 16:49:40 MANAGEMENT: >STATE:1525985380,TCP_CONNECT,,,,,,
2018-05-10 16:49:40 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:41 TCP connection established with [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:41 TCP_CLIENT link local: (not bound)
2018-05-10 16:49:41 TCP_CLIENT link remote: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:41 MANAGEMENT: >STATE:1525985381,WAIT,,,,,,
2018-05-10 16:49:41 Connection reset, restarting [-1]
2018-05-10 16:49:41 SIGUSR1[soft,connection-reset] received, process restarting
2018-05-10 16:49:41 MANAGEMENT: >STATE:1525985381,RECONNECTING,connection-reset,,,,,
2018-05-10 16:49:41 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:41 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-05-10 16:49:41 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:41 Socket Buffers: R=[131072->131072] S=[131072->131072]
2018-05-10 16:49:41 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xx.xx:443 [nonblock]
2018-05-10 16:49:41 MANAGEMENT: >STATE:1525985381,TCP_CONNECT,,,,,,
2018-05-10 16:49:41 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:42 TCP connection established with [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:42 TCP_CLIENT link local: (not bound)
2018-05-10 16:49:42 TCP_CLIENT link remote: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:42 MANAGEMENT: >STATE:1525985382,WAIT,,,,,,
2018-05-10 16:49:42 Connection reset, restarting [-1]
2018-05-10 16:49:42 SIGUSR1[soft,connection-reset] received, process restarting
2018-05-10 16:49:42 MANAGEMENT: >STATE:1525985382,RECONNECTING,connection-reset,,,,,
2018-05-10 16:49:42 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:42 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-05-10 16:49:42 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:42 Socket Buffers: R=[131072->131072] S=[131072->131072]
2018-05-10 16:49:42 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xx.xx:443 [nonblock]
2018-05-10 16:49:42 MANAGEMENT: >STATE:1525985382,TCP_CONNECT,,,,,,
2018-05-10 16:49:42 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:43 TCP connection established with [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:43 TCP_CLIENT link local: (not bound)
2018-05-10 16:49:43 TCP_CLIENT link remote: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:44 MANAGEMENT: >STATE:1525985384,WAIT,,,,,,
2018-05-10 16:49:44 Connection reset, restarting [-1]
2018-05-10 16:49:44 SIGUSR1[soft,connection-reset] received, process restarting
2018-05-10 16:49:44 MANAGEMENT: >STATE:1525985384,RECONNECTING,connection-reset,,,,,
2018-05-10 16:49:44 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:44 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-05-10 16:49:44 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xx:443
2018-05-10 16:49:44 Socket Buffers: R=[131072->131072] S=[131072->131072]
2018-05-10 16:49:44 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xx.xx:443 [nonblock]
2018-05-10 16:49:44 MANAGEMENT: >STATE:1525985384,TCP_CONNECT,,,,,,
2018-05-10 16:49:44 MANAGEMENT: CMD 'hold release'
2018-05-10 16:49:44 *Tunnelblick: Disconnecting; VPN Details… window disconnect button pressed
2018-05-10 16:49:44 *Tunnelblick: No 'pre-disconnect.sh' script to execute
2018-05-10 16:49:44 *Tunnelblick: Disconnecting using 'kill'
2018-05-10 16:49:44 SIGTERM[hard,init_instance] received, process exiting
2018-05-10 16:49:44 MANAGEMENT: >STATE:1525985384,EXITING,init_instance,,,,,
2018-05-10 16:49:45 *Tunnelblick: No 'post-disconnect.sh' script to execute
2018-05-10 16:49:45 *Tunnelblick: Expected disconnection occurred.
================================================================================
"Sanitized" full configuration file
client
remote xxx.xxx.xx.xx 443
dev tun
proto tcp-client
##### Disabled by Tunnelblick: status current_status
resolv-retry infinite
remote-cert-tls server
topology subnet
verb 3
cipher AES-128-CBC
ca ca.crt
cert client3.crt
key client3.key
tls-auth ta.key 1
nobind
persist-key
persist-tun
comp-lzo
<ca>
[Security-related line(s) omitted]
</ca>
<cert>
[Security-related line(s) omitted]
</cert>
<key>
[Security-related line(s) omitted]
</key>
<tls-auth>
[Security-related line(s) omitted]
</tls-auth>
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
EHC250: flags=0<> mtu 0
EHC253: flags=0<> mtu 0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=b<RXCSUM,TXCSUM,VLAN_HWTAGGING>
ether c4:2c:03:3c:5b:d7
nd6 options=201<PERFORMNUD,DAD>
media: autoselect (none)
status: inactive
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 60:33:4b:29:d0:98
inet6 fe80::18f4:bb77:1ad9:6347%en1 prefixlen 64 secured scopeid 0x7
inet 10.125.115.185 netmask 0xfffff000 broadcast 10.125.127.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether 02:33:4b:29:d0:98
media: autoselect
status: inactive
fw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 4078
lladdr 78:ca:39:ff:fe:0c:96:2a
nd6 options=201<PERFORMNUD,DAD>
media: autoselect <full-duplex>
status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
inet6 fe80::23b2:8f4f:b869:2cf8%utun0 prefixlen 64 scopeid 0xa
nd6 options=201<PERFORMNUD,DAD>
================================================================================
Console Log:
2018-05-10 13:12:47 ksinstall[1704] 2018-05-10 13:12:47.716 ksinstall[1704/0xa99d81c0] [lvl=2] -[KeystoneInstallTool main] Google Software Update installer started.
2018-05-10 13:12:47 ksinstall[1704] 2018-05-10 13:12:47.738 ksinstall[1704/0xa99d81c0] [lvl=2] -[KeystoneInstallTool main] Google Software Update installer starting Installation.
2018-05-10 13:12:48 ksinstall[1704] 2018-05-10 13:12:48.392 ksinstall[1704/0xa99d81c0] [lvl=2] -[KeystoneInstallTool main] Google Software Update installer ran successfully.
2018-05-10 13:21:56 Tunnelblick[467] applicationShouldTerminate: termination because of shutdown; delayed until 'shutdownTunnelblick' finishes
2018-05-10 13:21:56 Tunnelblick[467] waitForDisconnection: Computer is shutting down or restarting; OS X will wait for OpenVPN instances to terminate
2018-05-10 13:21:56 Tunnelblick[467] Finished shutting down Tunnelblick; allowing termination
2018-05-10 16:23:10 Tunnelblick[453] Tunnelblick: OS X 10.13.4; Tunnelblick 3.7.5a (build 5011)
2018-05-10 16:24:58 Tunnelblick[453] currentIPInfo(Name): IP address info could not be fetched within 32.9 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x604000307350>, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, NSErrorPeerCertificateChainKey=(
"<cert(0x7feb980dcc00) s: tunnelblick.net i: BCS7 CA 256>"
), NSUnderlyingError=0x60000024fae0 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, kCFStreamPropertySSLPeerCertificates=(
"<cert(0x7feb980dcc00) s: tunnelblick.net i: BCS7 CA 256>"
), _kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x604000307350>, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., _kCFStreamErrorDomainKey=3, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorCodeKey=-9802}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorClientCertificateStateKey=0}'; the response was '(null)'
2018-05-10 16:24:58 Tunnelblick[453] After 30.0 seconds, gave up trying to fetch IP address information before connecting
2018-05-10 16:25:42 Tunnelblick[453] Set 'expect disconnect' flag
2018-05-10 16:25:54 Tunnelblick[453] Cleared 'expect disconnect' flag
2018-05-10 16:26:09 Tunnelblick[453] Set 'expect disconnect' flag
2018-05-10 16:26:09 Tunnelblick[453] Received fatal signal Broken pipe (13); stack trace: (
0 Tunnelblick 0x000000010d563805 callStack + 56
1 Tunnelblick 0x000000010d502084 signal_handler + 176
2 libsystem_platform.dylib 0x00007fff5fcf4f5a _sigtramp + 26
3 ??? 0x0000000000000000 0x0 + 0
4 Tunnelblick 0x000000010d4f0405 -[VPNConnection sendStringToManagementSocket:encoding:] + 34
5 Foundation 0x00007fff397842b5 __NSThreadPerformPerform + 334
6 CoreFoundation 0x00007fff37650d81 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
7 CoreFoundation 0x00007fff3770865c __CFRunLoopDoSource0 + 108
8 CoreFoundation 0x00007fff37633d8c __CFRunLoopDoSources0 + 300
9 CoreFoundation 0x00007fff376331ad __CFRunLoopRun + 1293
10 CoreFoundation 0x00007fff37632a07 CFRunLoopRunSpecific + 487
11 HIToolbox 0x00007fff36910d96 RunCurrentEventLoopInMode + 286
12 HIToolbox 0x00007fff36910b06 ReceiveNextEventCommon + 613
13 HIToolbox 0x00007fff36910884 _BlockUntilNextEventMatchingListInModeWithFilter + 64
14 AppKit 0x00007fff34bc3a73 _DPSNextEvent + 2085
15 AppKit 0x00007fff35359e34 -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 3044
16 AppKit 0x00007fff34bb8885 -[NSApplication run] + 764
17 AppKit 0x00007fff34b87a72 NSApplicationMain + 804
18 Tunnelblick 0x000000010d4e6afc start + 52
)
2018-05-10 16:26:28 Tunnelblick[453] currentIPInfo(Name): IP address info could not be fetched within 33.0 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x60000030c570>, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, NSErrorPeerCertificateChainKey=(
"<cert(0x7feb980c2400) s: tunnelblick.net i: BCS7 CA 256>"
), NSUnderlyingError=0x60000044ff90 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, kCFStreamPropertySSLPeerCertificates=(
"<cert(0x7feb980c2400) s: tunnelblick.net i: BCS7 CA 256>"
), _kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x60000030c570>, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., _kCFStreamErrorDomainKey=3, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorCodeKey=-9802}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorClientCertificateStateKey=0}'; the response was '(null)'
2018-05-10 16:27:08 Tunnelblick[615] Tunnelblick: OS X 10.13.4; Tunnelblick 3.7.5a (build 5011)
2018-05-10 16:27:10 Tunnelblick[615] Removed file: /Library/Application Support/Tunnelblick/expect-disconnect.txt
2018-05-10 16:45:19 Tunnelblick[615] currentIPInfo(Name): IP address info could not be fetched within 32.1 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x60000031d880>, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, NSErrorPeerCertificateChainKey=(
"<cert(0x7fb44e293800) s: tunnelblick.net i: BCS7 CA 256>"
), NSUnderlyingError=0x604000645f40 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, kCFStreamPropertySSLPeerCertificates=(
"<cert(0x7fb44e293800) s: tunnelblick.net i: BCS7 CA 256>"
), _kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x60000031d880>, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., _kCFStreamErrorDomainKey=3, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorCodeKey=-9802}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorClientCertificateStateKey=0}'; the response was '(null)'
2018-05-10 16:45:19 Tunnelblick[615] After 30.0 seconds, gave up trying to fetch IP address information before connecting
2018-05-10 16:45:58 Tunnelblick[615] Set 'expect disconnect' flag
2018-05-10 16:49:32 Tunnelblick[615] Cleared 'expect disconnect' flag
2018-05-10 16:49:44 Tunnelblick[615] Set 'expect disconnect' flag
Tunnelblick developer
May 10, 2018, 5:32:09 PM5/10/18
to tunnelblick-discuss
First, although this may have nothing to do with this problem, you have some very old kexts that are being loaded. They should be removed by deleting the following files:
/Library/Extensions/foo.kext/Library/Extensions/foo.kext
As to why you are not connecting, this entry:
2018-05-10 16:49:35 Connection reset, restarting [-1]
means that something between you and the OpenVPN server is resetting the connection. It is likely you are on a network that doesn't want you to use a VPN. You might be able to connect using an "obfuscated" setup. See https://community.openvpn.net/openvpn/wiki/TrafficObfuscation for more info. If your OpenVPN service provider has support for the "openvpn_xor patch", that's built into Tunnelblick's copies of OpenVPN, so it is easy to use -- you just need to get a version of your OpenVPN configuration file that includes it (from your OpenVPN service provider).
gbh
May 10, 2018, 5:58:18 PM5/10/18
to tunnelblick-discuss
These are the files in my /Library/Extensions folder, which ones should be deleted?
ACS6x.kext
ArcMSR.kext
ATTOCelerityFC8.kext
ATTOExpressSASHBA2.kext
ATTOExpressSASRAID2.kext
CalDigitHDProDrv.kext
HighPointIOP.kext
HighPointRR.kext
PromiseSTEX.kext
SoftRAID.kext
Also, my OpenVPN server is a router at home running Gargoyle. Does this have support for the openvpn_xor patch?
Tunnelblick developer
May 10, 2018, 6:51:26 PM5/10/18
to tunnelblick-discuss
Regarding the kexts, I don't know. I don't recognize any of them but ATTO is a "sotrage and network access solutions" company so it is probably one of theirs. If you're still using ATTO, you should see if they have an update to these (ancient) kexts.
Regarding Gargoyle, you'll have to ask them. Refer them to https://tunnelblick.net/cOpenvpn_xorpatch.html for more info. The xor patch was recently described by one OpenVPN developer as being "immensely popular", but they are working on a "plugin" to better accomplish obfuscation.
Regarding Gargoyle, you'll have to ask them. Refer them to https://tunnelblick.net/cOpenvpn_xorpatch.html for more info. The xor patch was recently described by one OpenVPN developer as being "immensely popular", but they are working on a "plugin" to better accomplish obfuscation.
Reply all
Reply to author
Forward
0 new messages