DNS issues

457 views
Skip to first unread message

Kiki Barnes

unread,
Feb 17, 2023, 2:04:40 AM2/17/23
to tunnelblick-discuss
How do I fix this! My VPN is connected but wont switch my ip address because of DNS not being routed through VPN

*Tunnelblick: macOS 12.4 (21F79); Tunnelblick 3.8.8a (build 5776); Admin user
git commit 6e38647ea05b2c04c4d0c9888ef97fce672df8b9 + uncommitted changes:
?? ../third_party/sources/IOUserEthernetController.h
The Tunnelblick.app process is not being translated (arm64)
System Integrity Protection is enabled
Model: MacBookPro18,2

Configuration matt

"Sanitized" condensed configuration file for /Users/kiki/Library/Application Support/Tunnelblick/Configurations/matt.tblk:

client
dev tap
proto udp
remote kikiandjordan.mynetgear.com  12974
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
cipher AES-128-CBC
comp-lzo
verb 5
script-security 2
up dhcp-client-request.sh


================================================================================

Files in matt.tblk:
      Contents/Resources/cli….crt
      Contents/Resources/ca.crt
      Contents/Resources/config.ovpn
      Contents/Resources/dhcp-client-request.sh
      Contents/Resources/cli….key

================================================================================

Tunnelblick Kext Policy Data:

net.tunnelblick.tap|Z2SG5H3HC8|Jonathan Bullard|1|5
net.tunnelblick.tun|Z2SG5H3HC8|Jonathan Bullard|1|5

================================================================================

Configuration preferences:

useDNS = 1
-routeAllTrafficThroughVpn = 1
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
-keepConnected = 1
-lastConnectionSucceeded = 1

================================================================================

Wildcard preferences:

-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0

================================================================================

Program preferences:

DB-IC = 1
skipWarningAboutPreAuthorizedActivity = 1
delayBeforeIPAddressCheckAfterConnection = 10
launchAtNextLogin = 1
tunnelblickVersionHistory = (
    "3.8.8a (build 5776)"
)
lastLaunchTime = 698307847.419505
lastLanguageAtLaunchWasRTL = 0
connectionWindowDisplayCriteria = showWhenConnecting
maxLogDisplaySize = 102400
lastConnectedDisplayName = matt
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
NSWindow Frame ConnectingWindow = 465 442 389 217 0 0 1728 1079
detailsWindowFrameVersion = 5776
detailsWindowFrame = {{0, 557}, {920, 522}}
detailsWindowLeftFrame = {{0, 0}, {167, 402}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = log
leftNavSelectedDisplayName = matt
AdvancedWindowTabIdentifier = connectingAndDisconnecting
haveDealtWithOldTunTapPreferences = 1
haveDealtWithAlwaysShowLoginWindow = 1
haveDealtWithOldLoginItem = 1
haveDealtWithAfterDisconnect = 1
SUEnableAutomaticChecks = 1
SUScheduledCheckInterval = 86400
SULastCheckTime = 2023-02-17 06:24:07 +0000
SUHasLaunchedBefore = 1

================================================================================

Forced preferences:

(None)

================================================================================

Deployed forced preferences:

(None)

================================================================================

Tunnelblick Log:

2023-02-17 00:00:39.701614 *Tunnelblick: macOS 12.4 (21F79); Tunnelblick 3.8.8a (build 5776)
2023-02-17 00:00:40.149898 *Tunnelblick: Attempting connection with matt using shadow copy; Set nameserver = 769; monitoring connection
2023-02-17 00:00:40.150101 *Tunnelblick: openvpnstart start matt.tblk 55708 769 0 1 0 34653042 -ptADGNWradsgnw 2.5.9-openssl-1.1.1t <password>
2023-02-17 00:00:40.171650 *Tunnelblick: openvpnstart starting OpenVPN
2023-02-17 00:00:40.463122 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2023-02-17 00:00:40.463310 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-128-CBC' to --data-ciphers or change --cipher 'AES-128-CBC' to --data-ciphers-fallback 'AES-128-CBC' to silence this warning.
2023-02-17 00:00:40.463495 OpenVPN 2.5.9 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Feb 16 2023
2023-02-17 00:00:40.463508 library versions: OpenSSL 1.1.1t  7 Feb 2023, LZO 2.10
2023-02-17 00:00:40.464304 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:55708
2023-02-17 00:00:40.464319 Need hold release from management interface, waiting...
2023-02-17 00:00:40.775886 *Tunnelblick: openvpnstart log:
     OpenVPN started successfully.
     Command used to start OpenVPN (one argument per displayed line):
          /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.5.9-openssl-1.1.1t/openvpn
          --daemon
          --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Skiki-SLibrary-SApplication Support-STunnelblick-SConfigurations-Smatt.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_34653042.55708.openvpn.log
          --cd /Library/Application Support/Tunnelblick/Users/kiki/matt.tblk/Contents/Resources
          --machine-readable-output
          --setenv IV_GUI_VER "net.tunnelblick.tunnelblick 5776 3.8.8a (build 5776)"
          --verb 3
          --config /Library/Application Support/Tunnelblick/Users/kiki/matt.tblk/Contents/Resources/config.ovpn
          --setenv TUNNELBLICK_CONFIG_FOLDER /Library/Application Support/Tunnelblick/Users/kiki/matt.tblk/Contents/Resources
          --verb 3
          --cd /Library/Application Support/Tunnelblick/Users/kiki/matt.tblk/Contents/Resources
          --management 127.0.0.1 55708 /Library/Application Support/Tunnelblick/Mips/matt.tblk.mip
          --management-query-passwords
          --management-hold
          --redirect-gateway def1
          --script-security 2
          --route-up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw
          --down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw
          --route-pre-down /Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw
2023-02-17 00:00:40.782568 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:55708
2023-02-17 00:00:40.810006 MANAGEMENT: CMD 'pid'
2023-02-17 00:00:40.810161 MANAGEMENT: CMD 'auth-retry interact'
2023-02-17 00:00:40.810192 MANAGEMENT: CMD 'state on'
2023-02-17 00:00:40.810218 MANAGEMENT: CMD 'state'
2023-02-17 00:00:40.810270 MANAGEMENT: CMD 'bytecount 1'
2023-02-17 00:00:40.820749 *Tunnelblick: Established communication with OpenVPN
2023-02-17 00:00:40.833036 *Tunnelblick: >INFO:OpenVPN Management Interface Version 3 -- type 'help' for more info
2023-02-17 00:00:40.834837 MANAGEMENT: CMD 'hold release'
2023-02-17 00:00:40.835196 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
2023-02-17 00:00:40.835215 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2023-02-17 00:00:40.837571 MANAGEMENT: >STATE:1676617240,RESOLVE,,,,,,
2023-02-17 00:00:40.930905 TCP/UDP: Preserving recently used remote address: [AF_INET]68.5.153.131:12974
2023-02-17 00:00:40.931166 Socket Buffers: R=[786896->786896] S=[9216->9216]
2023-02-17 00:00:40.931203 UDP link local: (not bound)
2023-02-17 00:00:40.931227 UDP link remote: [AF_INET]68.5.153.131:12974
2023-02-17 00:00:40.931280 MANAGEMENT: >STATE:1676617240,WAIT,,,,,,
2023-02-17 00:00:41.001090 MANAGEMENT: >STATE:1676617241,AUTH,,,,,,
2023-02-17 00:00:41.001270 TLS: Initial packet from [AF_INET]68.5.153.131:12974, sid=18bfe5c5 a056bfb5
2023-02-17 00:00:41.113813 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear, name=changeme, emailAddress=ma...@netgear.com
2023-02-17 00:00:41.124322 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear, name=changeme, emailAddress=ma...@netgear.com
2023-02-17 00:00:41.336654 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 1024 bit RSA, signature: RSA-SHA256
2023-02-17 00:00:41.336940 [netgear] Peer Connection Initiated with [AF_INET]68.5.153.131:12974
2023-02-17 00:00:42.636070 MANAGEMENT: >STATE:1676617242,GET_CONFIG,,,,,,
2023-02-17 00:00:42.636489 SENT CONTROL [netgear]: 'PUSH_REQUEST' (status=1)
2023-02-17 00:00:42.727217 PUSH: Received control message: 'PUSH_REPLY,ping 10,ping-restart 120,route-delay 10,route 192.168.1.0 255.255.255.0 192.168.1.1,route 75.2.84.193 255.255.255.255 192.168.1.1,route 99.83.191.32 255.255.255.255 192.168.1.1,peer-id 0,cipher AES-256-GCM'
2023-02-17 00:00:42.728359 OPTIONS IMPORT: timers and/or timeouts modified
2023-02-17 00:00:42.732367 OPTIONS IMPORT: route options modified
2023-02-17 00:00:42.732748 OPTIONS IMPORT: route-related options modified
2023-02-17 00:00:42.733036 OPTIONS IMPORT: peer-id set
2023-02-17 00:00:42.733255 OPTIONS IMPORT: adjusting link_mtu to 1657
2023-02-17 00:00:42.739071 OPTIONS IMPORT: data channel crypto options modified
2023-02-17 00:00:42.739584 Data Channel: using negotiated cipher 'AES-256-GCM'
2023-02-17 00:00:42.742638 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2023-02-17 00:00:42.742957 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2023-02-17 00:00:42.750592 TUN/TAP device /dev/tap0 opened
2023-02-17 00:00:42.770785 MANAGEMENT: >STATE:1676617242,ASSIGN_IP,,,,,,
2023-02-17 00:00:42.771174 dhcp-client-request.sh tap0 1500 1585   init
2023-02-17 00:00:52.199666 NOTE: unable to redirect IPv4 default gateway -- VPN gateway parameter (--route-gateway or --ifconfig) is missing
2023-02-17 00:00:52.200011 WARNING: OpenVPN was configured to add an IPv4 route. However, no IPv4 has been configured for tap0, therefore the route installation may fail or may not work as expected.
2023-02-17 00:00:52.200051 MANAGEMENT: >STATE:1676617252,ADD_ROUTES,,,,,,
2023-02-17 00:00:52.200099 /sbin/route add -net 192.168.1.0 192.168.1.1 255.255.255.0
                           route: writing to routing socket: File exists
                           add net 192.168.1.0: gateway 192.168.1.1: File exists
2023-02-17 00:00:52.228730 /sbin/route add -net 75.2.84.193 192.168.1.1 255.255.255.255
                           add net 75.2.84.193: gateway 192.168.1.1
2023-02-17 00:00:52.233793 /sbin/route add -net 99.83.191.32 192.168.1.1 255.255.255.255
                           add net 99.83.191.32: gateway 192.168.1.1
                           00:00:52 *Tunnelblick:  **********************************************
                           00:00:52 *Tunnelblick:  Start of output from client.up.tunnelblick.sh
                           WARNING: $route_vpn_gateway is empty
                           00:00:54 *Tunnelblick:  Not using DHCP because tap0 already has an IP configuration (192.168.1.84). route_vpn_gateway = ''
                           00:00:54 *Tunnelblick:  NOTE: No network configuration changes need to be made.
                           00:00:54 *Tunnelblick:  WARNING: Will NOT monitor for other network configuration changes.
                           00:00:54 *Tunnelblick:  DNS servers '8.8.8.8' were set manually
                           00:00:54 *Tunnelblick:  DNS servers '8.8.8.8' will be used for DNS queries when the VPN is active
                           00:00:54 *Tunnelblick:  The DNS servers include only free public DNS servers known to Tunnelblick.
                           00:00:54 *Tunnelblick:  Flushed the DNS cache via dscacheutil
                           00:00:54 *Tunnelblick:  /usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
                           00:00:54 *Tunnelblick:  Notified mDNSResponder that the DNS cache was flushed
                           00:00:54 *Tunnelblick:  Not notifying mDNSResponderHelper that the DNS cache was flushed because it is not running
                           00:00:54 *Tunnelblick:  End of output from client.up.tunnelblick.sh
                           00:00:54 *Tunnelblick:  **********************************************
2023-02-17 00:00:54.486315 Initialization Sequence Completed
2023-02-17 00:00:54.486336 MANAGEMENT: >STATE:1676617254,CONNECTED,SUCCESS,,68.5.153.131,12974,,
2023-02-17 00:00:55.602324 *Tunnelblick: Warning: Could not obtain a list of DNS addresses that are expected
2023-02-17 00:00:55.723005 *Tunnelblick: DNS address 192.168.1.1 is being routed through the VPN
2023-02-17 00:00:55.839581 *Tunnelblick: Routing info stdout:
   route to: 8.8.8.8
destination: 8.8.8.8
    gateway: 172.20.10.1
  interface: en0
      flags: <UP,GATEWAY,HOST,DONE,WASCLONED,IFSCOPE,IFREF,GLOBAL>
 recvpipe  sendpipe  ssthresh  rtt,msec    rttvar  hopcount      mtu     expire
       0         0         0         0         0         0      1500         0
stderr:

2023-02-17 00:00:55.846263 *Tunnelblick: Warning: DNS server Address 8.8.8.8 is a known public DNS server but is not being routed through the VPN
2023-02-17 00:01:06.364709 *Tunnelblick: This computer's apparent public IP address (107.77.228.204) was unchanged after the connection was made

================================================================================

Down log:

23:59:14 *Tunnelblick:  **********************************************
23:59:14 *Tunnelblick:  Start of output from client.down.tunnelblick.sh
23:59:15 *Tunnelblick:  WARNING: Not restoring network settings because no saved Tunnelblick DNS information was found.
23:59:15 *Tunnelblick:  Flushed the DNS cache with dscacheutil -flushcache
23:59:15 *Tunnelblick:  Notified mDNSResponder that the DNS cache was flushed
23:59:15 *Tunnelblick:  End of output from client.down.tunnelblick.sh
23:59:15 *Tunnelblick:  **********************************************

================================================================================

Previous down log:

23:56:40 *Tunnelblick:  **********************************************
23:56:40 *Tunnelblick:  Start of output from client.down.tunnelblick.sh
23:56:41 *Tunnelblick:  WARNING: Not restoring network settings because no saved Tunnelblick DNS information was found.
23:56:41 *Tunnelblick:  Flushed the DNS cache with dscacheutil -flushcache
23:56:41 *Tunnelblick:  Notified mDNSResponder that the DNS cache was flushed
23:56:41 *Tunnelblick:  End of output from client.down.tunnelblick.sh
23:56:41 *Tunnelblick:  **********************************************

================================================================================

Network services:

An asterisk (*) denotes that a network service is disabled.
USB 10/100/1000 LAN
Wi-Fi
iPhone USB
Thunderbolt Bridge
VPN
Refineryvpn

Wi-Fi Power (en0): On

================================================================================

ifconfig output:

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
    options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
    inet 127.0.0.1 netmask 0xff000000
    inet6 ::1 prefixlen 128
    inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
    nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
anpi2: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=400<CHANNEL_IO>
    ether f6:1d:02:56:b6:3b
    inet6 fe80::f41d:2ff:fe56:b63b%anpi2 prefixlen 64 scopeid 0x4
    nd6 options=201<PERFORMNUD,DAD>
    media: none
    status: inactive
anpi0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=400<CHANNEL_IO>
    ether f6:1d:02:56:b6:39
    inet6 fe80::f41d:2ff:fe56:b639%anpi0 prefixlen 64 scopeid 0x5
    nd6 options=201<PERFORMNUD,DAD>
    media: none
    status: inactive
anpi1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=400<CHANNEL_IO>
    ether f6:1d:02:56:b6:3a
    inet6 fe80::f41d:2ff:fe56:b63a%anpi1 prefixlen 64 scopeid 0x6
    nd6 options=201<PERFORMNUD,DAD>
    media: none
    status: inactive
en4: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=400<CHANNEL_IO>
    ether f6:1d:02:56:b6:19
    nd6 options=201<PERFORMNUD,DAD>
    media: none
    status: inactive
en5: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=400<CHANNEL_IO>
    ether f6:1d:02:56:b6:1a
    nd6 options=201<PERFORMNUD,DAD>
    media: none
    status: inactive
en6: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=400<CHANNEL_IO>
    ether f6:1d:02:56:b6:1b
    nd6 options=201<PERFORMNUD,DAD>
    media: none
    status: inactive
en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=460<TSO4,TSO6,CHANNEL_IO>
    ether 36:af:d6:f7:37:80
    media: autoselect <full-duplex>
    status: inactive
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=460<TSO4,TSO6,CHANNEL_IO>
    ether 36:af:d6:f7:37:84
    media: autoselect <full-duplex>
    status: inactive
en3: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=460<TSO4,TSO6,CHANNEL_IO>
    ether 36:af:d6:f7:37:88
    media: autoselect <full-duplex>
    status: inactive
ap1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=400<CHANNEL_IO>
    ether be:d0:74:0b:e4:92
    nd6 options=201<PERFORMNUD,DAD>
    media: autoselect
    status: inactive
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=6463<RXCSUM,TXCSUM,TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
    ether bc:d0:74:0b:e4:92
    inet6 fe80::4ed:f319:d083:67ea%en0 prefixlen 64 secured scopeid 0xe
    inet6 2600:380:4919:47d9:14d4:4b0b:161b:2af0 prefixlen 64 autoconf secured
    inet6 2600:380:4919:47d9:b87c:580f:7096:2968 prefixlen 64 autoconf temporary
    inet 172.20.10.3 netmask 0xfffffff0 broadcast 172.20.10.15
    nd6 options=201<PERFORMNUD,DAD>
    media: autoselect
    status: active
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=63<RXCSUM,TXCSUM,TSO4,TSO6>
    ether 36:af:d6:f7:37:80
    Configuration:
        id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
        maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
        root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
        ipfilter disabled flags 0x0
    member: en1 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 10 priority 0 path cost 0
    member: en2 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 11 priority 0 path cost 0
    member: en3 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 12 priority 0 path cost 0
    nd6 options=201<PERFORMNUD,DAD>
    media: <unknown type>
    status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=400<CHANNEL_IO>
    ether 52:66:64:81:84:7d
    inet6 fe80::5066:64ff:fe81:847d%awdl0 prefixlen 64 scopeid 0x10
    nd6 options=201<PERFORMNUD,DAD>
    media: autoselect
    status: active
llw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=400<CHANNEL_IO>
    ether 52:66:64:81:84:7d
    inet6 fe80::5066:64ff:fe81:847d%llw0 prefixlen 64 scopeid 0x11
    nd6 options=201<PERFORMNUD,DAD>
    media: autoselect
    status: active
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
    inet6 fe80::eea:29f8:7b62:4c%utun0 prefixlen 64 scopeid 0x12
    nd6 options=201<PERFORMNUD,DAD>
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
    inet6 fe80::5b50:a7fd:1b0c:3c43%utun1 prefixlen 64 scopeid 0x13
    nd6 options=201<PERFORMNUD,DAD>
utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1000
    inet6 fe80::ce81:b1c:bd2c:69e%utun2 prefixlen 64 scopeid 0x14
    nd6 options=201<PERFORMNUD,DAD>
tap0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    ether 36:cc:85:6b:3b:b6
    inet 192.168.1.84 netmask 0xffffff00 broadcast 192.168.1.255
    media: autoselect
    status: active
    open (pid 9780)

================================================================================

Non-Apple kexts that are loaded:

Index Refs Address            Size       Wired      Name (Version) UUID <Linked Against>
  268    0 0xfffffe0006f0c000 0x4000     0x4000     net.tunnelblick.tap (5.0) 2F65AD5B-B8BE-371D-84E9-8194AAB4E815 <7 5 4 1>

================================================================================

Quit Log:

2023-02-16 23:23:54.601745 applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes)
2023-02-16 23:23:54.613919 shutDownTunnelblick: started.
2023-02-16 23:23:54.614315 shutDownTunnelblick: Starting cleanup.
2023-02-16 23:23:54.614540 cleanup: Entering cleanup
2023-02-16 23:23:54.614730 cleanup aborted because Tunnelblick did not finish launching
2023-02-16 23:23:54.614906 shutDownTunnelblick: Cleanup finished.
2023-02-16 23:23:54.615090 Finished shutting down Tunnelblick; allowing termination

================================================================================

Traces Log:


================================================================================

Console Log:


Tunnelblick developer

unread,
Feb 17, 2023, 7:17:09 AM2/17/23
to tunnelblick-discuss
Tunnelblick is just the free software that many VPN service providers and router manufacturers recommend or supply to their customers. We do not provide VPN service, just software, so you should contact Netgear for instructions on how to use Tunnelblick with their routers.

My guess is that you need to change Tunnelblick's "Set DNS/WINS" to be "Do not set nameserver", but there may be other settings that should be changed.

You might also want to tell them their setup generates the following two warnings from OpenVPN:
  • 2023-02-17 00:00:40.463122 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
  • 2023-02-17 00:00:40.463310 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-128-CBC' to --data-ciphers or change --cipher 'AES-128-CBC' to --data-ciphers-fallback 'AES-128-CBC' to silence this warning.

Reply all
Reply to author
Forward
Message has been deleted
Message has been deleted
Message has been deleted
0 new messages