connected to the vpn server but cannot access the lan network of the vpn server

295 views
Skip to first unread message

gilbert...@gmail.com

unread,
Aug 17, 2016, 9:05:06 AM8/17/16
to tunnelblick-discuss, gil...@rezolva.com.sg

*Tunnelblick: OS X 10.7.5; Tunnelblick 3.6.5 (build 4566)

2016-08-17 18:37:19 *Tunnelblick: Attempting connection with VPN; Set nameserver = 769; monitoring connection

2016-08-17 18:37:19 *Tunnelblick: openvpnstart start VPN.tblk 1337 769 0 3 0 1098032 -ptADGNWradsgnw 2.3.11

2016-08-17 18:37:19 *Tunnelblick: openvpnstart starting OpenVPN

2016-08-17 18:37:20 *Tunnelblick: openvpnstart log:

     OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):

    

          /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.11/openvpn

          --daemon

          --log

          /Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-SVPN.tblk-SContents-SResources-Sconfig.ovpn.769_0_3_0_1098032.1337.openvpn.log

          --cd

          /Library/Application Support/Tunnelblick/Shared/VPN.tblk/Contents/Resources

          --verb

          3

          --config

          /Library/Application Support/Tunnelblick/Shared/VPN.tblk/Contents/Resources/config.ovpn

          --verb

          3

          --cd

          /Library/Application Support/Tunnelblick/Shared/VPN.tblk/Contents/Resources

          --management

          127.0.0.1

          1337

          --management-query-passwords

          --management-hold

          --script-security

          2

          --route-up

          /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw

          --down

          /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw

 

2016-08-17 18:37:20 *Tunnelblick: Established communication with OpenVPN

2016-08-17 18:37:20 OpenVPN 2.3.11 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Jul 18 2016

2016-08-17 18:37:20 library versions: OpenSSL 1.0.2h  3 May 2016, LZO 2.09

2016-08-17 18:37:20 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337

2016-08-17 18:37:20 Need hold release from management interface, waiting...

2016-08-17 18:37:20 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337

2016-08-17 18:37:20 MANAGEMENT: CMD 'pid'

2016-08-17 18:37:20 MANAGEMENT: CMD 'state on'

2016-08-17 18:37:20 MANAGEMENT: CMD 'state'

2016-08-17 18:37:20 MANAGEMENT: CMD 'bytecount 1'

2016-08-17 18:37:20 MANAGEMENT: CMD 'hold release'

2016-08-17 18:37:26 MANAGEMENT: CMD 'username "Auth" "yoga"'

2016-08-17 18:37:26 MANAGEMENT: CMD 'password [...]'

2016-08-17 18:37:26 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.

2016-08-17 18:37:26 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2016-08-17 18:37:26 Socket Buffers: R=[42080->42080] S=[9216->9216]

2016-08-17 18:37:26 MANAGEMENT: >STATE:1471430246,RESOLVE,,,

2016-08-17 18:37:27 UDPv4 link local (bound): [undef]

2016-08-17 18:37:27 UDPv4 link remote: [AF_INET]118.189.62.103:1194

2016-08-17 18:37:27 MANAGEMENT: >STATE:1471430247,WAIT,,,

2016-08-17 18:37:27 MANAGEMENT: >STATE:1471430247,AUTH,,,

2016-08-17 18:37:27 TLS: Initial packet from [AF_INET]118.189.62.103:1194, sid=79a507b6 1da2e212

2016-08-17 18:37:27 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this

2016-08-17 18:37:27 VERIFY OK: depth=1, C=TW, L=Taipei, O=Synology Inc., CN=Synology Inc. CA

2016-08-17 18:37:27 VERIFY OK: depth=0, C=TW, L=Taipei, O=Synology Inc., CN=synology.com

2016-08-17 18:37:27 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key

2016-08-17 18:37:27 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

2016-08-17 18:37:27 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key

2016-08-17 18:37:27 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

2016-08-17 18:37:27 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA

2016-08-17 18:37:27 [synology.com] Peer Connection Initiated with [AF_INET]118.189.62.103:1194

2016-08-17 18:37:28 MANAGEMENT: >STATE:1471430248,GET_CONFIG,,,

2016-08-17 18:37:29 SENT CONTROL [synology.com]: 'PUSH_REQUEST' (status=1)

2016-08-17 18:37:29 PUSH: Received control message: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,route 10.8.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5'

2016-08-17 18:37:29 OPTIONS IMPORT: timers and/or timeouts modified

2016-08-17 18:37:29 OPTIONS IMPORT: --ifconfig/up options modified

2016-08-17 18:37:29 OPTIONS IMPORT: route options modified

2016-08-17 18:37:29 Opened utun device utun0

2016-08-17 18:37:29 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0

2016-08-17 18:37:29 MANAGEMENT: >STATE:1471430249,ASSIGN_IP,,10.8.0.6,

2016-08-17 18:37:29 /sbin/ifconfig utun0 delete

                                        ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address

2016-08-17 18:37:29 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure

2016-08-17 18:37:29 /sbin/ifconfig utun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up

2016-08-17 18:37:29 MANAGEMENT: >STATE:1471430249,ADD_ROUTES,,,

2016-08-17 18:37:29 /sbin/route add -net 192.168.1.0 10.8.0.5 255.255.255.0

                                        route: writing to routing socket: File exists

                                        add net 192.168.1.0: gateway 10.8.0.5: File exists

2016-08-17 18:37:29 /sbin/route add -net 10.8.0.0 10.8.0.5 255.255.255.0

                                        add net 10.8.0.0: gateway 10.8.0.5

2016-08-17 18:37:29 /sbin/route add -net 10.8.0.1 10.8.0.5 255.255.255.255

                                        add net 10.8.0.1: gateway 10.8.0.5

                                        **********************************************

                                        Start of output from client.up.tunnelblick.sh

                                        NOTE: No network configuration changes need to be made.

                                        WARNING: Will NOT monitor for other network configuration changes.

                                        WARNING: Will NOT disable IPv6 settings.

                                        DNS servers '192.168.1.1' will be used for DNS queries when the VPN is active

                                        NOTE: The DNS servers do not include any free public DNS servers known to Tunnelblick. This may cause DNS queries to fail or be intercepted or falsified even if they are directed through the VPN. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.

                                        Flushed the DNS cache via dscacheutil

                                        /usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil

                                        Notified mDNSResponder that the DNS cache was flushed

                                        End of output from client.up.tunnelblick.sh

                                        **********************************************

2016-08-17 18:37:31 *Tunnelblick: No 'connected.sh' script to execute

2016-08-17 18:37:31 Initialization Sequence Completed

2016-08-17 18:37:31 MANAGEMENT: >STATE:1471430251,CONNECTED,SUCCESS,10.8.0.6,118.189.62.103

Tunnelblick developer

unread,
Aug 17, 2016, 9:07:54 AM8/17/16
to tunnelblick-discuss, gil...@rezolva.com.sg, gilbert...@gmail.com
Please follow the instructions at Read Before You Post to get the info needed to diagnose problems and then post that info.
Reply all
Reply to author
Forward
0 new messages