Tunnelblick connecting but no internet

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Author Message
amrogers3
DD-WRT Novice


Joined: 05 Nov 2010
Posts: 48

PostPosted: Wed Nov 13, 2013 3:46    Post subject: Tunnelblick connecting but no internet Reply with quote
Need some help with DDWRT and VPN. I have DDWRT installed on a WRT54GL. I am running Tunnelblick on mac, OSX 10.8.3.

It appears it is connecting successfully, however, it appears I cannot resolve webpages. First I saw LZO errors so I commented out # comp-lzo

I added Google's DNS servers but that did not help.
# route all traffic through VPN
redirect-gateway def1
dhcp-option DNS 8.8.8.8
dhcp-option DNS 8.8.4.4

I apologize for the verbosity of the file, but here it is...Any help would be appreciated:

================================================

*Tunnelblick: OS X 10.8.3; Tunnelblick 3.3.0 (build 3518); Admin user

Configuration file for /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk:

##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################

# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client

# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun0

# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap

# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote test.no-ip.org 1194
;remote my-server-2 1194

# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.
nobind

# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody

# Try to preserve some state across restarts.
persist-key
persist-tun

# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]

# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
mute-replay-warnings

# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca ca.crt
cert client1.crt
key client1.key

# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
;ns-cert-type server

# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1

# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x

# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
# comp-lzo

# Set log file verbosity.
verb 3

# Silence repeating messages
;mute 20

# route all traffic through VPN
redirect-gateway def1
dhcp-option DNS 8.8.8.8
dhcp-option DNS 8.8.4.4



================================================================================

Tunnelblick Log:

2013-11-12 20:53:17 *Tunnelblick: OS X 10.8.3; Tunnelblick 3.3.0 (build 3518)
2013-11-12 20:53:17 *Tunnelblick: Attempting connection with Tunnelblick; Set nameserver = 1; monitoring connection
2013-11-12 20:53:17 *Tunnelblick: openvpnstart start Tunnelblick.tblk 1337 1 0 3 0 305 -atADGNWradsgnw
2013-11-12 20:53:18 *Tunnelblick: openvpnstart log:
Loading tun.kext

OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):

/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn
--cd
/Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources
--daemon
--management
127.0.0.1
1337
--config
/Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/config.ovpn
--log
/Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-STunnelblick.tblk-SContents-SResources-Sconfig.ovpn.1_0_3_0_305.1337.openvpn.log
--management-query-passwords
--management-hold
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -f -atADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -f -atADGNWradsgnw
--up-restart

2013-11-12 20:53:17 OpenVPN 2.2.1 i386-apple-darwin10.8.0 [SSL] [LZO2] [PKCS11] [eurephia] built on Jul 22 2013
2013-11-12 20:53:17 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2013-11-12 20:53:17 Need hold release from management interface, waiting...
2013-11-12 20:53:17 *Tunnelblick: openvpnstart starting OpenVPN:
* /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn --cd /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources --daemon --management 127.0.0.1 1337 --config /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/config.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-STunnelblick.tblk-SContents-SResources-Sconfig.ovpn.1_0_3_0_305.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -f -atADGNWradsgnw --down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -f -atADGNWradsgnw --up-restart
2013-11-12 20:53:18 *Tunnelblick: Established communication with OpenVPN
2013-11-12 20:53:18 MANAGEMENT: Client connected from 127.0.0.1:1337
2013-11-12 20:53:18 MANAGEMENT: CMD 'pid'
2013-11-12 20:53:18 MANAGEMENT: CMD 'state on'
2013-11-12 20:53:18 MANAGEMENT: CMD 'state'
2013-11-12 20:53:18 MANAGEMENT: CMD 'bytecount 1'
2013-11-12 20:53:18 MANAGEMENT: CMD 'hold release'
2013-11-12 20:53:18 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2013-11-12 20:53:18 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2013-11-12 20:53:18 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
2013-11-12 20:53:18 Socket Buffers: R=[196724->65536] S=[9216->65536]
2013-11-12 20:53:18 MANAGEMENT: >STATE:1384311198,RESOLVE,,,
2013-11-12 20:53:18 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
2013-11-12 20:53:18 Local Options hash (VER=V4): '3514370b'
2013-11-12 20:53:18 Expected Remote Options hash (VER=V4): '239669a8'
2013-11-12 20:53:18 UDPv4 link local: [undef]
2013-11-12 20:53:18 UDPv4 link remote: 97.162.198.191:1194
2013-11-12 20:53:18 MANAGEMENT: >STATE:1384311198,WAIT,,,
2013-11-12 20:53:18 MANAGEMENT: >STATE:1384311198,AUTH,,,
2013-11-12 20:53:18 TLS: Initial packet from 97.162.198.191:1194, sid=6dad7a1c 0102eb41
2013-11-12 20:53:19 VERIFY OK: depth=1, /C=US/ST=TX/L=Home/O=Home/OU=Home/CN=server/name=server/emailAddress=me@myhost.mydomain
2013-11-12 20:53:19 VERIFY OK: depth=0, /C=US/ST=TX/L=Dallas/O=Home/CN=server/name=Home/emailAddress=me@myhost.mydomain
2013-11-12 20:53:23 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2013-11-12 20:53:23 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2013-11-12 20:53:23 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2013-11-12 20:53:23 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2013-11-12 20:53:23 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
2013-11-12 20:53:23 [server] Peer Connection Initiated with 97.162.198.191:1194
2013-11-12 20:53:24 MANAGEMENT: >STATE:1384311204,GET_CONFIG,,,
2013-11-12 20:53:25 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2013-11-12 20:53:25 PUSH: Received control message: 'PUSH_REPLY,route 10.0.1.0 255.255.255.0,dhcp-option DNS 192.168.66.1,route 192.168.66.1,topology net30,ping 10,ping-restart 120,ifconfig 192.168.66.6 192.168.66.5'
2013-11-12 20:53:25 OPTIONS IMPORT: timers and/or timeouts modified
2013-11-12 20:53:25 OPTIONS IMPORT: --ifconfig/up options modified
2013-11-12 20:53:25 OPTIONS IMPORT: route options modified
2013-11-12 20:53:25 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2013-11-12 20:53:25 ROUTE default_gateway=192.168.0.1
2013-11-12 20:53:25 TUN/TAP device /dev/tun0 opened
2013-11-12 20:53:25 MANAGEMENT: >STATE:1384311205,ASSIGN_IP,,192.168.66.6,
2013-11-12 20:53:25 /sbin/ifconfig tun0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2013-11-12 20:53:25 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2013-11-12 20:53:25 /sbin/ifconfig tun0 192.168.66.6 192.168.66.5 mtu 1500 netmask 255.255.255.255 up
2013-11-12 20:53:25 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -f -atADGNWradsgnw tun0 1500 1541 192.168.66.6 192.168.66.5 init
2013-11-12 20:53:27 *Tunnelblick client.up.tunnelblick.sh: Retrieved from OpenVPN: name server(s) [ 8.8.8.8 8.8.4.4 192.168.66.1 ], search domain(s) [ ] and SMB server(s) [ ] and using default domain name [ openvpn ]
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_DNS_CONFIG = No such key
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_SMB_CONFIG = No such key
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_DNS_CONFIG = <dictionary> { DomainName : lan ServerAddresses : <array> { 192.168.0.1 } }
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_SMB_CONFIG = No such key
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: DYN_DNS_DN = openvpn; DYN_DNS_SA = 8.8.8.8 8.8.4.4 192.168.66.1; DYN_DNS_SD =
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: DYN_SMB_NN = ; DYN_SMB_WG = ; DYN_SMB_WA =
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_DNS_DN = ; MAN_DNS_SA = ; MAN_DNS_SD =
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_SMB_NN = ; MAN_SMB_WG = ; MAN_SMB_WA =
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_DNS_DN = 192.168.0.1; CUR_DNS_SA = 192.168.0.1; CUR_DNS_SD =
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_SMB_NN = ; CUR_SMB_WG = ; CUR_SMB_WA =
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: ServerAddresses were not aggregated because running on OS X 10.6 or higher
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: Setting search domains to 'openvpn' because running under OS X 10.6 or higher and the search domains were not set manually and 'Prepend domain name to search domains' was not selected
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: FIN_DNS_DN = openvpn; FIN_DNS_SA = 8.8.8.8 8.8.4.4 192.168.66.1; FIN_DNS_SD = openvpn
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: FIN_SMB_NN = ; FIN_SMB_WG = ; FIN_SMB_WA =
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: OS X 10.8 or higher, so will modify DNS settings using Setup: in addition to State:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: SKP_DNS = ; SKP_DNS_SA = ; SKP_DNS_SD = ; SKP_DNS_DN =
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: SKP_SETUP_DNS =
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: SKP_SMB = #; SKP_SMB_NN = #; SKP_SMB_WG = #; SKP_SMB_WA = #
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: /etc/resolve = domain lan nameserver 192.168.0.1
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: scutil --dns BEFORE CHANGES = DNS configuration resolver #1 search domain[0] : lan nameserver[0] : 192.168.0.1 if_index : 4 (en1) reach : Reachable,Directly Reachable Address resolver #2 domain : local options : mdns timeout : 5 order : 300000 resolver #3 domain : 254.169.in-addr.arpa options : mdns timeout : 5 order : 300200 resolver #4 domain : 8.e.f.ip6.arpa options : mdns timeout : 5 order : 300400 resolver #5 domain : 9.e.f.ip6.arpa options : mdns timeout : 5 order : 300600 resolver #6 domain : a.e.f.ip6.arpa options : mdns timeout : 5 order : 300800 resolver #7 domain : b.e.f.ip6.arpa options : mdns timeout : 5 order : 301000 DNS configuration (for scoped queries) resolver #1 search domain[0] : lan nameserver[0] : 192.168.0.1 if_index : 4 (en1) flags : Scoped reach : Reachable,Directly Reachable Address
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Configuration changes:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD State: ServerAddresses 8.8.8.8 8.8.4.4 192.168.66.1
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD State: SearchDomains openvpn
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD State: DomainName openvpn
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD Setup: ServerAddresses 8.8.8.8 8.8.4.4 192.168.66.1
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD Setup: SearchDomains openvpn
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD Setup: DomainName openvpn
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ##ADD State: NetBIOSName
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ##ADD State: Workgroup
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ##ADD State: WINSAddresses
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:28 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Pause for configuration changes to be propagated to State:/Network/Global/DNS and .../SMB
2013-11-12 20:53:29 /sbin/route add -net 97.162.198.191 192.168.0.1 255.255.255.255
add net 97.162.198.191: gateway 192.168.0.1
2013-11-12 20:53:29 /sbin/route add -net 0.0.0.0 192.168.66.5 128.0.0.0
add net 0.0.0.0: gateway 192.168.66.5
2013-11-12 20:53:29 /sbin/route add -net 128.0.0.0 192.168.66.5 128.0.0.0
add net 128.0.0.0: gateway 192.168.66.5
2013-11-12 20:53:29 MANAGEMENT: >STATE:1384311209,ADD_ROUTES,,,
2013-11-12 20:53:29 /sbin/route add -net 10.0.1.0 192.168.66.5 255.255.255.0
add net 10.0.1.0: gateway 192.168.66.5
2013-11-12 20:53:29 /sbin/route add -net 192.168.66.1 192.168.66.5 255.255.255.255
add net 192.168.66.1: gateway 192.168.66.5
2013-11-12 20:53:29 Initialization Sequence Completed
2013-11-12 20:53:29 MANAGEMENT: >STATE:1384311209,CONNECTED,SUCCESS,192.168.66.6,97.162.198.191
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Configurations as read back after changes:
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/.../DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 8.8.8.8 8.8.4.4 192.168.66.1 } }
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/.../SMB = No such key
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Setup:/.../DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 8.8.8.8 8.8.4.4 192.168.66.1 } }
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Setup:/.../SMB = No such key
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/Global/DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 8.8.8.8 8.8.4.4 192.168.66.1 } }
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/Global/SMB = No such key
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Expected by process-network-changes:
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/OpenVPN/DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 8.8.8.8 8.8.4.4 192.168.66.1 } }
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/OpenVPN/SMB = <dictionary> { TunnelblickNoSuchKey : true }
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG: /etc/resolve = search openvpn nameserver 8.8.8.8 nameserver 8.8.4.4 nameserver 192.168.66.1
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG: scutil --dns AFTER CHANGES = DNS configuration resolver #1 search domain[0] : openvpn nameserver[0] : 8.8.8.8 nameserver[1] : 8.8.4.4 nameserver[2] : 192.168.66.1 reach : Reachable resolver #2 domain : local options : mdns timeout : 5 order : 300000 resolver #3 domain : 254.169.in-addr.arpa options : mdns timeout : 5 order : 300200 resolver #4 domain : 8.e.f.ip6.arpa options : mdns timeout : 5 order : 300400 resolver #5 domain : 9.e.f.ip6.arpa options : mdns timeout : 5 order : 300600 resolver #6 domain : a.e.f.ip6.arpa options : mdns timeout : 5 order : 300800 resolver #7 domain : b.e.f.ip6.arpa options : mdns timeout : 5 order : 301000 DNS configuration (for scoped queries) resolver #1 search domain[0] : openvpn nameserver[0] : 8.8.8.8 nameserver[1] : 8.8.4.4 nameserver[2] : 192.168.66.1 if_index : 4 (en1) flags : Scoped reach : Reachable
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and SMB configurations for later use
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: Flushed the DNS Cache
2013-11-12 20:53:29 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor system configuration with leasewatch
2013-11-12 20:53:30 *Tunnelblick: No 'connected.sh' script to execute
2013-11-12 20:54:04 *Tunnelblick leasewatch: A system configuration change was ignored because it was not relevant
2013-11-12 20:54:05 *Tunnelblick: After 30.0 seconds, gave up trying to fetch IP address information using the ipInfo host's name after connecting.

================================================================================

Console Log:


2013-11-12 19:50:48 Tunnelblick[23237] Must have one configuration in a .tblk, 0 were found in /Users/Aaron/Desktop/Tunnelblick/Tunnelblick.tblk
2013-11-12 19:51:59 Tunnelblick[23237] An uncaught exception was raised
2013-11-12 19:51:59 Tunnelblick[23237] *** -[__NSArrayI objectAtIndex:]: index 0 beyond bounds for empty array

)
2013-11-12 19:52:39 Tunnelblick[23237] Must have one configuration in a .tblk, 0 were found in /Users/Aaron/Desktop/Tunnelblick/Tunnelblick.tblk
2013-11-12 19:53:01 Tunnelblick[23237] An uncaught exception was raised
2013-11-12 19:53:01 Tunnelblick[23237] *** -[__NSArrayI objectAtIndex:]: index 0 beyond bounds for empty array

)
2013-11-12 19:57:10 Tunnelblick[23237] /private/var/folders/5m/wh8_z_5n1yg8270q1ryw8nzm0000gn/T/TunnelblickTemporaryDotTblk-fYBpf7/Tunnelblick.tblk/Contents/Resources/config.ovpn: Did not need to modify configuration file; no path information to remove
2013-11-12 19:57:10 Tunnelblick[23237] The configuration file in Tunnelblick.tblk has a 'ca' option with file 'ca.crt' which cannot be found.
2013-11-12 19:58:11 Tunnelblick[23237] /private/var/folders/5m/wh8_z_5n1yg8270q1ryw8nzm0000gn/T/TunnelblickTemporaryDotTblk-BS79lb/Tunnelblick.tblk/Contents/Resources/config.ovpn: Did not need to modify configuration file; no path information to remove
2013-11-12 19:58:27 Tunnelblick[23237] Beginning installation or repair
2013-11-12 19:58:27 authexec[27685] executing /Applications/Tunnelblick.app/Contents/Resources/installer
2013-11-12 19:58:27 Tunnelblick[23237] Installation or repair succeeded; Log:
Tunnelblick installer started 2013-11-12 19:58:27. 3 arguments: 0x0001 /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk /private/var/folders/5m/wh8_z_5n1yg8270q1ryw8nzm0000gn/T/TunnelblickTemporaryDotTblk-BS79lb/Tunnelblick.tblk
Copied /private/var/folders/5m/wh8_z_5n1yg8270q1ryw8nzm0000gn/T/TunnelblickTemporaryDotTblk-BS79lb/Tunnelblick.tblk to /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk.temp
Copied /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk.temp to /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk
Changed ownership of /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk and its contents to 0:0
Changed permissions from 755 to 750 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk
Changed permissions from 755 to 750 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents
Changed permissions from 755 to 750 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources
Changed permissions from 755 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/ca.crt
Changed permissions from 755 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/client1.crt
Changed permissions from 755 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/client1.key
Changed permissions from 644 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/config.ovpn
Changed permissions from 755 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/server.crt
2013-11-12 20:23:34 Tunnelblick[23237] DEBUG: currentIPInfo(Name): IP address info could not be fetched within 5.0 seconds
2013-11-12 20:23:34 Tunnelblick[23237] After 5.0 seconds, gave up trying to fetch IP address information before connecting
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: has checked for active daemons
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: includeDaemons = 0; noUnknownOpenVPNsRunning = 1; noActiveDaemons = 1; noDownRootsActive = 1
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: will use killAll
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: requested killAll
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: killAll finished
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:25:34 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:28:12 Tunnelblick[23237] DEBUG: currentIPInfo(Name): IP address info was fetched in 378 milliseconds
2013-11-12 20:28:12 Tunnelblick[23237] DEBUG: currentIPInfo(Name): [174.151.166.121, 56029, 205.233.73.116]
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: has checked for active daemons
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: includeDaemons = 0; noUnknownOpenVPNsRunning = 1; noActiveDaemons = 1; noDownRootsActive = 1
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: will use killAll
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: requested killAll
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: killAll finished
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:30:09 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:39:43 Tunnelblick[23237] DEBUG: currentIPInfo(Name): IP address info was fetched in 1198 milliseconds
2013-11-12 20:39:43 Tunnelblick[23237] DEBUG: currentIPInfo(Name): [174.151.166.121, 56504, 205.233.73.116]
2013-11-12 20:39:54 Tunnelblick[23237] DEBUG: addActiveIPCheckThread: threadID '61910016-314232197791334' added to the active list
2013-11-12 20:39:54 Tunnelblick[23237] DEBUG: checkIPAddressAfterConnectedThread: Delaying 5.000000 seconds before checking connection
2013-11-12 20:39:59 Tunnelblick[23237] DEBUG: currentIPInfo(Name): IP address info was fetched in 300 milliseconds
2013-11-12 20:39:59 Tunnelblick[23237] DEBUG: currentIPInfo(Name): [174.151.166.121, 59408, 205.233.73.116]
2013-11-12 20:39:59 Tunnelblick[23237] DEBUG: isOnCancellingListIPCheckThread: threadID '61910016-314232197791334' is not on the the cancelling list
2013-11-12 20:39:59 Tunnelblick[23237] DEBUG: checkIPAddressAfterConnectedThread: fetched IP address 174.151.166.121
2013-11-12 20:39:59 Tunnelblick[23237] DEBUG: haveFinishedIPCheckThread: threadID '61910016-314232197791334' removed from active list
2013-11-12 20:42:05 Tunnelblick[23237] DEBUG: addActiveIPCheckThread: threadID '61910016-314363325249625' added to the active list
2013-11-12 20:42:05 Tunnelblick[23237] DEBUG: checkIPAddressAfterConnectedThread: Delaying 5.000000 seconds before checking connection
2013-11-12 20:42:40 Tunnelblick[23237] DEBUG: currentIPInfo(Name): IP address info could not be fetched within 30.0 seconds
2013-11-12 20:42:40 Tunnelblick[23237] DEBUG: isOnCancellingListIPCheckThread: threadID '61910016-314363325249625' is not on the the cancelling list
2013-11-12 20:42:40 Tunnelblick[23237] DEBUG: Timeout getting IP address using the ipInfo host's name; retrying by IP address
2013-11-12 20:42:41 Tunnelblick[23237] DEBUG: currentIPInfo(Address): IP address info was fetched in 794 milliseconds
2013-11-12 20:42:41 Tunnelblick[23237] DEBUG: currentIPInfo(Address): [174.151.166.121, 56520, 205.233.73.116]
2013-11-12 20:42:41 Tunnelblick[23237] DEBUG: isOnCancellingListIPCheckThread: threadID '61910016-314363325249625' is not on the the cancelling list
2013-11-12 20:42:41 Tunnelblick[23237] DEBUG: checkIPAddressAfterConnectedThread: fetched IP address 174.151.166.121 using the ipInfo host's IP address
2013-11-12 20:42:41 Tunnelblick[23237] DEBUG: haveFinishedIPCheckThread: threadID '61910016-314363325249625' removed from active list
2013-11-12 20:43:41 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:43:41 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:43:41 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: has checked for active daemons
2013-11-12 20:43:41 Tunnelblick[23237] DEBUG: includeDaemons = 0; noUnknownOpenVPNsRunning = 1; noActiveDaemons = 1; noDownRootsActive = 1
2013-11-12 20:43:41 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: will use killAll
2013-11-12 20:43:41 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: requested killAll
2013-11-12 20:43:42 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:43:42 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:43:42 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:43:42 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:43:42 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:43:42 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:43:42 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:43:42 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:43:42 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:43:42 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:43:42 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: killAll finished
2013-11-12 20:43:42 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:43:42 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 61910016
2013-11-12 20:45:08 Tunnelblick[23237] /private/var/folders/5m/wh8_z_5n1yg8270q1ryw8nzm0000gn/T/TunnelblickTemporaryDotTblk-w9W9SC/Tunnelblick.tblk/Contents/Resources/config.ovpn: Did not need to modify configuration file; no path information to remove
2013-11-12 20:45:20 Tunnelblick[23237] Beginning installation or repair
2013-11-12 20:45:20 authexec[28901] executing /Applications/Tunnelblick.app/Contents/Resources/installer
2013-11-12 20:45:20 Tunnelblick[23237] Installation or repair succeeded; Log:
Tunnelblick installer started 2013-11-12 20:45:20. 3 arguments: 0x0001 /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk /private/var/folders/5m/wh8_z_5n1yg8270q1ryw8nzm0000gn/T/TunnelblickTemporaryDotTblk-w9W9SC/Tunnelblick.tblk
Copied /private/var/folders/5m/wh8_z_5n1yg8270q1ryw8nzm0000gn/T/TunnelblickTemporaryDotTblk-w9W9SC/Tunnelblick.tblk to /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk.temp
Copied /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk.temp to /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk
Changed ownership of /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk and its contents to 0:0
Changed permissions from 755 to 750 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk
Changed permissions from 755 to 750 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents
Changed permissions from 755 to 750 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources
Changed permissions from 755 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/ca.crt
Changed permissions from 755 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/client1.crt
Changed permissions from 755 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/client1.key
Changed permissions from 644 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/config.ovpn
Changed permissions from 755 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/server.crt
2013-11-12 20:45:33 Tunnelblick[23237] DEBUG: currentIPInfo(Name): IP address info was fetched in 2131 milliseconds
2013-11-12 20:45:33 Tunnelblick[23237] DEBUG: currentIPInfo(Name): [174.151.166.121, 56531, 205.233.73.116]
2013-11-12 20:45:46 Tunnelblick[23237] DEBUG: addActiveIPCheckThread: threadID '62150656-314584541041721' added to the active list
2013-11-12 20:45:46 Tunnelblick[23237] DEBUG: checkIPAddressAfterConnectedThread: Delaying 5.000000 seconds before checking connection
2013-11-12 20:45:51 Tunnelblick[23237] DEBUG: currentIPInfo(Name): IP address info was fetched in 295 milliseconds
2013-11-12 20:45:51 Tunnelblick[23237] DEBUG: currentIPInfo(Name): [174.151.166.121, 37407, 205.233.73.116]
2013-11-12 20:45:51 Tunnelblick[23237] DEBUG: isOnCancellingListIPCheckThread: threadID '62150656-314584541041721' is not on the the cancelling list
2013-11-12 20:45:51 Tunnelblick[23237] DEBUG: checkIPAddressAfterConnectedThread: fetched IP address 174.151.166.121
2013-11-12 20:45:51 Tunnelblick[23237] DEBUG: haveFinishedIPCheckThread: threadID '62150656-314584541041721' removed from active list
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 62150656
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: has checked for active daemons
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: includeDaemons = 0; noUnknownOpenVPNsRunning = 1; noActiveDaemons = 1; noDownRootsActive = 1
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: will use killAll
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: requested killAll
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 62150656
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 62150656
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 62150656
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 62150656
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:48:40 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 62150656
2013-11-12 20:48:41 Tunnelblick[23237] DEBUG: killAllConnectionsIncludingDaemons: killAll finished
2013-11-12 20:48:41 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: Entered
2013-11-12 20:48:41 Tunnelblick[23237] DEBUG: cancelAllIPCheckThreadsForConnection: No active threads for connection 62150656
2013-11-12 20:52:22 Tunnelblick[23237] /private/var/folders/5m/wh8_z_5n1yg8270q1ryw8nzm0000gn/T/TunnelblickTemporaryDotTblk-i8ZjVh/Tunnelblick.tblk/Contents/Resources/config.ovpn: Did not need to modify configuration file; no path information to remove
2013-11-12 20:52:28 Tunnelblick[23237] Beginning installation or repair
2013-11-12 20:52:28 authexec[29349] executing /Applications/Tunnelblick.app/Contents/Resources/installer
2013-11-12 20:52:28 Tunnelblick[23237] Installation or repair succeeded; Log:
Tunnelblick installer started 2013-11-12 20:52:28. 3 arguments: 0x0001 /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk /private/var/folders/5m/wh8_z_5n1yg8270q1ryw8nzm0000gn/T/TunnelblickTemporaryDotTblk-i8ZjVh/Tunnelblick.tblk
Copied /private/var/folders/5m/wh8_z_5n1yg8270q1ryw8nzm0000gn/T/TunnelblickTemporaryDotTblk-i8ZjVh/Tunnelblick.tblk to /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk.temp
Copied /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk.temp to /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk
Changed ownership of /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk and its contents to 0:0
Changed permissions from 755 to 750 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk
Changed permissions from 755 to 750 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents
Changed permissions from 755 to 750 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources
Changed permissions from 755 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/ca.crt
Changed permissions from 755 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/client1.crt
Changed permissions from 755 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/client1.key
Changed permissions from 644 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/config.ovpn
Changed permissions from 755 to 600 on /Library/Application Support/Tunnelblick/Shared/Tunnelblick.tblk/Contents/Resources/server.crt
2013-11-12 20:53:17 Tunnelblick[23237] DEBUG: currentIPInfo(Name): IP address info was fetched in 336 milliseconds
2013-11-12 20:53:17 Tunnelblick[23237] DEBUG: currentIPInfo(Name): [174.151.166.121, 56605, 205.233.73.116]
2013-11-12 20:53:30 Tunnelblick[23237] DEBUG: addActiveIPCheckThread: threadID '45629952-315048019218171' added to the active list
2013-11-12 20:53:30 Tunnelblick[23237] DEBUG: checkIPAddressAfterConnectedThread: Delaying 5.000000 seconds before checking connection
2013-11-12 20:54:05 Tunnelblick[23237] DEBUG: currentIPInfo(Name): IP address info could not be fetched within 30.0 seconds
2013-11-12 20:54:05 Tunnelblick[23237] DEBUG: isOnCancellingListIPCheckThread: threadID '45629952-315048019218171' is not on the the cancelling list
2013-11-12 20:54:05 Tunnelblick[23237] DEBUG: Timeout getting IP address using the ipInfo host's name; retrying by IP address
Sponsor
amrogers3
DD-WRT Novice


Joined: 05 Nov 2010
Posts: 48

PostPosted: Wed Nov 13, 2013 4:45    Post subject: Reply with quote
Could my issue lie here:

push "route 10.0.1.0 255.255.255.0"
push "dhcp-option DNS 192.168.66.1"
server 192.168.66.0 255.255.255.0

DDWRT is assigned IP 10.0.1.2. Do I need to change DNS IP from 192.68.66.1 or is that one side of the VPN tunnel?

I should note I have the DDWRT wired to an Apple Airport Extreme. I can browse with no issues connecting laptop both wireless and wired to the DDWRT.

I did a little bit more more research and added "float", "route-delay 30", and changed up the Tunnelblick config file. Still no love.

##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################

remote test.no-ip.org 1194

# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client

remote-cert-tls server

# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
# ;dev tap
dev tun0

# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
# ;dev-node MyTap

# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
# ;proto tcp
proto udp

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
# remote test.no-ip.org 1194
# ;remote my-server-2 1194

# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.
nobind

# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody

# Try to preserve some state across restarts.
persist-key
persist-tun

# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]

# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
mute-replay-warnings

# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca ca.crt
cert client1.crt
key client1.key

# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
;ns-cert-type server

# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1

# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
# ;cipher x

# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
# comp-lzo

# Set log file verbosity.
verb 3

# Silence repeating messages
;mute 20

float

route-delay 30

# route all traffic through VPN
redirect-gateway def1
dhcp-option DNS 8.8.8.8
dhcp-option DNS 8.8.4.4
amrogers3
DD-WRT Novice


Joined: 05 Nov 2010
Posts: 48

PostPosted: Thu Nov 14, 2013 20:00    Post subject: Reply with quote
DNS appears to be an issue. Not sure if it is a routing or configuration issue. I have checked the configs and they appear to be correct.

2013-11-14 13:57:39 MANAGEMENT: >STATE:1384459059,CONNECTED,SUCCESS,192.168.66.6,97.162.198.191
2013-11-14 13:57:39 *Tunnelblick: No 'connected.sh' script to execute
2013-11-14 13:58:14 *Tunnelblick: After 30.0 seconds, gave up trying to fetch IP address information using the ipInfo host's name after connecting.
2013-11-14 13:58:44 *Tunnelblick: After 30.0 seconds, gave up trying to fetch IP address information using the ipInfo host's IP address after connecting.


Last edited by amrogers3 on Wed Nov 27, 2013 22:59; edited 1 time in total
amrogers3
DD-WRT Novice


Joined: 05 Nov 2010
Posts: 48

PostPosted: Sun Nov 17, 2013 22:23    Post subject: Reply with quote
Bump.

Can anyone help out with this?
amrogers3
DD-WRT Novice


Joined: 05 Nov 2010
Posts: 48

PostPosted: Sun Nov 24, 2013 15:53    Post subject: Reply with quote
Anyone??
ndewan
DD-WRT Guru


Joined: 14 Jan 2010
Posts: 553

PostPosted: Tue Nov 26, 2013 19:54    Post subject: Reply with quote
Looks like you are using a Mac, have you tried your config using a non-Mac device

I would try to isolate the problem, is it the configs that need to be tweaked, or is there a problem with Tunnelblick. Tunnelblick just came up with a new build.

I have had issues similar to yours and mine were config related. I managed to tweak the config to the point where I got it to work.

What would really help me would be for you to put a schematic together of what you are trying to implement. If you could provide the WAN and LAN side IP's of the routers involved, that would be great. Suppress information that you would like to keep confidential.

Send me the client and server side configs and I will try to help.

PM me if that works better. I will try to help.

_________________
===================================
1 * DIR-866L - 29193 Mega (Main Gateway)
1 * EA4200 - 29193 Mega (Main Gateway)
1 * EA6500 - 29193 Mega (Repeater Bridge)
1 * EA6500v2 - 29193 Mega (Repeater Bridge)
1 * WRT610N - 29193 Mega (Repeater Bridge)
===================================
amrogers3
DD-WRT Novice


Joined: 05 Nov 2010
Posts: 48

PostPosted: Wed Nov 27, 2013 16:17    Post subject: Reply with quote
ndewan wrote:

PM me if that works better. I will try to help.


Help finally arrived! Thank you!!! Very Happy

I will get back with you shortly with the answers to your questions. Thanks again!!
amrogers3
DD-WRT Novice


Joined: 05 Nov 2010
Posts: 48

PostPosted: Wed Nov 27, 2013 22:40    Post subject: Reply with quote
ndewan wrote:
Looks like you are using a Mac, have you tried your config using a non-Mac device


I do have a MAC and am using Tunnelblick 3.3.0 on OSX 10.8.3. I do not have a non mac device unfortunately (or maybe I mean fortunately Smile ).

Should I try different version of TunnelBlick?

ndewan wrote:
I would try to isolate the problem, is it the configs that need to be tweaked, or is there a problem with Tunnelblick. Tunnelblick just came up with a new build.


Tunnelblick does actually connect.

2013-11-14 13:57:39 MANAGEMENT: >STATE:1384459059,CONNECTED,SUCCESS,192.168.66.6,97.162.198.191

However, I cannot resolve websites and the Tunnelblick log shows the error:

2013-11-14 13:58:14 *Tunnelblick: After 30.0 seconds, gave up trying to fetch IP address information using the ipInfo host's name after connecting.

ndewan wrote:
What would really help me would be for you to put a schematic together of what you are trying to implement. If you could provide the WAN and LAN side IP's of the routers involved, that would be great. Suppress information that you would like to keep confidential.


Ok, so if I wirelessly connect to WRT54G either wireless or wired, I can resolve and browse webpages no problem. It appears to me (in my limited knowledge) that the DNS resolution is breaking somewhere.

More to follow... Let me get you more info on WAN and LAN side.


Last edited by amrogers3 on Wed Nov 27, 2013 22:59; edited 2 times in total
amrogers3
DD-WRT Novice


Joined: 05 Nov 2010
Posts: 48

PostPosted: Wed Nov 27, 2013 22:56    Post subject: Reply with quote
Ok, here is my OpenVPN config

push "route 192.168.54.0 255.255.255.0"
push "dhcp-option DNS 192.168.66.1"
server 192.168.66.0 255.255.255.0

dev tun0
proto udp
keepalive 10 120
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem

management localhost 5001

##############################################


My tunnelblick config is


remote thetestserver.no-ip.org 1194

# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client

remote-cert-tls server

# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
# ;dev tap
dev tun0

# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
# ;proto tcp
proto udp

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.
nobind

# Try to preserve some state across restarts.
persist-key
persist-tun

# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
mute-replay-warnings

ca ca.crt
cert client1.crt
key client1.key

# Set log file verbosity.
verb 3

# Silence repeating messages
;mute 20

float

# route all traffic through VPN
dhcp-option DNS 8.8.8.8
dhcp-option DNS 8.8.4.4
redirect-gateway def1

##############################################

I put Google's DNS servers before the "redirect" statement hoping that would work. It did not.

##############################################

Firewall rules

iptables -I INPUT 1 -p udp --dport 1194 -j ACCEPT
iptables -I FORWARD 1 --source 192.168.66.0/24 -j ACCEPT

# These next two lines may or may not be necessary.
# I (dereks) did not need them, but bmatthewshea did.
# Thus, we include them so that this works for more people:
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
ndewan
DD-WRT Guru


Joined: 14 Jan 2010
Posts: 553

PostPosted: Thu Nov 28, 2013 15:57    Post subject: Reply with quote
Can you send me a schematic of what you are trying to accomplish. Is this a road warrior situation and are you planning on using your router as a OpenVPN Server?

Do indicate the routers (model) and the version of firmware being used .. some are more picky that others.

Take your time if needed, I will not be able to get to it till the weekend.

Thanks ..

_________________
===================================
1 * DIR-866L - 29193 Mega (Main Gateway)
1 * EA4200 - 29193 Mega (Main Gateway)
1 * EA6500 - 29193 Mega (Repeater Bridge)
1 * EA6500v2 - 29193 Mega (Repeater Bridge)
1 * WRT610N - 29193 Mega (Repeater Bridge)
===================================
amrogers3
DD-WRT Novice


Joined: 05 Nov 2010
Posts: 48

PostPosted: Thu Dec 05, 2013 1:42    Post subject: Reply with quote
ndewan wrote:
Can you send me a schematic of what you are trying to accomplish. Is this a road warrior situation and are you planning on using your router as a OpenVPN Server?

Do indicate the routers (model) and the version of firmware being used .. some are more picky that others.


Sorry Ndewan, been super busy and just got back home from traveling.

Yes, so I am planing on using the WRT54GL as a OpenVPN server. Basically, I want to be able to securely browse the internet while on the road or in a unsecure public WIFI spot. Nothing heavy just secure tunnel back home to safely browse internet.

The router is a Linksys WRT54GL running Firmware: DD-WRT v24-sp2 (08/12/10) vpn.

Thanks again for the help and I will be readily available to answer anymore question you may have.
ndewan
DD-WRT Guru


Joined: 14 Jan 2010
Posts: 553

PostPosted: Thu Dec 05, 2013 5:42    Post subject: Reply with quote
That helps .. similar to what I have setup, so should be able to help.

What is the rev level of that build.

I remember using 15962 with a lot of success.

_________________
===================================
1 * DIR-866L - 29193 Mega (Main Gateway)
1 * EA4200 - 29193 Mega (Main Gateway)
1 * EA6500 - 29193 Mega (Repeater Bridge)
1 * EA6500v2 - 29193 Mega (Repeater Bridge)
1 * WRT610N - 29193 Mega (Repeater Bridge)
===================================
amrogers3
DD-WRT Novice


Joined: 05 Nov 2010
Posts: 48

PostPosted: Fri Dec 06, 2013 1:48    Post subject: Reply with quote
ndewan wrote:
That helps .. similar to what I have setup, so should be able to help.

What is the rev level of that build.

I remember using 15962 with a lot of success.


Hi ndewan, the rev number is 14929.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum