Tried Tunnelblick 3.4beta20 on MacBook Pro to connect to 111.89.73.116 by Tsukuba. Never succeeded. Stuck in 'Authorizing' . Hope someone can help me.
$ uname -a
Darwin joshuas-MacBook-Pro.local 13.1.0 Darwin Kernel Version 13.1.0: Thu Jan 16 19:40:37 PST 2014; root:xnu-2422.90.20~2/RELEASE_X86_64 x86_64
Here is the log.
------------------------
2014-04-06 22:12:58 *Tunnelblick: OS X 10.9.2; Tunnelblick 3.4beta20 (build 3727)
2014-04-06 22:12:58 *Tunnelblick: Attempting connection with tsubuka using shadow copy; Set nameserver = 1; monitoring connection
2014-04-06 22:12:58 *Tunnelblick: openvpnstart start tsubuka.tblk 1337 1 0 1 0 305 -ptADGNWradsgnw 2.2.1
2014-04-06 22:12:59 *Tunnelblick: openvpnstart log:
Loading tun-signed.kext
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn
--cd
/Library/Application Support/Tunnelblick/Users/joshua/tsubuka.tblk/Contents/Resources
--daemon
--management
127.0.0.1
1337
--config
/Library/Application Support/Tunnelblick/Users/joshua/tsubuka.tblk/Contents/Resources/config.ovpn
--log
/Library/Application Support/Tunnelblick/Logs/-SUsers-Sjoshua-SLibrary-SApplication Support-STunnelblick-SConfigurations-Stsubuka.tblk-SContents-SResources-Sconfig.ovpn.1_0_1_0_305.1337.openvpn.log
--management-query-passwords
--management-hold
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -f -ptADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -f -ptADGNWradsgnw
2014-04-06 22:12:58 OpenVPN 2.2.1 i386-apple-darwin10.8.0 [SSL] [LZO2] [PKCS11] [eurephia] built on Jan 6 2014
2014-04-06 22:12:58 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2014-04-06 22:12:58 Need hold release from management interface, waiting...
2014-04-06 22:12:58 *Tunnelblick: openvpnstart starting OpenVPN
2014-04-06 22:12:59 *Tunnelblick: Established communication with OpenVPN
2014-04-06 22:12:59 MANAGEMENT: Client connected from 127.0.0.1:1337
2014-04-06 22:12:59 MANAGEMENT: CMD 'pid'
2014-04-06 22:12:59 MANAGEMENT: CMD 'state on'
2014-04-06 22:12:59 MANAGEMENT: CMD 'state'
2014-04-06 22:12:59 MANAGEMENT: CMD 'bytecount 1'
2014-04-06 22:12:59 MANAGEMENT: CMD 'hold release'
2014-04-06 22:12:59 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2014-04-06 22:12:59 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2014-04-06 22:12:59 Control Channel MTU parms [ L:1557 D:138 EF:38 EB:0 ET:0 EL:0 ]
2014-04-06 22:12:59 Socket Buffers: R=[196724->65536] S=[9216->65536]
2014-04-06 22:12:59 Data Channel MTU parms [ L:1557 D:1450 EF:57 EB:4 ET:0 EL:0 ]
2014-04-06 22:12:59 Local Options hash (VER=V4): '8326dbaa'
2014-04-06 22:12:59 Expected Remote Options hash (VER=V4): 'b7f67de4'
2014-04-06 22:12:59 UDPv4 link local: [undef]
2014-04-06 22:12:59 UDPv4 link remote: 111.89.73.116:1194
2014-04-06 22:12:59 MANAGEMENT: >STATE:1396793579,WAIT,,,
2014-04-06 22:12:59 MANAGEMENT: >STATE:1396793579,AUTH,,,
2014-04-06 22:12:59 TLS: Initial packet from 111.89.73.116:1194, sid=c78af0ed c310d9b0
2014-04-06 22:14:00 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2014-04-06 22:14:00 TLS Error: TLS handshake failed
2014-04-06 22:14:00 TCP/UDP: Closing socket
2014-04-06 22:14:00 SIGUSR1[soft,tls-error] received, process restarting
2014-04-06 22:14:00 MANAGEMENT: >STATE:1396793640,RECONNECTING,tls-error,,
2014-04-06 22:14:00 MANAGEMENT: CMD 'hold release'
2014-04-06 22:14:00 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2014-04-06 22:14:00 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2014-04-06 22:14:00 Re-using SSL/TLS context
2014-04-06 22:14:00 Control Channel MTU parms [ L:1557 D:138 EF:38 EB:0 ET:0 EL:0 ]
2014-04-06 22:14:00 Socket Buffers: R=[196724->65536] S=[9216->65536]
2014-04-06 22:14:00 Data Channel MTU parms [ L:1557 D:1450 EF:57 EB:4 ET:0 EL:0 ]
2014-04-06 22:14:00 Local Options hash (VER=V4): '8326dbaa'
2014-04-06 22:14:00 Expected Remote Options hash (VER=V4): 'b7f67de4'
2014-04-06 22:14:00 UDPv4 link local: [undef]
2014-04-06 22:14:00 UDPv4 link remote: 111.89.73.116:1194
2014-04-06 22:14:00 MANAGEMENT: >STATE:1396793640,WAIT,,,
2014-04-06 22:14:00 MANAGEMENT: >STATE:1396793640,AUTH,,,
2014-04-06 22:14:00 TLS: Initial packet from 111.89.73.116:1194, sid=7c3b9363 38c7380a
2014-04-06 22:14:10 *Tunnelblick: Disconnecting; notification window disconnect button pressed
2014-04-06 22:14:10 *Tunnelblick: Disconnecting using 'killall'
2014-04-06 22:14:10 event_wait : Interrupted system call (code=4)
2014-04-06 22:14:10 TCP/UDP: Closing socket
2014-04-06 22:14:10 SIGTERM[hard,] received, process exiting
2014-04-06 22:14:10 MANAGEMENT: >STATE:1396793650,EXITING,SIGTERM,,
2014-04-06 22:14:10 *Tunnelblick: No 'post-disconnect.sh' script to execute
2014-04-06 22:14:10 *Tunnelblick: Expected disconnection occurred.
MacOS X Mavericks + tunnelblick TLS handshake failed
-
joshua-shanghai
- Posts: 4
- Joined: Sun Apr 06, 2014 12:54 pm
-
joshua-shanghai
- Posts: 4
- Joined: Sun Apr 06, 2014 12:54 pm
Re: MacOS X Mavericks + tunnelblick TLS handshake failed
I can vpn connect from my mac to ubuntu. Here are the some details:
1) run openvpn server (openvpn-2.3.2, built from source) on thinkpad + ubuntu-13.10. tun0 is created with ip 10.8.0.1
2) run openvpn client (openvpn-2.3.2, built from source) on mac. tun0 is created with ip 10.8.0.6
3) keys and certs are generated from easy-rsa
4) can ssh from mac to ubuntu
but when I run tunnelblick, I don't see any tunxxx created. Is that normal?
I doubt this is not a vpngate issue, but a tunnelblick issue. tunnelblick seems not to be built under Mavericks + Xcode 5.1, so I can't poke around the code to figure it out.
1) run openvpn server (openvpn-2.3.2, built from source) on thinkpad + ubuntu-13.10. tun0 is created with ip 10.8.0.1
2) run openvpn client (openvpn-2.3.2, built from source) on mac. tun0 is created with ip 10.8.0.6
3) keys and certs are generated from easy-rsa
4) can ssh from mac to ubuntu
but when I run tunnelblick, I don't see any tunxxx created. Is that normal?
I doubt this is not a vpngate issue, but a tunnelblick issue. tunnelblick seems not to be built under Mavericks + Xcode 5.1, so I can't poke around the code to figure it out.
-
joshua-shanghai
- Posts: 4
- Joined: Sun Apr 06, 2014 12:54 pm
Re: MacOS X Mavericks + tunnelblick TLS handshake failed
One more thing, OpenVPN Connect on my iPad mini can connect to vpngate. So I may say that my home wifi seems not to be a cause.
-
joshua-shanghai
- Posts: 4
- Joined: Sun Apr 06, 2014 12:54 pm
Re: MacOS X Mavericks + tunnelblick TLS handshake failed
i looked at /var/log/system.log, and found this suspicious entry:
Tunnelblick[55422]: CFNetwork SSLHandshake failed (-9806).
Just an experiment. I cut out the ca certificate, saved as ca.crt and then imported to KeyChain. Same old same old.
Tunnelblick[55422]: CFNetwork SSLHandshake failed (-9806).
Just an experiment. I cut out the ca certificate, saved as ca.crt and then imported to KeyChain. Same old same old.
-
onyx
- Posts: 30
- Joined: Fri Mar 21, 2014 2:11 am
Re: MacOS X Mavericks + tunnelblick TLS handshake failed
Maybe something with your mac firewall. I'm using tblick 3.3.0 as I think it's more stable. I'm using mountain lion though. Just try to check if it's your firewall or AV that's blocking it, or just try old version of tunnelblick.