API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 14th, 2017
155
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 25.14 KB | None | 0 0
raw download clone embed print report
  1. *Tunnelblick: OS X 10.13.1; Tunnelblick 3.7.4b (build 4921); prior version 3.7.1b (build 4813); Admin user
  2. git commit 88763bb2b2bfcc7debb3ddc78cdf5a350722717c
  3.  
  4.  
  5. Configuration client2
  6.  
  7. "Sanitized" condensed configuration file for /Library/Application Support/Tunnelblick/Shared/client2.tblk:
  8.  
  9. client
  10. dev tun
  11. proto udp
  12. remote www.harnesk.net 1194
  13. resolv-retry infinite
  14. nobind
  15. user nobody
  16. group nogroup
  17. persist-key
  18. persist-tun
  19. remote-cert-tls server
  20. cipher AES-128-CBC
  21. auth SHA256
  22. comp-lzo
  23. verb 3
  24. key-direction 1
  25. <ca>
  26. [Security-related line(s) omitted]
  27. </ca>
  28. <cert>
  29. [Security-related line(s) omitted]
  30. </cert>
  31. <key>
  32. [Security-related line(s) omitted]
  33. </key>
  34. <tls-auth>
  35. [Security-related line(s) omitted]
  36. </tls-auth>
  37.  
  38.  
  39. ================================================================================
  40.  
  41. Non-Apple kexts that are loaded:
  42.  
  43. Index Refs Address Size Wired Name (Version) UUID <Linked Against>
  44. 22 0 0xffffff7f81007000 0xe000 0xe000 com.3dconnexion.driver (10.4.2) D1FC94C5-936D-3185-BECD-5AEA40D01AEC <21 20 16 5 4 3>
  45. 157 3 0xffffff7f83287000 0x61000 0x61000 org.virtualbox.kext.VBoxDrv (5.1.14) 08D6FFCF-2BDF-305C-8824-89E69602C30D <7 5 4 3 1>
  46. 165 0 0xffffff7f832e8000 0x8000 0x8000 org.virtualbox.kext.VBoxUSB (5.1.14) BF0B350D-C893-37DF-82F0-BE86ABA49D26 <164 157 20 7 5 4 3 1>
  47. 166 0 0xffffff7f832f0000 0x5000 0x5000 org.virtualbox.kext.VBoxNetFlt (5.1.14) 0291FFCC-8E46-3FFD-B674-BFA42D4E67E4 <157 7 5 4 3 1>
  48. 167 0 0xffffff7f832f5000 0x6000 0x6000 org.virtualbox.kext.VBoxNetAdp (5.1.14) EFBEE858-A3D7-3C61-86C0-F6AFDCA48229 <157 5 4 1>
  49.  
  50. ================================================================================
  51.  
  52. There are no unusual files in client2.tblk
  53.  
  54. ================================================================================
  55.  
  56. Configuration preferences:
  57.  
  58. useDNS = 1
  59. -resetPrimaryInterfaceAfterDisconnect = 1
  60. -routeAllTrafficThroughVpn = 1
  61. -useRouteUpInsteadOfUp = 1
  62. -useDownRootPlugin = 1
  63. -loggingLevel = 3
  64. -lastConnectionSucceeded = 1
  65. -prependDomainNameToSearchDomains = 0
  66.  
  67. ================================================================================
  68.  
  69. Wildcard preferences:
  70.  
  71.  
  72. ================================================================================
  73.  
  74. Program preferences:
  75.  
  76. launchAtNextLogin = 1
  77. notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
  78. tunnelblickVersionHistory = (
  79. "3.7.4b (build 4921)",
  80. "3.7.1b (build 4813)",
  81. "3.7.1a (build 4812)",
  82. "3.7.0 (build 4790)"
  83. )
  84. lastLaunchTime = 534796556.019696
  85. lastLanguageAtLaunchWasRTL = 0
  86. connectionWindowDisplayCriteria = showWhenConnecting
  87. maxLogDisplaySize = 102400
  88. lastConnectedDisplayName = client2
  89. keyboardShortcutIndex = 1
  90. updateCheckAutomatically = 1
  91. NSWindow Frame SettingsSheetWindow = 429 192 829 524 0 0 1280 777
  92. NSWindow Frame ConnectingWindow = 445 442 389 187 0 0 1280 777
  93. NSWindow Frame SUStatusFrame = 786 359 400 129 0 0 1280 777
  94. NSWindow Frame SUUpdateAlert = 330 288 620 392 0 0 1280 777
  95. detailsWindowFrameVersion = 4921
  96. detailsWindowFrame = {{316, 150}, {920, 468}}
  97. detailsWindowLeftFrame = {{0, 0}, {165, 350}}
  98. detailsWindowViewIndex = 0
  99. detailsWindowConfigurationsTabIdentifier = settings
  100. leftNavSelectedDisplayName = client2
  101. AdvancedWindowTabIdentifier = connectingAndDisconnecting
  102. haveDealtWithOldTunTapPreferences = 1
  103. haveDealtWithOldLoginItem = 1
  104. SUEnableAutomaticChecks = 1
  105. SUScheduledCheckInterval = 86400
  106. SUSendProfileInfo = 1
  107. SULastCheckTime = 2017-12-12 18:35:57 +0000
  108. SULastProfileSubmissionDate = 2017-12-11 22:34:33 +0000
  109. SUHasLaunchedBefore = 1
  110. WebKitDefaultFontSize = 16
  111. WebKitStandardFont = Times
  112. askedUserIfOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
  113. haveDealtWithSparkle1dot5b6 = 1
  114. updateSendProfileInfo = 1
  115.  
  116. ================================================================================
  117.  
  118. Tunnelblick Log:
  119.  
  120. *Tunnelblick: OS X 10.13.1; Tunnelblick 3.7.4b (build 4921); prior version 3.7.1b (build 4813)
  121. 2017-12-14 19:53:29 *Tunnelblick: Attempting connection with client2; Set nameserver = 771; monitoring connection
  122. 2017-12-14 19:53:29 *Tunnelblick: openvpnstart start client2.tblk 1337 771 0 3 0 1165104 -ptADGNWradsgnw 2.3.18-openssl-1.0.2n
  123. 2017-12-14 19:53:29 *Tunnelblick: openvpnstart starting OpenVPN
  124. 2017-12-14 19:53:30 *Tunnelblick: openvpnstart log:
  125. Warning: Tunnelblick is using 'openvpn-down-root.so', so the route-pre-down script will not be used. You can override this by providing a custom route-pre-down script (which may be a copy of Tunnelblick's standard route-pre-down script) in a Tunnelblick VPN Configuration. However, that script will not be executed as root unless the 'user' and 'group' options are removed from the OpenVPN configuration file. If the 'user' and 'group' options are removed, then you don't need to use a custom route-pre-down script.OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
  126.  
  127. /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.18-openssl-1.0.2n/openvpn
  128. --daemon
  129. --log
  130. /Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-Sclient2.tblk-SContents-SResources-Sconfig.ovpn.771_0_3_0_1165104.1337.openvpn.log
  131. --cd
  132. /Library/Application Support/Tunnelblick/Shared/client2.tblk/Contents/Resources
  133. --setenv
  134. IV_GUI_VER
  135. "net.tunnelblick.tunnelblick 4921 3.7.4b (build 4921)"
  136. --verb
  137. 3
  138. --config
  139. /Library/Application Support/Tunnelblick/Shared/client2.tblk/Contents/Resources/config.ovpn
  140. --verb
  141. 3
  142. --cd
  143. /Library/Application Support/Tunnelblick/Shared/client2.tblk/Contents/Resources
  144. --management
  145. 127.0.0.1
  146. 1337
  147. --management-query-passwords
  148. --management-hold
  149. --redirect-gateway
  150. def1
  151. --script-security
  152. 2
  153. --route-up
  154. /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -o -r -w -ptADGNWradsgnw
  155. --plugin
  156. /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.18-openssl-1.0.2n/openvpn-down-root.so
  157. /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -o -r -w -ptADGNWradsgnw
  158.  
  159. 2017-12-14 19:53:30 *Tunnelblick: Established communication with OpenVPN
  160. 2017-12-14 19:53:30 OpenVPN 2.3.18 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Dec 7 2017
  161. 2017-12-14 19:53:30 library versions: OpenSSL 1.0.2n 7 Dec 2017, LZO 2.10
  162. 2017-12-14 19:53:30 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
  163. 2017-12-14 19:53:30 Need hold release from management interface, waiting...
  164. 2017-12-14 19:53:30 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
  165. 2017-12-14 19:53:30 MANAGEMENT: CMD 'pid'
  166. 2017-12-14 19:53:30 MANAGEMENT: CMD 'state on'
  167. 2017-12-14 19:53:30 MANAGEMENT: CMD 'state'
  168. 2017-12-14 19:53:30 MANAGEMENT: CMD 'bytecount 1'
  169. 2017-12-14 19:53:30 MANAGEMENT: CMD 'hold release'
  170. 2017-12-14 19:53:30 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
  171. 2017-12-14 19:53:30 PLUGIN_INIT: POST /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.18-openssl-1.0.2n/openvpn-down-root.so '[/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.18-openssl-1.0.2n/openvpn-down-root.so] [/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh] [-9] [-d] [-f] [-m] [-o] [-r] [-w] [-ptADGNWradsgnw]' intercepted=PLUGIN_UP|PLUGIN_DOWN
  172. 2017-12-14 19:53:30 Control Channel Authentication: tls-auth using INLINE static key file
  173. 2017-12-14 19:53:30 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
  174. 2017-12-14 19:53:30 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
  175. 2017-12-14 19:53:30 Socket Buffers: R=[196724->196724] S=[9216->9216]
  176. 2017-12-14 19:53:30 MANAGEMENT: >STATE:1513277610,RESOLVE,,,
  177. 2017-12-14 19:53:31 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
  178. 2017-12-14 19:53:31 UDPv4 link local: [undef]
  179. 2017-12-14 19:53:31 UDPv4 link remote: [AF_INET]194.1.247.196:1194
  180. 2017-12-14 19:53:31 MANAGEMENT: >STATE:1513277611,WAIT,,,
  181. 2017-12-14 19:53:31 MANAGEMENT: >STATE:1513277611,AUTH,,,
  182. 2017-12-14 19:53:31 TLS: Initial packet from [AF_INET]194.1.247.196:1194, sid=861825ac d61cde41
  183. 2017-12-14 19:53:31 VERIFY OK: depth=1, C=SE, ST=SV, L=Stockholm, O=Fort-Pond, OU=Community, CN=Fort-Pond CA, name=server, emailAddress=jonas@harnesk.net
  184. 2017-12-14 19:53:31 Validating certificate key usage
  185. 2017-12-14 19:53:31 ++ Certificate has key usage 00a0, expects 00a0
  186. 2017-12-14 19:53:31 VERIFY KU OK
  187. 2017-12-14 19:53:31 Validating certificate extended key usage
  188. 2017-12-14 19:53:31 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
  189. 2017-12-14 19:53:31 VERIFY EKU OK
  190. 2017-12-14 19:53:31 VERIFY OK: depth=0, C=SE, ST=SV, L=Stockholm, O=Fort-Pond, OU=Community, CN=server, name=server, emailAddress=jonas@harnesk.net
  191. 2017-12-14 19:53:31 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
  192. 2017-12-14 19:53:31 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
  193. 2017-12-14 19:53:31 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
  194. 2017-12-14 19:53:31 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
  195. 2017-12-14 19:53:31 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
  196. 2017-12-14 19:53:31 [server] Peer Connection Initiated with [AF_INET]194.1.247.196:1194
  197. 2017-12-14 19:53:32 MANAGEMENT: >STATE:1513277612,GET_CONFIG,,,
  198. 2017-12-14 19:53:33 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
  199. 2017-12-14 19:53:33 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 8.8.4.4,dhcp-option DNS 8.8.8.8,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
  200. 2017-12-14 19:53:33 OPTIONS IMPORT: timers and/or timeouts modified
  201. 2017-12-14 19:53:33 OPTIONS IMPORT: --ifconfig/up options modified
  202. 2017-12-14 19:53:33 OPTIONS IMPORT: route options modified
  203. 2017-12-14 19:53:33 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
  204. 2017-12-14 19:53:33 Opening utun (connect(AF_SYS_CONTROL)): Resource busy
  205. 2017-12-14 19:53:33 Opened utun device utun1
  206. 2017-12-14 19:53:33 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
  207. 2017-12-14 19:53:33 MANAGEMENT: >STATE:1513277613,ASSIGN_IP,,10.8.0.6,
  208. 2017-12-14 19:53:33 /sbin/ifconfig utun1 delete
  209. ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
  210. 2017-12-14 19:53:34 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
  211. 2017-12-14 19:53:34 /sbin/ifconfig utun1 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up
  212. 2017-12-14 19:53:34 PLUGIN_CALL: POST /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.18-openssl-1.0.2n/openvpn-down-root.so/PLUGIN_UP status=0
  213. 2017-12-14 19:53:34 /sbin/route add -net 194.1.247.196 192.168.10.1 255.255.255.255
  214. route: writing to routing socket: File exists
  215. add net 194.1.247.196: gateway 192.168.10.1: File exists
  216. 2017-12-14 19:53:34 /sbin/route add -net 0.0.0.0 10.8.0.5 128.0.0.0
  217. add net 0.0.0.0: gateway 10.8.0.5
  218. 2017-12-14 19:53:34 /sbin/route add -net 128.0.0.0 10.8.0.5 128.0.0.0
  219. add net 128.0.0.0: gateway 10.8.0.5
  220. 2017-12-14 19:53:34 MANAGEMENT: >STATE:1513277614,ADD_ROUTES,,,
  221. 2017-12-14 19:53:34 /sbin/route add -net 10.8.0.1 10.8.0.5 255.255.255.255
  222. add net 10.8.0.1: gateway 10.8.0.5
  223. **********************************************
  224. Start of output from client.up.tunnelblick.sh
  225. Disabled IPv6 for 'Ethernet'
  226. Disabled IPv6 for 'FireWire'
  227. Disabled IPv6 for 'Wi-Fi'
  228. Disabled IPv6 for 'iPhone USB'
  229. Disabled IPv6 for 'Bluetooth PAN'
  230. Retrieved from OpenVPN: name server(s) [ 8.8.4.4 8.8.8.8 ], search domain(s) [ ] and SMB server(s) [ ] and using default domain name [ openvpn ]
  231. Not aggregating ServerAddresses because running on OS X 10.6 or higher
  232. Setting search domains to 'openvpn' because running under OS X 10.6 or higher and the search domains were not set manually (or are allowed to be changed) and 'Prepend domain name to search domains' was not selected
  233. Saved the DNS and SMB configurations so they can be restored
  234. Changed DNS ServerAddresses setting from '192.168.10.1' to '8.8.4.4 8.8.8.8'
  235. Changed DNS SearchDomains setting from '' to 'openvpn'
  236. Changed DNS DomainName setting from 'lan' to 'openvpn'
  237. Did not change SMB NetBIOSName setting of ''
  238. Did not change SMB Workgroup setting of 'pondlife'
  239. Did not change SMB WINSAddresses setting of ''
  240. DNS servers '8.8.4.4 8.8.8.8' will be used for DNS queries when the VPN is active
  241. The DNS servers include only free public DNS servers known to Tunnelblick.
  242. Flushed the DNS cache via dscacheutil
  243. /usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
  244. Notified mDNSResponder that the DNS cache was flushed
  245. Setting up to monitor system configuration with process-network-changes
  246. End of output from client.up.tunnelblick.sh
  247. **********************************************
  248. 2017-12-14 19:53:40 GID set to nogroup
  249. 2017-12-14 19:53:40 UID set to nobody
  250. 2017-12-14 19:53:40 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
  251. 2017-12-14 19:53:40 Initialization Sequence Completed
  252. 2017-12-14 19:53:40 MANAGEMENT: >STATE:1513277620,CONNECTED,SUCCESS,10.8.0.6,194.1.247.196
  253. 2017-12-14 19:53:41 *Tunnelblick: No 'connected.sh' script to execute
  254. 2017-12-14 19:53:45 *Tunnelblick process-network-changes: A system configuration change was ignored
  255. 2017-12-14 19:54:21 *Tunnelblick: After 30.0 seconds, gave up trying to fetch IP address information using the ipInfo host's name after connecting.
  256. 2017-12-14 19:54:21 *Tunnelblick: fetched IP address information using the ipInfo host's IP address after connecting.
  257. 2017-12-14 19:54:31 *Tunnelblick: Disconnecting; notification window disconnect button pressed
  258. 2017-12-14 19:54:31 *Tunnelblick: No 'pre-disconnect.sh' script to execute
  259. 2017-12-14 19:54:31 *Tunnelblick: Disconnecting using 'kill'
  260. 2017-12-14 19:54:31 event_wait : Interrupted system call (code=4)
  261. 2017-12-14 19:54:31 /sbin/route delete -net 10.8.0.1 10.8.0.5 255.255.255.255
  262. route: must be root to alter routing table
  263. 2017-12-14 19:54:31 ERROR: OS X route delete command failed: external program exited with error status: 77
  264. 2017-12-14 19:54:31 /sbin/route delete -net 194.1.247.196 192.168.10.1 255.255.255.255
  265. route: must be root to alter routing table
  266. 2017-12-14 19:54:31 ERROR: OS X route delete command failed: external program exited with error status: 77
  267. 2017-12-14 19:54:31 /sbin/route delete -net 0.0.0.0 10.8.0.5 128.0.0.0
  268. route: must be root to alter routing table
  269. 2017-12-14 19:54:31 ERROR: OS X route delete command failed: external program exited with error status: 77
  270. 2017-12-14 19:54:31 /sbin/route delete -net 128.0.0.0 10.8.0.5 128.0.0.0
  271. route: must be root to alter routing table
  272. 2017-12-14 19:54:31 ERROR: OS X route delete command failed: external program exited with error status: 77
  273. 2017-12-14 19:54:31 Closing TUN/TAP interface
  274. 2017-12-14 19:54:36 PLUGIN_CALL: POST /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.18-openssl-1.0.2n/openvpn-down-root.so/PLUGIN_DOWN status=0
  275. 2017-12-14 19:54:36 PLUGIN_CLOSE: /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.18-openssl-1.0.2n/openvpn-down-root.so
  276. 2017-12-14 19:54:36 SIGTERM[hard,] received, process exiting
  277. 2017-12-14 19:54:36 MANAGEMENT: >STATE:1513277676,EXITING,SIGTERM,,
  278. 2017-12-14 19:54:37 *Tunnelblick: No 'post-disconnect.sh' script to execute
  279. 2017-12-14 19:54:37 *Tunnelblick: Expected disconnection occurred.
  280.  
  281. ================================================================================
  282.  
  283. "Sanitized" full configuration file
  284.  
  285. ##############################################
  286. # Sample client-side OpenVPN 2.0 config file #
  287. # for connecting to multi-client server. #
  288. # #
  289. # This configuration can be used by multiple #
  290. # clients, however each client should have #
  291. # its own cert and key files. #
  292. # #
  293. # On Windows, you might want to rename this #
  294. # file so it has a .ovpn extension #
  295. ##############################################
  296.  
  297. # Specify that we are a client and that we
  298. # will be pulling certain config file directives
  299. # from the server.
  300. client
  301.  
  302. # Use the same setting as you are using on
  303. # the server.
  304. # On most systems, the VPN will not function
  305. # unless you partially or fully disable
  306. # the firewall for the TUN/TAP interface.
  307. ;dev tap
  308. dev tun
  309.  
  310. # Windows needs the TAP-Win32 adapter name
  311. # from the Network Connections panel
  312. # if you have more than one. On XP SP2,
  313. # you may need to disable the firewall
  314. # for the TAP adapter.
  315. ;dev-node MyTap
  316.  
  317. # Are we connecting to a TCP or
  318. # UDP server? Use the same setting as
  319. # on the server.
  320. ;proto tcp
  321. proto udp
  322.  
  323. # The hostname/IP and port of the server.
  324. # You can have multiple remote entries
  325. # to load balance between the servers.
  326. remote www.harnesk.net 1194
  327. ;remote my-server-2 1194
  328.  
  329. # Choose a random host from the remote
  330. # list for load-balancing. Otherwise
  331. # try hosts in the order specified.
  332. ;remote-random
  333.  
  334. # Keep trying indefinitely to resolve the
  335. # host name of the OpenVPN server. Very useful
  336. # on machines which are not permanently connected
  337. # to the internet such as laptops.
  338. resolv-retry infinite
  339.  
  340. # Most clients don't need to bind to
  341. # a specific local port number.
  342. nobind
  343.  
  344. # Downgrade privileges after initialization (non-Windows only)
  345. user nobody
  346. group nogroup
  347.  
  348. # Try to preserve some state across restarts.
  349. persist-key
  350. persist-tun
  351.  
  352. # If you are connecting through an
  353. # HTTP proxy to reach the actual OpenVPN
  354. # server, put the proxy server/IP and
  355. # port number here. See the man page
  356. # if your proxy server requires
  357. # authentication.
  358. ;http-proxy-retry # retry on connection failures
  359. ;http-proxy [proxy server] [proxy port #]
  360.  
  361. # Wireless networks often produce a lot
  362. # of duplicate packets. Set this flag
  363. # to silence duplicate packet warnings.
  364. ;mute-replay-warnings
  365.  
  366. # SSL/TLS parms.
  367. # See the server config file for more
  368. # description. It's best to use
  369. # a separate .crt/.key file pair
  370. # for each client. A single ca
  371. # file can be used for all clients.
  372. #ca ca.crt
  373. #cert client.crt
  374. #key client.key
  375.  
  376. # Verify server certificate by checking that the
  377. # certicate has the correct key usage set.
  378. # This is an important precaution to protect against
  379. # a potential attack discussed here:
  380. # http://openvpn.net/howto.html#mitm
  381. #
  382. # To use this feature, you will need to generate
  383. # your server certificates with the keyUsage set to
  384. # digitalSignature, keyEncipherment
  385. # and the extendedKeyUsage to
  386. # serverAuth
  387. # EasyRSA can do this for you.
  388. remote-cert-tls server
  389.  
  390. # If a tls-auth key is used on the server
  391. # then every client must also have the key.
  392. ;tls-auth ta.key 1
  393.  
  394. # Select a cryptographic cipher.
  395. # If the cipher option is used on the server
  396. # then you must also specify it here.
  397. cipher AES-128-CBC
  398. # Added this myself since i am note sure of need of tls or not
  399. auth SHA256
  400.  
  401. # Enable compression on the VPN link.
  402. # Don't enable this unless it is also
  403. # enabled in the server config file.
  404. comp-lzo
  405.  
  406. # Set log file verbosity.
  407. verb 3
  408.  
  409. # Silence repeating messages
  410. ;mute 20
  411.  
  412. key-direction 1
  413.  
  414. <ca>
  415. [Security-related line(s) omitted]
  416. </ca>
  417. <cert>
  418. [Security-related line(s) omitted]
  419. </cert>
  420. <key>
  421. [Security-related line(s) omitted]
  422. </key>
  423. <tls-auth>
  424. [Security-related line(s) omitted]
  425. </tls-auth>
  426.  
  427.  
  428.  
  429. ================================================================================
  430.  
  431. ifconfig output:
  432.  
  433. lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
  434. options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
  435. inet 127.0.0.1 netmask 0xff000000
  436. inet6 ::1 prefixlen 128
  437. inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
  438. inet 127.51.68.120 netmask 0xff000000
  439. nd6 options=201<PERFORMNUD,DAD>
  440. gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
  441. stf0: flags=0<> mtu 1280
  442. OHC4: flags=0<> mtu 0
  443. OHC6: flags=0<> mtu 0
  444. EHC36: flags=0<> mtu 0
  445. EHC38: flags=0<> mtu 0
  446. en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
  447. options=b<RXCSUM,TXCSUM,VLAN_HWTAGGING>
  448. ether c8:bc:c8:91:36:3c
  449. nd6 options=201<PERFORMNUD,DAD>
  450. media: autoselect (none)
  451. status: inactive
  452. en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
  453. ether 78:ca:39:bb:3e:b1
  454. inet6 fe80::14bc:9369:709c:c9e1%en1 prefixlen 64 secured scopeid 0x9
  455. inet 192.168.10.235 netmask 0xffffff00 broadcast 192.168.10.255
  456. nd6 options=201<PERFORMNUD,DAD>
  457. media: autoselect
  458. status: active
  459. p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
  460. ether 0a:ca:39:bb:3e:b1
  461. media: autoselect
  462. status: inactive
  463. fw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 4078
  464. lladdr 78:ca:39:ff:fe:28:67:d4
  465. nd6 options=201<PERFORMNUD,DAD>
  466. media: autoselect <full-duplex>
  467. status: inactive
  468. utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
  469. options=6403<RXCSUM,TXCSUM,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
  470. inet6 fe80::f310:ed0a:29c1:2113%utun0 prefixlen 64 scopeid 0xc
  471. nd6 options=201<PERFORMNUD,DAD>
  472.  
  473. ================================================================================
  474.  
  475. Console Log:
  476.  
  477. 2017-12-14 18:59:47 ksinstall[14927] 2017-12-14 18:59:47.431 ksinstall[14927/0xa9a9a1c0] [lvl=2] -[KeystoneInstallTool main] Google Software Update installer started.
  478. 2017-12-14 18:59:47 ksinstall[14927] 2017-12-14 18:59:47.454 ksinstall[14927/0xa9a9a1c0] [lvl=2] -[KeystoneInstallTool main] Google Software Update installer starting Installation.
  479. 2017-12-14 18:59:54 ksinstall[14927] 2017-12-14 18:59:54.288 ksinstall[14927/0xa9a9a1c0] [lvl=2] -[KeystoneInstallTool main] Google Software Update installer ran successfully.
  480. 2017-12-14 19:02:54 ksinstall[14978] 2017-12-14 19:02:54.587 ksinstall[14978/0xa9a9a1c0] [lvl=2] -[KeystoneInstallTool main] Google Software Update installer started.
  481. 2017-12-14 19:02:54 ksinstall[14978] 2017-12-14 19:02:54.597 ksinstall[14978/0xa9a9a1c0] [lvl=2] -[KeystoneInstallTool main] Google Software Update installer starting Installation.
  482. 2017-12-14 19:03:00 ksinstall[14978] 2017-12-14 19:03:00.553 ksinstall[14978/0xa9a9a1c0] [lvl=2] -[KeystoneInstallTool main] Google Software Update installer ran successfully.
  483. 2017-12-14 19:05:04 ksinstall[15043] 2017-12-14 19:05:04.215 ksinstall[15043/0xa9a9a1c0] [lvl=2] -[KeystoneInstallTool main] Google Software Update installer started.
  484. 2017-12-14 19:05:04 ksinstall[15043] 2017-12-14 19:05:04.236 ksinstall[15043/0xa9a9a1c0] [lvl=2] -[KeystoneInstallTool main] Google Software Update installer starting Installation.
  485. 2017-12-14 19:05:07 ksinstall[15043] 2017-12-14 19:05:07.722 ksinstall[15043/0xa9a9a1c0] [lvl=2] -[KeystoneInstallTool main] Google Software Update installer ran successfully.
  486. 2017-12-14 19:54:21 Tunnelblick[3834] currentIPInfo(Name): IP address info could not be fetched within 35.1 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={NSUnderlyingError=0x6040006429d0 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out." UserInfo={NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4, NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorDomainKey=4, _kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed out.}'; the response was '(null)'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!