×

Introducing the Orbi 970 Series Mesh System with WiFi 7(BE) technology. For more information visit the NETGEAR Press Room.

Start a New Discussion

Start a New Discussion

Orbi WiFi 7 RBE973
Reply

Tunnelblick VPN Client on a Mac does not change the public IP

bardaravine
Aspirant
Aspirant
‎2017-09-30 03:44 PM
‎2017-09-30 03:44 PM

Tunnelblick VPN Client on a Mac does not change the public IP

Public IP address not changing when I log into the VPN. I would like to browse the internet from this VPN, but tunnelblick client isn't routing all my internet traffic through my house. Running Mac OS X 10.12.6. Log file from Tunnelblick below. 

 

What am I doing wrong??

 

 

Tunnelblick: OS X 10.12.6; Tunnelblick 3.7.3beta03 (build 4870); prior version 3.7.2a (build 4851)

2017-09-30 18:21:53 *Tunnelblick: Attempting connection with client2; Set nameserver = 769; monitoring connection

2017-09-30 18:21:53 *Tunnelblick: openvpnstart start client2.tblk 1337 769 0 3 0 1065330 -ptADGNWradsgnw 2.3.18-openssl-1.0.2l

2017-09-30 18:21:53 *Tunnelblick: openvpnstart log:

     Loading tap-signed.kext

     OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):

     

          /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.18-openssl-1.0.2l/openvpn

          --daemon

          --log

          /Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-Sclient2.tblk-SContents-SResources-Sconfig.ovpn.769_0_3_0_1065330.1337.openvpn.log

          --cd

          /Library/Application Support/Tunnelblick/Shared/client2.tblk/Contents/Resources

          --setenv

          IV_GUI_VER

          "net.tunnelblick.tunnelblick 4870 3.7.3beta03 (build 4870)"

          --verb

          3

          --config

          /Library/Application Support/Tunnelblick/Shared/client2.tblk/Contents/Resources/config.ovpn

          --verb

          3

          --cd

          /Library/Application Support/Tunnelblick/Shared/client2.tblk/Contents/Resources

          --management

          127.0.0.1

          1337

          --management-query-passwords

          --management-hold

          --script-security

          2

          --up

          /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw

          --down

          /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw

          --route-pre-down

          /Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw

 

2017-09-30 18:21:53 *Tunnelblick: Established communication with OpenVPN

2017-09-30 18:21:53 OpenVPN 2.3.18 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Sep 26 2017

2017-09-30 18:21:53 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10

2017-09-30 18:21:53 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337

2017-09-30 18:21:53 Need hold release from management interface, waiting...

2017-09-30 18:21:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337

2017-09-30 18:21:53 MANAGEMENT: CMD 'pid'

2017-09-30 18:21:53 MANAGEMENT: CMD 'state on'

2017-09-30 18:21:53 MANAGEMENT: CMD 'state'

2017-09-30 18:21:53 MANAGEMENT: CMD 'bytecount 1'

2017-09-30 18:21:53 MANAGEMENT: CMD 'hold release'

2017-09-30 18:21:53 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.

2017-09-30 18:21:53 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2017-09-30 18:21:53 Socket Buffers: R=[196724->196724] S=[9216->9216]

2017-09-30 18:21:53 MANAGEMENT: >STATE:1506810113,RESOLVE,,,

2017-09-30 18:21:53 UDPv4 link local: [undef]

2017-09-30 18:21:53 UDPv4 link remote: [AF_INET]24.126.34.98:12974

2017-09-30 18:21:53 MANAGEMENT: >STATE:1506810113,WAIT,,,

2017-09-30 18:21:53 MANAGEMENT: >STATE:1506810113,AUTH,,,

2017-09-30 18:21:53 TLS: Initial packet from [AF_INET]24.126.34.98:12974, sid=0f8b24aa 1b1e4076

2017-09-30 18:21:53 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear, emailAddress=mail@netgear.com

2017-09-30 18:21:53 VERIFY OK: depth=0, C=TW, ST=TW, O=netgear, OU=netgear, CN=netgear, emailAddress=mail@netgear.com

2017-09-30 18:21:53 *Tunnelblick: openvpnstart starting OpenVPN

2017-09-30 18:21:54 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key

2017-09-30 18:21:54 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

2017-09-30 18:21:54 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key

2017-09-30 18:21:54 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

2017-09-30 18:21:54 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA

2017-09-30 18:21:54 [netgear] Peer Connection Initiated with [AF_INET]24.126.34.98:12974

2017-09-30 18:21:55 MANAGEMENT: >STATE:1506810115,GET_CONFIG,,,

2017-09-30 18:21:56 SENT CONTROL [netgear]: 'PUSH_REQUEST' (status=1)

2017-09-30 18:22:01 SENT CONTROL [netgear]: 'PUSH_REQUEST' (status=1)

2017-09-30 18:22:06 SENT CONTROL [netgear]: 'PUSH_REQUEST' (status=1)

2017-09-30 18:22:07 PUSH: Received control message: 'PUSH_REPLY,route 192.168.1.1 255.255.255.0 192.168.1.1,route-gateway dhcp,ping 10,ping-restart 120'

2017-09-30 18:22:07 OPTIONS IMPORT: timers and/or timeouts modified

2017-09-30 18:22:07 OPTIONS IMPORT: route options modified

2017-09-30 18:22:07 OPTIONS IMPORT: route-related options modified

2017-09-30 18:22:07 TUN/TAP device /dev/tap0 opened

2017-09-30 18:22:07 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw tap0 1500 1590   init

                                        **********************************************

                                        Start of output from client.up.tunnelblick.sh

                                        Did 'ipconfig set "tap0" DHCP'

                                        Configuring tap DNS via DHCP asynchronously

                                        End of output from client.up.tunnelblick.sh

                                        **********************************************

2017-09-30 18:22:09 MANAGEMENT: >STATE:1506810129,ADD_ROUTES,,,

2017-09-30 18:22:09 /sbin/route add -net 192.168.1.1 192.168.1.1 255.255.255.0

                                        route: writing to routing socket: Can't assign requested address

                                        add net 192.168.1.1: gateway 192.168.1.1: Can't assign requested address

2017-09-30 18:22:09 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this

2017-09-30 18:22:09 Initialization Sequence Completed

2017-09-30 18:22:09 MANAGEMENT: >STATE:1506810129,CONNECTED,SUCCESS,,24.126.34.98

2017-09-30 18:22:09 *Tunnelblick: No 'connected.sh' script to execute

2017-09-30 18:22:10 Extracted DHCP router address: 192.168.1.1

                                        Sleeping for 0 seconds to wait for DHCP to finish setup.

                                        Sleeping for 1 seconds to wait for DHCP to finish setup.

                                        Retrieved from DHCP/BOOTP packet: name server(s) [ 192.168.1.1 ], search domain(s) [  ] and SMB server(s) [  ] and using default domain name [ openvpn ]

                                        Not aggregating ServerAddresses because running on OS X 10.6 or higher

                                        Setting search domains to 'openvpn' because running under OS X 10.6 or higher and the search domains were not set manually (or are allowed to be changed) and 'Prepend domain name to search domains' was not selected

                                        Saved the DNS and SMB configurations so they can be restored

                                        Changed DNS ServerAddresses setting from '192.168.0.1' to '192.168.1.1'

                                        Changed DNS SearchDomains setting from '' to 'openvpn'

                                        Changed DNS DomainName setting from 'hsd1.dc.comcast.net.' to 'openvpn'

                                        Did not change SMB NetBIOSName setting of ''

                                        Did not change SMB Workgroup setting of ''

                                        Did not change SMB WINSAddresses setting of ''

                                        DNS servers '192.168.1.1' will be used for DNS queries when the VPN is active

                                        NOTE: The DNS servers do not include any free public DNS servers known to Tunnelblick. This may cause DNS queries to fail or be intercepted or falsified even if they are directed through the VPN. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.

                                        Flushed the DNS cache via dscacheutil

                                        /usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil

                                        Notified mDNSResponder that the DNS cache was flushed

                                        Setting up to monitor system configuration with process-network-changes

2017-09-30 18:22:14 *Tunnelblick: This computer's apparent public IP address (73.200.235.104) was unchanged after the connection was made

2017-09-30 18:22:19 *Tunnelblick process-network-changes: A system configuration change was ignored

Model: R6400|AC1750 Smart WiFi Router
Message 1 of 8
0 Kudos
Reply
DexterJB
NETGEAR Moderator
NETGEAR Moderator
‎2017-10-04 12:13 PM
‎2017-10-04 12:13 PM

Re: Tunnelblick VPN Client on a Mac does not change the public IP

Hi @bardaravine,

 

1. What is the firmware version of your router?

2. What version of Tunnelblick do you have installed?

3. Do you have the option set to "All sites on the Internet & Home Network", "Home Network only", or "Auto"?

 

Regards,

 

Dexter

Community Team

Message 2 of 8
0 Kudos
Reply
DexterJB
NETGEAR Moderator
NETGEAR Moderator
‎2017-10-10 05:39 PM
‎2017-10-10 05:39 PM

Re: Tunnelblick VPN Client on a Mac does not change the public IP

Hi @bardaravine,

 

I would like to follow up and check if you are still experiencing the issue.

 

Regards,

 

Dexter
Community Team

Message 3 of 8
0 Kudos
Reply
bardaravine
Aspirant
Aspirant
‎2017-10-10 05:45 PM
‎2017-10-10 05:45 PM

Re: Tunnelblick VPN Client on a Mac does not change the public IP

I've since returned the router and exchanged it for an Asus. Current router is working like a champ. Who knows what I did wrong. 

 

Thanks for reaching out.

Message 4 of 8
0 Kudos
Reply
RThomas1975
Aspirant
Aspirant
‎2018-01-26 02:19 PM
‎2018-01-26 02:19 PM

Re: Tunnelblick VPN Client on a Mac does not change the public IP

I am having exactly the same problem. Seems to connect but will not grab the host IP.  And yes, I did select "All sites on the Internet & Home Network."

Message 5 of 8
0 Kudos
Reply
DexterJB
NETGEAR Moderator
NETGEAR Moderator
‎2018-02-18 05:59 PM
‎2018-02-18 05:59 PM

Re: Tunnelblick VPN Client on a Mac does not change the public IP

Hi @RThomas1975,

 

1. What is the model number and firmware version of your router?

2. Does the Internet work when you are connected?

3. What version of Tunnelblick are you using?

4. Does the issue persist when using another device (PC or Mac, iOS and Android if supported)?

 

Regards,

 

Dexter

Community Team

Message 6 of 8
0 Kudos
Reply
RThomas1975
Aspirant
Aspirant
‎2018-02-18 06:08 PM
‎2018-02-18 06:08 PM

Re: Tunnelblick VPN Client on a Mac does not change the public IP

1. What is the model number and firmware version of your router? RBR50, Firmware V2.1.2.18

2. Does the Internet work when you are connected? Yes

3. What version of Tunnelblick are you using? 3.7.4b (build 4921)

4. Does the issue persist when using another device (PC or Mac, iOS and Android if supported)? Works fine on iOS... the problem is on the Mac.

Message 7 of 8
0 Kudos
Reply
DJ_Cool
Initiate
Initiate
‎2018-06-03 07:47 AM
‎2018-06-03 07:47 AM

Re: Tunnelblick VPN Client on a Mac does not change the public IP

I have had this and was able to fix it by changing from a tun to tap connection.

  • To do this, in Tunnelblick go to VPN Details, Edit OpenVPN configuration file. It's found in the bottom left corner after hitting the gear icon. 
  • Change your line "dev tun" to "dev tap" and make sure you update the port as your VPN server (the router) likely uses a different port for tap vs. tun. This will change your IP but in my experience doesn't let me network with the other computers on the network so I have 2 configurations, one if I want to connect to the local network computers and leave my IP alone (tun) and one if I want to route all my browsing through home network but not connect to local machines (tap).
Message 8 of 8
Reply
Top Contributors
See All
Discussion stats
  • 7 replies
  • ‎2017-09-30 03:44 PM
  • 24231 views
  • 1 kudo
  • 4 in conversation
Announcements

Orbi WiFi 7