So it seems I may be missing some needed entries yet on the pfSense (server) side? I made the OVPN config on pfSense via the wizard.Older versions of Tunnelblick did not detect this situation, which is why you probably did not see this error message earlier. 13:05:26.193775 *Tunnelblick: This computer's apparent public IP address (71.) was unchanged after the connection was made 13:05:21.018824 *Tunnelblick: Warning: DNS server address 192.168.100.1 is not a public IP address and is not being routed through the VPN. Recvpipe sendpipe ssthresh rtt,msec rttvar hopcount mtu expire 13:05:19.792773 Initialization Sequence Completed
Not flushing the DNS cache via discoveryutilġ3:05:19 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushedġ3:05:19 *Tunnelblick: Notified mDNSResponderHelper that the DNS cache was flushedġ3:05:19 *Tunnelblick: End of output from client.up.tunnelblick.shġ3:05:19 *Tunnelblick: ********************************************** Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.ġ3:05:19 *Tunnelblick: Flushed the DNS cache via dscacheutilġ3:05:19 *Tunnelblick: /usr/sbin/discoveryutil not present. This may cause DNS queries to fail or be intercepted or falsified even if they are directed through the VPN.
The end of the Tunnelblick log has: 13:05:17 *Tunnelblick: Start of output from client.up.tunnelblick.shġ3:05:19 *Tunnelblick: NOTE: No network configuration changes need to be made.ġ3:05:19 *Tunnelblick: WARNING: Will NOT monitor for other network configuration changes.ġ3:05:19 *Tunnelblick: WARNING: Will NOT disable IPv6 settings.ġ3:05:19 *Tunnelblick: DNS servers '192.168.100.1' will be used for DNS queries when the VPN is activeġ3:05:19 *Tunnelblick: NOTE: The DNS servers do not include any free public DNS servers known to Tunnelblick. Now I do get connected, but I do not have a route to the remote LAN, just one for the VPN network itself (local LAN is 192.168.100.0/24, OVPN network is 192.168.5.0/24, and remote LAN is 192.168.10.0/24): mymac:~ me$ netstat -nr -f inet | grep -v -e I -e "/32" I upgraded Tunnelblick to 3.8.5beta01 (build 5610), which has OpenVPN 2.5 (also had to set "OpenVPN version" drop in Settings to "Latest", which is OpenVPN 2.5.0 w/ OpenSSL 1.1.1h)Īlso edited my client config, it is now: dev tunĭata-ciphers AES-128-CBC:AES-192-CBC:AES-192-CFB:AES-192-OFB:AES-256-CBC:AES-256-CFB:AES-256-OFB
0 kommentar(er)
