Mac client doesn't work

[mikes49]

I hope this is the correct forum for this question, but I've always had a lot of problems with the Mac GUI client, and now it's stopped working all together.

Here's what I've done so far:

Updated the certificate(s);
Uninstalled the app;
Reinstalled;

Here's what it continues to do:

Trying fully routed or proxy to any site, it connects, but I'm unable to go anywhere.

Here are the latest logs:


SUCCESS: download 794 bytes update information to local.

Version Server:  1.2.1

Version Current:  1.2.1

Checking installed tap/tun driver...

Current MacVersion: 10.9

Update tap/tun driver permission...

Installing tap/tun driver...

Install tap/tun driver done.

Use port 44358 as management port

Thu Jan 23 18:53:53 2014 OpenVPN 2.3.2 x86_64-apple-darwin11.4.2 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Dec  9 2013

Thu Jan 23 18:53:53 2014 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Thu Jan 23 18:53:53 2014 WARNING: file '/Applications/BolehVPN.app/Contents/MacOS/cfg/OpenVPN/smike49.key' is group or others accessible

Thu Jan 23 18:53:53 2014 Deprecated TLS cipher name 'DHE-RSA-AES128-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-128-CBC-SHA'

Thu Jan 23 18:53:53 2014 WARNING: file '/Applications/BolehVPN.app/Contents/MacOS/cfg/OpenVPN/ta.key' is group or others accessible

Thu Jan 23 18:53:53 2014 Control Channel Authentication: using '/Applications/BolehVPN.app/Contents/MacOS/cfg/OpenVPN/ta.key' as a OpenVPN static key file

Thu Jan 23 18:53:53 2014 UDPv4 link local: [undef]

Thu Jan 23 18:53:53 2014 UDPv4 link remote: [AF_INET]192.99.13.226:443

Thu Jan 23 18:53:54 2014 [server] Peer Connection Initiated with [AF_INET]192.99.13.226:443

Thu Jan 23 18:53:56 2014 TUN/TAP device /dev/tun0 opened

Thu Jan 23 18:53:56 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Jan 23 18:53:56 2014 /sbin/ifconfig tun0 delete

ifconfig: ioctl (SIOCDIFADDR):

Can't assign requested address

Thu Jan 23 18:53:56 2014 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure

Thu Jan 23 18:53:56 2014 /sbin/ifconfig tun0 172.16.0.48 172.16.0.48 netmask 255.255.255.0 mtu 1500 up

add net 172.16.0.0: gateway 172.16.0.48

Thu Jan 23 18:53:56 2014 /Applications/BolehVPN.app/Contents/MacOS/up.sh tun0 1500 1558 172.16.0.48 255.255.255.0 init

Retrieved name server(s) [ 8.8.8.8 ] and SMB server(s) [ ] and using default domain name [ openvpn ]

DEBUG:

DEBUG: MAN_DNS_CONFIG = <dictionary> { ServerAddresses : <array> { 192.168.0.1 68.113.206.10 24.217.0.5 71.92.29.130 } }

DEBUG: MAN_SMB_CONFIG = <dictionary> { Workgroup : HOME }

DEBUG:

DEBUG: CUR_DNS_CONFIG = <dictionary> { ServerAddresses : <array> { 192.168.0.1 68.113.206.10 24.217.0.5 71.92.29.130 } }

DEBUG: CUR_SMB_CONFIG = <dictionary> { Workgroup : HOME }

DEBUG:

DEBUG:

DEBUG: DYN_DNS_DN = openvpn; DYN_DNS_SA = 8.8.8.8; DYN_DNS_SD =

DEBUG: DYN_SMB_NN = ; DYN_SMB_WG = ; DYN_SMB_WA =

DEBUG:

DEBUG: MAN_DNS_DN = ; MAN_DNS_SA = 192.168.0.1 68.113.206.10 24.217.0.5 71.92.29.130; MAN_DNS_SD =
DEBUG: MAN_SMB_NN = ; MAN_SMB_WG = HOME; MAN_SMB_WA =

DEBUG:

DEBUG: CUR_DNS_DN = ; CUR_DNS_SA = 192.168.0.1 68.113.206.10 24.217.0.5 71.92.29.130; CUR_DNS_SD =

DEBUG: CUR_SMB_NN = ; CUR_SMB_WG = HOME; CUR_SMB_WA =

ServerAddresses '8.8.8.8' ignored because ServerAddresses was set manually

Setting search domains to 'openvpn' because running under OS X 10.6 or higher and the search domains were not set manually and 'Prepend domain name to search domains' was not selected

DEBUG:

DEBUG: FIN_DNS_DN = openvpn; FIN_DNS_SA = 192.168.0.1 68.113.206.10 24.217.0.5 71.92.29.130; FIN_DNS_SD = openvpn

DEBUG: FIN_SMB_NN = ; FIN_SMB_WG = HOME; FIN_SMB_WA =

DEBUG: OS X 10.8 or higher, so will modify DNS settings using Setup: in addition to State:

DEBUG:

DEBUG: SKP_DNS = ; SKP_DNS_SA = ; SKP_DNS_SD = ; SKP_DNS_DN =

DEBUG: SKP_SETUP_DNS =

DEBUG: SKP_SMB = #; SKP_SMB_NN = #; SKP_SMB_WG = #; SKP_SMB_WA = #

DEBUG:

DEBUG: Configuration changes:

DEBUG: ADD State: ServerAddresses 192.168.0.1 68.113.206.10 24.217.0.5 71.92.29.130

DEBUG: ADD State: SearchDomains openvpn

DEBUG: ADD State: DomainName openvpn

DEBUG:

DEBUG: ADD Setup: ServerAddresses 192.168.0.1 68.113.206.10 24.217.0.5 71.92.29.130

DEBUG: ADD Setup: SearchDomains openvpn

DEBUG: ADD Setup: DomainName openvpn

DEBUG:

DEBUG: ##ADD State: NetBIOSName

DEBUG: ##ADD State: Workgroup HOME

DEBUG: ##ADD State: WINSAddresses

DEBUG:

DEBUG: Pause for configuration changes to be propagated to State:/Network/Global/DNS and .../SMB

DEBUG:

DEBUG: Configurations as read back after changes:

DEBUG: State:/.../DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 192.168.0.1 68.113.206.10 24.217.0.5 71.92.29.130 } }

DEBUG: State:/.../SMB = No such key

DEBUG:

DEBUG: Setup:/.../DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 192.168.0.1 68.113.206.10 24.217.0.5 71.92.29.130 } }

DEBUG: Setup:/.../SMB = <dictionary> { Workgroup : HOME }

DEBUG:

DEBUG: State:/Network/Global/DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 192.168.0.1 68.113.206.10 24.217.0.5 71.92.29.130 } }

DEBUG: State:/Network/Global/SMB = <dictionary> { Workgroup : HOME }

DEBUG:

DEBUG: Expected by process-network-changes:

DEBUG: State:/Network/OpenVPN/DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 192.168.0.1 68.113.206.10 24.217.0.5 71.92.29.130 } }

DEBUG: State:/Network/OpenVPN/SMB = <dictionary> { Workgroup : HOME }

Saved the DNS and SMB configurations for later use

route:

writing to routing socket: File exists
add net 192.99.13.226: gateway 192.168.0.1: File exists

add net 0.0.0.0: gateway 172.16.0.1

add net 128.0.0.0: gateway 172.16.0.1

Thu Jan 23 18:53:59 2014 Initialization Sequence Completed

[Chris]

Do you have any other VPN software installed? Is DNS Leak Protection enabled? When you connect to the server and lose internet, are you able to ping any websites?

Try disabling DNS Leak Protection in the Settings tab of the BolehVPN client. Then, manually specify DNS in all your network adapters , Google has a handy guide to doing so here. https://developers.google.com/speed/public-dns/docs/using

[mikes49]

Hi Chris, thanks for the suggestions. 

I manually added my DNS servers (the ones my cable company uses).

When I ping by dns name (i.e, www.whatever.com), I get no replies.  However, when I ping that same server by its IP address, I do get replies.  You may be onto something regarding the DNS settings!

(I don't see any option for DNS Leak Protection on in the Boleh VPN GUI. Did you mean BitTorrent?  I'm not using it at the moment, for what it's worth.)

I've always had problems with the Boleh VPN client for Mac.  Back when it kind-of worked, it would always disconnect me after about an hours use.  I would then have to type "sudo route add default 192.168.0.1" to get my regular internet connection back, and sometimes that wouldn't work either, and I'd have to reboot to fix things.  But this paragraph may not be relevant to the current problem...

What else do you think I should try?

Thanks again.

[Chris]

DNS Leak Protection settings should be in the BolehVPN client's Settings tab.

Check that and see. Did you specify DNS in ALL network adapters?

[mikes49]

Thanks Chris.  No luck yet;  yes, I specified the DNS server settings manually on each of the adaptors.  There's definitely no DNS leak protection on the Mac client (at least in v.1.2.1).

Was there anything in the log file that offers any clues?

Thanks in advance,

Mike

[Chris]

Could you post your latest logs from the FullyRouted servers? Are there any proxy settings enabled in your browser? Try the XCloakRouted servers as well, or even the TCP Routed servers

[mikes49]

Here are my latest logs.  (I'll try the XCloakRouted and TCP Routed next.  I've tried the Proxied ones, but no joy with those either):


SUCCESS: download 794 bytes update information to local.

Version Server:  1.2.1
Version Current:  1.2.1
Checking installed tap/tun driver...
Current MacVersion: 10.9
Update tap/tun driver permission...
Installing tap/tun driver...
Install tap/tun driver done.

Use port 44358 as management port

Sat Jan 25 16:18:48 2014 OpenVPN 2.3.2 x86_64-apple-darwin11.4.2 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Dec  9 2013

Sat Jan 25 16:18:48 2014 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Sat Jan 25 16:18:48 2014 WARNING: file '/Applications/BolehVPN.app/Contents/MacOS/cfg/OpenVPN/smike49.key' is group or others accessible

Sat Jan 25 16:18:48 2014 Deprecated TLS cipher name 'DHE-RSA-AES128-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-128-CBC-SHA'

Sat Jan 25 16:18:48 2014 WARNING: file '/Applications/BolehVPN.app/Contents/MacOS/cfg/OpenVPN/ta.key' is group or others accessible
Sat Jan 25 16:18:48 2014 Control Channel Authentication: using '/Applications/BolehVPN.app/Contents/MacOS/cfg/OpenVPN/ta.key' as a OpenVPN static key file

Sat Jan 25 16:18:48 2014 UDPv4 link local: [undef]

Sat Jan 25 16:18:48 2014 UDPv4 link remote: [AF_INET]178.73.195.200:443

Sat Jan 25 16:18:50 2014 [server] Peer Connection Initiated with [AF_INET]178.73.195.200:443

Sat Jan 25 16:18:53 2014 TUN/TAP device /dev/tun0 opened

Sat Jan 25 16:18:53 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sat Jan 25 16:18:53 2014 /sbin/ifconfig tun0 delete

ifconfig:

ioctl (SIOCDIFADDR): Can't assign requested address

Sat Jan 25 16:18:53 2014 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure

Sat Jan 25 16:18:53 2014 /sbin/ifconfig tun0 172.16.0.106 172.16.0.106 netmask 255.255.255.0 mtu 1500 up

add net 172.16.0.0: gateway 172.16.0.106

Sat Jan 25 16:18:53 2014 /Applications/BolehVPN.app/Contents/MacOS/up.sh tun0 1500 1558 172.16.0.106 255.255.255.0 init

Retrieved name server(s) [ 80.67.0.2 ] and SMB server(s) [ ] and using default domain name [ openvpn ]

DEBUG:
DEBUG: MAN_DNS_CONFIG = <dictionary> { ServerAddresses : <array> { 68.113.206.10 24.217.0.5 71.92.29.130 } }
DEBUG: MAN_SMB_CONFIG = <dictionary> { Workgroup : HOME }
DEBUG:
DEBUG: CUR_DNS_CONFIG = <dictionary> { ServerAddresses : <array> { 68.113.206.10 24.217.0.5 71.92.29.130 } }
DEBUG: CUR_SMB_CONFIG = <dictionary> { Workgroup : HOME }
DEBUG:
DEBUG:
DEBUG: DYN_DNS_DN = openvpn; DYN_DNS_SA = 80.67.0.2; DYN_DNS_SD =
DEBUG: DYN_SMB_NN = ; DYN_SMB_WG = ; DYN_SMB_WA =
DEBUG:
DEBUG: MAN_DNS_DN = ; MAN_DNS_SA = 68.113.206.10 24.217.0.5 71.92.29.130; MAN_DNS_SD =
DEBUG: MAN_SMB_NN = ; MAN_SMB_WG = HOME; MAN_SMB_WA =
DEBUG:
DEBUG: CUR_DNS_DN = ; CUR_DNS_SA = 68.113.206.10 24.217.0.5 71.92.29.130; CUR_DNS_SD =
DEBUG: CUR_SMB_NN = ; CUR_SMB_WG = HOME; CUR_SMB_WA =

ServerAddresses '80.67.0.2' ignored because ServerAddresses was set manually

Setting search domains to 'openvpn' because running under OS X 10.6 or higher and the search domains were not set manually and 'Prepend domain name to search domains' was not selected

DEBUG:
DEBUG: FIN_DNS_DN = openvpn; FIN_DNS_SA = 68.113.206.10 24.217.0.5 71.92.29.130; FIN_DNS_SD = openvpn
DEBUG: FIN_SMB_NN = ; FIN_SMB_WG = HOME; FIN_SMB_WA =
DEBUG: OS X 10.8 or higher, so will modify DNS settings using Setup: in addition to State:

DEBUG:
DEBUG: SKP_DNS = ; SKP_DNS_SA = ; SKP_DNS_SD = ; SKP_DNS_DN =
DEBUG: SKP_SETUP_DNS =
DEBUG: SKP_SMB = #; SKP_SMB_NN = #; SKP_SMB_WG = #; SKP_SMB_WA = #
DEBUG:
DEBUG: Configuration changes:
DEBUG: ADD State: ServerAddresses 68.113.206.10 24.217.0.5 71.92.29.130
DEBUG: ADD State: SearchDomains openvpn
DEBUG: ADD State: DomainName openvpn
DEBUG:
DEBUG: ADD Setup: ServerAddresses 68.113.206.10 24.217.0.5 71.92.29.130
DEBUG: ADD Setup: SearchDomains openvpn
DEBUG: ADD Setup: DomainName openvpn
DEBUG:
DEBUG: ##ADD State: NetBIOSName
DEBUG: ##ADD State: Workgroup HOME
DEBUG: ##ADD State: WINSAddresses
DEBUG:
DEBUG: Pause for configuration changes to be propagated to State:/Network/Global/DNS and .../SMB
DEBUG:
DEBUG: Configurations as read back after changes:
DEBUG: State:/.../DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 68.113.206.10 24.217.0.5 71.92.29.130 } }
DEBUG: State:/.../SMB = No such key
DEBUG:
DEBUG: Setup:/.../DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 68.113.206.10 24.217.0.5 71.92.29.130 } }
DEBUG: Setup:/.../SMB = <dictionary> { Workgroup : HOME }
DEBUG:
DEBUG: State:/Network/Global/DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 68.113.206.10 24.217.0.5 71.92.29.130 } }
DEBUG: State:/Network/Global/SMB = <dictionary> { Workgroup : HOME }
DEBUG:
DEBUG: Expected by process-network-changes:
DEBUG: State:/Network/OpenVPN/DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn }

ServerAddresses : <array> { 68.113.206.10 24.217.0.5 71.92.29.130 } }

DEBUG: State:/Network/OpenVPN/SMB = <dictionary> { Workgroup : HOME }

Saved the DNS and SMB configurations for later use

add net 178.73.195.200: gateway 192.168.0.1
add net 0.0.0.0: gateway 172.16.0.1
add net 128.0.0.0: gateway 172.16.0.1

Sat Jan 25 16:18:56 2014 Initialization Sequence Completed

[mikes49]

Follow-up to the last post:  no luck on the XCloakRouted and TCP Routed either.    Thanks!

[PitBoss]

I'm not sure what is the issue. The log showed you are connected.
As for DNS leaked, there is no such issues as dns leak in linux or osx.

Can you summarize your problem again?

Thanks

[mikes49]

Hi PitBoss,

Yes, I can connect successfully to any of the options (ie., fully routed), but am unable to reach any destination.

With some help from Chris, we discovered I can reach destinations by IP address, but not by DNS name (i.e., www.bolehvpn.net).

That's about the sum of it...

[mikes49]

As a follow-up, I did an experiment by installing Mountain Lion in a virtual machine (Parallels), and then downloaded and installed the BolehVPN client within it.  It appears to work fine, suggesting something is going on with my Mac setup.

Are there any files/settings that are touched/modified by Boleh that I can look at, or possibly reverse?

Thanks in advance.

[mikes49]

My follow-up experience caused me to look at the network settings again on my host computer, and I decided to actually remove the DNS settings that were hard-coded in, and now it appears to be working again.

I do notice it (openvpn?) uses the 8.8.8.8 Google DNS when connected with Boleh, so perhaps because I had my cable provider's DNS addresses hard-coded in the Mac's DNS settings was causing the problem all along?

In any case, appreciate the help.  Will let you know if I have any other troubles with this particular problem.  Next, I'd like to find out why Boleh always drops my connection after exactly 1 hour usage, but will pose that question in a new post.

Thanks again,

Mike