macOS Sierra Tunnelblick Installation

Please do not skip any of the steps!

Getting Tunnelblick up and running for the Mac consists of 3 easy steps:

  1. Installing Tunnelblick for Mac: This is the program that establishes the VPN connection.
  2. Choosing the Configuration you wish to use: Each configuration works differently and is specially optimized for different purposes be it for speed, security or convenience.
  3. Configuring your programs to use our servers (only applicable for some configurations): Some of our configurations require additional configuration on the programs you wish to pass through the VPN.

This will only work for Mac OS X 10.6.8 until Sierra 10.12.

SIERRA ONLY: Please use this Tunnelblick guide for Mac OS X Sierra (10.12) until we issue a new version of the BolehVPN client that supports Sierra.

  1. First of all, download Tunnelblick 3.6.7
  2. Run the downloaded file and accept the warning
    screen-shot-2016-09-25-at-11-01-10-am
  3. Provide your admin login and password to allow Tunnelblick to be installed to Applications.
    screen-shot-2016-09-25-at-11-01-38-am
  4. Go through the following additional features and accept all of them. Blue button is what you should hit.
    screen-shot-2016-09-25-at-11-02-13-amscreen-shot-2016-09-25-at-11-02-34-amscreen-shot-2016-09-25-at-11-03-05-am
  5. Double click on Tunnelblick to start it. You’ll be able to see the Tunnelblick icon in the top right toolbar after this.
    screen-shot-2016-09-25-at-11-00-48-am
  6. What you want to do now is head to our user portal and login. Click on Download Inline Configurations
  7. Extract the .zip file you just downloaded to a folder on your desktop.
  8. Now in Tunnelblick, there’s a couple of ways you can add configurations, as per the image.
    screen-shot-2016-09-25-at-11-03-27-am
  9. We’ll be using the drag and drop into the toolbar, top right corner of your screen. Select all the .ovpn files that you just downloaded, drag and drop them into the Tunnelblick icon, as per the image below.
    screen-shot-2016-09-25-at-11-10-06-am
  10. Choose which users will get these configurations.
    screen-shot-2016-09-25-at-11-10-12-am
  11. If you click on the Tunnelblick icon now, you should see all the different servers. Choose FullyRouted-All and click Connect
    screen-shot-2016-09-25-at-11-17-32-am
  12. Voila!
    screen-shot-2016-09-25-at-11-20-51-am

You will have noticed several configuration options from the drop-down menu. This is probably the most important part of the setup since failing to understand what each configuration does may prevent you from getting the most out of BolehVPN.

In a nutshell, there are 6 main types as shown in the table below:

Proxied Fully Routed Surfing/Streaming TCP Server xCloak BolehGeo
 Locations of Servers

Canada

Germany

Netherlands

Switzerland

United Kingdom

Canada

France

Germany

Luxembourg

Netherlands

Singapore

Sweden

Switzerland

United Kingdom

Italy

Japan

Malaysia

United Kingdom

United States

Canada

Germany

Singapore

France

Italy

Japan

USA

UK

Canada

France

Germany

Italy

Singapore

United Kingdom

United States (surfing/streaming only)

Japan (surfing/streaming only)

Canada

Netherlands

Singapore

 Best Used For

Secure P2P

Routing specific connections through the VPN

Hiding location

P2P

Surfing Anonymously

Data Security

Hiding Location

Surfing Anonymously

Accessing/ streaming geo-specific Content (Hulu, Pandora, etc)

Hiding Location

Bypassing firewalls

Cloaks VPN traffic to look like normal traffic using regular ports such as port 80 and 443 (TCP and UDP)

Used in restrictive countries such as and Iran

Accessing/ streaming geo-specific Content (Hulu, Pandora, etc)

Protection 256-bit AES
SHA-512 HMAC
AES 128-bit
SSL
256-bit AES
SHA-512 HMAC
N/A
Additional Setup Programs need to be configured to use SOCKS Proxy Not Required Depending on name, will work like Proxied or FullyRouted Not Required

Each of these configurations have their distinct purposes, therefore it is important to read through this section carefully to utilize this service to its maximum extent.

BolehVPN is one of the few VPN providers that offers a wide range of options all in one package.

a. Proxied


Server locations: Canada, Germany, Netherlands, Switzerland, UK

All these configurations are in a proxied setup which means you will need to set up your software before using the VPN. Any software that is not configured will go through your regular unprotected internet connection. Proceed to Step 4 to learn how to configure your software when you are ready.

Pros

      • Does not affect other latency sensitive applications like MSN/surfing/gaming therefore you can do all your other tasks without feeling any slowdown. VPNs in general add latency to your connection.
      • Works well for most purposes and well seeded torrents
      • If properly configured, an interruption of your connection to our VPN servers will not leave you exposed.

Cons

      • You will not be fully connectable and will appear as firewalled. This is inevitable as it uses a proxy. This might reduce your ability to connect to peers and is relevant when the seeder/peer ratio is bad or there are very few people on the torrent. This also gives you LowID with Emule
      • Requires the program you wish to pass through the VPN to have SOCKS Proxy support and be configured appropriately.
      • Some programs due to faulty programming do not use the VPN proxy exclusively and may still use your regular connection for certain connections. Therefore this is not suitable for those who wants complete privacy.
      • Slightly higher overhead due to usage of a SOCKS proxy.

b. Fully Routed

Server locations: Canada, France, Germany, Luxembourg, Netherlands, Singapore, Sweden, Switzerland, UK

‘Fully Routed’ is different where all your data is automatically routed to the VPN. This means everything including surfing, internet messengers (Skype) and any other softwares that requires internet-connection will have go through the VPN.

You do not need to configure your programs to use the VPN if you use this.

Pros

      • Offers a high degree of privacy/security for your internet enabled applications
      • Painless setup since once you are connected to the VPN; you need not configure anything else
      • May work better with poorly seeded trackers

Cons

      • Increases latency/lag on all other applications that means surfing, Skype and everything else that uses the internet will have a longer reponse time due to the additional route your internet connection has to take.

c. Surfing/Streaming

Server locations: United States, United Kingdom, Malaysia, Italy, Japan

The Surfing/Streaming servers CANNOT be used for P2P but is especially good for streaming US-only content such as Hulu, Pandora, Veoh and such.

Note that there are SurfingStreamingTCP options that are intended only for people with firewalls that do not allow UDP connections. Please stick with the none TCP servers if possible as they are faster and more stable unless absolutely necessary.

Specifying a proxy is unccessary. It works similarly as the ‘Fully Routed’ configurations where you could just connect and start surfing!

However certain internet-enabled programs might not work while this setting is applied.

d. xCloak

Server location: Canada, France, Germany, Italy, Singapore, Japan, United States, United Kingdom

In order to bypass the strict internet firewall in countries such as China and Iran, we have prepared the xCloak configurations, an improvement our older CloakRoated configurations.

Please take note that the xCloak configuration also has suffixes that determines the type of connection it will make, which corresponds to the other 3 configurations mentioned above.

For xCloakProxy, proxy settings must be configured and this can be viewed in Step 4.

e. TCP Servers

Server location: Canada, France, Germany, Italy, Singapore, United States, United Kingdom

The TCP servers suffixes in some of our configuration allows you to bypass corporate/campus firewalls. This should be only used if you are unable to connect to our servers due to a firewall. This works on majority of the firewalls but there are still setups out there that can block it. You can also use this if you suffer from a poor internet connection with packet loss. Please note that the TCP protocol will not be as fast as the other UDP servers.

These servers work as Proxied, FullyRouted, SurfingStreaming, xCloakRouted, or xCloakProxy servers based on the name, meaning you would need to configure your software to use proxies in order to divert the traffic through the VPN only if you use the Proxied TCP servers. You can see this is done in the next step.

f. BolehGeo


Server location: Canada, Netherlands, Singapore

BolehGeo allows you to access sites that are restricted to US address without the use of a VPN. In other words, the lag and overhead inherent from using a VPN are eliminated, thus faster streaming speeds can be observed. This would also means you won’t be getting the privacy and security benefits that would otherwise be present with the use of a VPN.

Please take note that this feature is strictly for making your computer to appear from the US on geo-specific media sites.

We have tested this list of streaming services and found that they work well with this new feature.

1. Hulu
2. Netflix
3. Hulu Plus
4. HBOgo
5. Pandora
6. Fox
7. Crunchyroll
8. CBS
9. Youtube

Do let us know if there are any geo-restricted sites for the US that you would like to see added to this list and how this works out for you! Remember to clear your cookies before trying out the sites!

Now it’s time to configure your programs!

If you are using ‘Proxied‘ or TCP443Server, you would need to configure your programs to go through the VPN (unless you don’t want them to).

Fully Routed and Surfing/Streaming configurations do not require these additional steps as all your data will be redirected through the VPN automatically once you are connected.

Make sure you have the Use this connection only for resources on its network box checked under IPv4 Settings > Routes. Otherwise, keep it unchecked.

Torrent Clients

For any torrent clients, please enter the following:

Hostname: 10.10.10.1
Port: 1080 (SOCKS)
No authentication

Other Softwares

Make sure to enter the following details in the relevant fields:

Hostname: 10.10.10.1
Port: 808(HTTP) or 1080 (SOCKS)
No authentication

 

You can also always drop by our Support Forums to ask for help in configuring a particular program.

If you do need help, there are a few steps you need to do to get you full support access.

We do this to verify the identity of our customers and protect their privacy.

      1. First of all Register for our Support Forums and follow the instructions onscreen.
      2. Then read the instructions in Apply for Support Access.
      3. Approval of Support Access usually happens within a few hours but meanwhile, you can browse our FAQ for common issues people face.
      4. Once Support Access has been approved, you can open a support thread in our General Support forum. Please be as detailed as possible with provision of your OpenVPN logs (obtained by double clicking on your OpenVPN icon in the bottom right hand corner) and any other errors you are experiencing. This is the BEST WAY to get help and likely to be the fastest route to getting an answer!