Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Public IP address needed in override hostname?

Hello Sophos community,

I bought a Sophos XG 106 for home use and to learn more about internet security. 

But now, I have a question about the VPN access from : https://community.sophos.com/kb/en-us/122769

I followed all steps but I was wondering what I have to type in the "override hostname" field?

Do i need to add here my public IP from my internet isp?

Cause when i try to connect with the vpn client I see this in the logs : 

Wed Dec 18 12:07:12 2019 Attempting to establish TCP connection with [AF_INET]84.197.138.2:8443 [nonblock]
Wed Dec 18 12:07:12 2019 MANAGEMENT: >STATE:1576667232,TCP_CONNECT,,,,,,
Wed Dec 18 12:07:22 2019 TCP: connect to [AF_INET]84.197.138.2:8443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
Wed Dec 18 12:07:27 2019 MANAGEMENT: >STATE:1576667247,TCP_CONNECT,,,,,,
Wed Dec 18 12:07:37 2019 TCP: connect to [AF_INET]84.197.138.2:8443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
Wed Dec 18 12:07:42 2019 MANAGEMENT: >STATE:1576667262,TCP_CONNECT,,,,,,
Wed Dec 18 12:07:52 2019 TCP: connect to [AF_INET]84.197.138.2:8443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
Wed Dec 18 12:07:57 2019 MANAGEMENT: >STATE:1576667277,TCP_CONNECT,,,,,,

So I can't seem to connect to my firewall through vpn, but i have no clue what's wrong with my current config.

Thanks a lot

regards

Frederiek



This thread was automatically locked due to age.
Parents
  • Hi  

    Yes you need to put the public IP of ISP in the override hostname. The NAT device ( ISP router or modem) has to be configured to forward the SSL VPN connection to the XG Firewall.

    Override Hostname : This sets the SSL VPN client configuration file to use this public IP when establishing the connection.

    Please re download the config file after setting up public IP of ISP and check the SSL VPN status, this will fix the issue.

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support

    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'Verify Answer' link.

  • Hello,

    Thanks for your reply.

    I changed the hostname override to my public ip 

    I re-downloaded the config file and when i try to connect, I still get this error : 

     

    Wed Dec 18 13:20:55 2019 Attempting to establish TCP connection with [AF_INET]84.197.138.2:8443 [nonblock]
    Wed Dec 18 13:20:55 2019 MANAGEMENT: >STATE:1576671655,TCP_CONNECT,,,,,,
    Wed Dec 18 13:21:05 2019 TCP: connect to [AF_INET]84.197.138.2:8443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
    Wed Dec 18 13:21:10 2019 MANAGEMENT: >STATE:1576671670,TCP_CONNECT,,,,,,

  • Hi  

    I checked port 8443 status on https://ping.eu/port-chk/ and it is showing me closed.

    Please confirm if you are also getting  the same status or result if yes then you need to check on that part.

    PFA.

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support

    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'Verify Answer' link.

  • sorry for my noob question, but where do i open this port? i thought this was done by following the " How to configure SSL VPN remote access" article.

    https://community.sophos.com/kb/en-us/122769 Here it's explained to add a firewall rule too, which i did, but i guess that's not for opening the port? :-)

  • I mean this firewall rule like described on the KB

     

  • FormerMember
    0 FormerMember in reply to Frederiek Pascal

    Hi Frederiek Pascal,

    You have to forward port 8443 from your ISP device to firewall's WAN interface IP address. By default port 8443 is open on firewall if you have SSL VPN remote VPN configured. 

    In your case the firewall is behind ISP modem and has no direct access to the internet so you have to follow that extra step. 

    Thanks,

  • thanks for your answer!

    which extra step do you mean?

    My configuration is an ISP modem (where the router function is disabled), than my sophos and than my access points for wifi.

  • 84.197.138.2:8443 port is open

    still i got this error :

     

    Thu Dec 19 09:10:55 2019 OpenVPN 2.3.8 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [IPv6] built on Jul 3 2017
    Thu Dec 19 09:10:55 2019 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.09
    Enter Management Password:
    Thu Dec 19 09:10:55 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
    Thu Dec 19 09:10:55 2019 Need hold release from management interface, waiting...
    Thu Dec 19 09:10:56 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
    Thu Dec 19 09:10:56 2019 MANAGEMENT: CMD 'state on'
    Thu Dec 19 09:10:56 2019 MANAGEMENT: CMD 'log all on'
    Thu Dec 19 09:10:56 2019 MANAGEMENT: CMD 'hold off'
    Thu Dec 19 09:10:56 2019 MANAGEMENT: CMD 'hold release'
    Thu Dec 19 09:11:10 2019 MANAGEMENT: CMD 'username "Auth" "xxxxxxx"'
    Thu Dec 19 09:11:10 2019 MANAGEMENT: CMD 'password [...]'
    Thu Dec 19 09:11:10 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Thu Dec 19 09:11:10 2019 Attempting to establish TCP connection with [AF_INET]84.197.138.2:8443 [nonblock]
    Thu Dec 19 09:11:10 2019 MANAGEMENT: >STATE:1576743070,TCP_CONNECT,,,,,,
    Thu Dec 19 09:11:20 2019 TCP: connect to [AF_INET]84.197.138.2:8443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
    Thu Dec 19 09:11:25 2019 MANAGEMENT: >STATE:1576743085,TCP_CONNECT,,,,,,
    Thu Dec 19 09:11:35 2019 TCP: connect to [AF_INET]84.197.138.2:8443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
    Thu Dec 19 09:11:40 2019 MANAGEMENT: >STATE:1576743100,TCP_CONNECT,,,,,,
    Thu Dec 19 09:11:50 2019 TCP: connect to [AF_INET]84.197.138.2:8443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
    Thu Dec 19 09:11:55 2019 MANAGEMENT: >STATE:1576743115,TCP_CONNECT,,,,,,
    Thu Dec 19 09:12:05 2019 TCP: connect to [AF_INET]84.197.138.2:8443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.

     

    anybody? :D 

Reply
  • 84.197.138.2:8443 port is open

    still i got this error :

     

    Thu Dec 19 09:10:55 2019 OpenVPN 2.3.8 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [IPv6] built on Jul 3 2017
    Thu Dec 19 09:10:55 2019 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.09
    Enter Management Password:
    Thu Dec 19 09:10:55 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
    Thu Dec 19 09:10:55 2019 Need hold release from management interface, waiting...
    Thu Dec 19 09:10:56 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
    Thu Dec 19 09:10:56 2019 MANAGEMENT: CMD 'state on'
    Thu Dec 19 09:10:56 2019 MANAGEMENT: CMD 'log all on'
    Thu Dec 19 09:10:56 2019 MANAGEMENT: CMD 'hold off'
    Thu Dec 19 09:10:56 2019 MANAGEMENT: CMD 'hold release'
    Thu Dec 19 09:11:10 2019 MANAGEMENT: CMD 'username "Auth" "xxxxxxx"'
    Thu Dec 19 09:11:10 2019 MANAGEMENT: CMD 'password [...]'
    Thu Dec 19 09:11:10 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Thu Dec 19 09:11:10 2019 Attempting to establish TCP connection with [AF_INET]84.197.138.2:8443 [nonblock]
    Thu Dec 19 09:11:10 2019 MANAGEMENT: >STATE:1576743070,TCP_CONNECT,,,,,,
    Thu Dec 19 09:11:20 2019 TCP: connect to [AF_INET]84.197.138.2:8443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
    Thu Dec 19 09:11:25 2019 MANAGEMENT: >STATE:1576743085,TCP_CONNECT,,,,,,
    Thu Dec 19 09:11:35 2019 TCP: connect to [AF_INET]84.197.138.2:8443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
    Thu Dec 19 09:11:40 2019 MANAGEMENT: >STATE:1576743100,TCP_CONNECT,,,,,,
    Thu Dec 19 09:11:50 2019 TCP: connect to [AF_INET]84.197.138.2:8443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
    Thu Dec 19 09:11:55 2019 MANAGEMENT: >STATE:1576743115,TCP_CONNECT,,,,,,
    Thu Dec 19 09:12:05 2019 TCP: connect to [AF_INET]84.197.138.2:8443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.

     

    anybody? :D 

Children
  • Is the ip of subnet ok? 

    these are my dhcp settings btw 

     

    and the vpn firewall rule is on top

     

  • Hi,

     

    First, is your ISP router in bridge? Are you authentication with XG? If it isn't, then you will need to create a DMZ zone to your XG, or port foward to it, or if Yes then see below.

     

    Your configuration seems fine, just remember to do this before:

    1) If there's any need, Allow VPN access to WAN on the Rules.

    2) Since It's home usage, use a domain as hostname instead of IP, you can even use Sophos DDNS for this.

    3) Change the IPV4 Lease Range for something more sane.

    4) In SSL VPN don't forget to put the XG or your DNS server IP in the settings.

    5) There's no need to open any port in the Firewall Rules, It open automaticaly when you create a SSL VPN Server.

     

    And at last, the error your getting, "The system tried to join a drive to a directory on a joined drive." Is known in Sophos UTM, some people had lucky changing the SSL VPN port.

    Also you can use UDP instead of TCP if you need a bit more throughput.

     

    After you connect to the VPN, don't forget to enable anything that you find necessary for it, such as allow the use of Web Proxy, DNS, or authentication methods in Administration => Device Access.

     

    Thanks,


    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v21 GA @ Home

    Sophos ZTNA (KVM) @ Home

  • I did all what you asked and still it's not working, i got this error : 

     

    Sun Dec 22 13:24:27 2019 OpenVPN 2.3.8 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [IPv6] built on Jul 3 2017
    Sun Dec 22 13:24:27 2019 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.09
    Enter Management Password:
    Sun Dec 22 13:24:27 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
    Sun Dec 22 13:24:27 2019 Need hold release from management interface, waiting...
    Sun Dec 22 13:24:27 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
    Sun Dec 22 13:24:27 2019 MANAGEMENT: CMD 'state on'
    Sun Dec 22 13:24:27 2019 MANAGEMENT: CMD 'log all on'
    Sun Dec 22 13:24:27 2019 MANAGEMENT: CMD 'hold off'
    Sun Dec 22 13:24:27 2019 MANAGEMENT: CMD 'hold release'
    Sun Dec 22 13:24:43 2019 MANAGEMENT: CMD 'username "Auth" "frederiekpascal"'
    Sun Dec 22 13:24:43 2019 MANAGEMENT: CMD 'password [...]'
    Sun Dec 22 13:24:43 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Sun Dec 22 13:24:43 2019 MANAGEMENT: >STATE:1577017483,RESOLVE,,,,,,
    Sun Dec 22 13:24:43 2019 Attempting to establish TCP connection with [AF_INET]84.197.138.2:8443 [nonblock]
    Sun Dec 22 13:24:43 2019 MANAGEMENT: >STATE:1577017483,TCP_CONNECT,,,,,,
    Sun Dec 22 13:24:53 2019 TCP: connect to [AF_INET]84.197.138.2:8443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
    Sun Dec 22 13:24:58 2019 MANAGEMENT: >STATE:1577017498,RESOLVE,,,,,,
    Sun Dec 22 13:24:58 2019 MANAGEMENT: >STATE:1577017498,TCP_CONNECT,,,,,,

     

    I do have a question about something which is not clear for me.

     

    In the KB they mention this : 

     

    Defining local subnet and remote SSL VPN range

    Go to Hosts and Services > IP Host and define the local subnet behind Sophos Firewall.

     

    My question, the subnet you have to define, is that the current subnet you are using on your network? 

    I mean my ip is 192.168.0.66 at this moment, so the subnet is have to add in this section is 192.168.0.0? 

  • If you search on this forum, you will see 5 posts with the same problem as you, " failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive. ".

    Most of them fixed by changing the SSL VPN port to something else.

    Frederiek Pascal said:
    Sun Dec 22 13:24:53 2019 TCP: connect to [AF_INET]84.197.138.2:8443

    On your connection still 8443, change it to something else.

    From the posts here in the forum, 4 of them fixed this by changing the SSL VPN port.

    You will also found some people with the same error on the OpenVPN forums, most of them had this error because there has another service running on the same port, I don't know why this would happen on XG.

     

    Frederiek Pascal said:
    My question, the subnet you have to define, is that the current subnet you are using on your network? 

     

    Yes, It's correct, you need to define the subnet your current using on your LAN, and another one for SSLVPN.


    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v21 GA @ Home

    Sophos ZTNA (KVM) @ Home

  • hi there,

    thnx for your answer

    I tried another port once cause you recommended that indeed, but it wasn't working either...

    So I switched it back to 8443 afterwards.

    I did it again now, here's the log :

    Sun Dec 22 14:06:36 2019 OpenVPN 2.3.8 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [IPv6] built on Jul 3 2017
    Sun Dec 22 14:06:36 2019 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.09
    Enter Management Password:
    Sun Dec 22 14:06:36 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
    Sun Dec 22 14:06:36 2019 Need hold release from management interface, waiting...
    Sun Dec 22 14:06:36 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
    Sun Dec 22 14:06:36 2019 MANAGEMENT: CMD 'state on'
    Sun Dec 22 14:06:36 2019 MANAGEMENT: CMD 'log all on'
    Sun Dec 22 14:06:36 2019 MANAGEMENT: CMD 'hold off'
    Sun Dec 22 14:06:36 2019 MANAGEMENT: CMD 'hold release'
    Sun Dec 22 14:06:54 2019 MANAGEMENT: CMD 'username "Auth" "frederiekpascal"'
    Sun Dec 22 14:06:54 2019 MANAGEMENT: CMD 'password [...]'
    Sun Dec 22 14:06:54 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Sun Dec 22 14:06:54 2019 MANAGEMENT: >STATE:1577020014,RESOLVE,,,,,,
    Sun Dec 22 14:06:54 2019 Attempting to establish TCP connection with [AF_INET]84.197.138.2:8449 [nonblock]
    Sun Dec 22 14:06:54 2019 MANAGEMENT: >STATE:1577020014,TCP_CONNECT,,,,,,
    Sun Dec 22 14:07:04 2019 TCP: connect to [AF_INET]84.197.138.2:8449 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
    Sun Dec 22 14:07:09 2019 MANAGEMENT: >STATE:1577020029,RESOLVE,,,,,,
    Sun Dec 22 14:07:09 2019 MANAGEMENT: >STATE:1577020029,TCP_CONNECT,,,,,,
    Sun Dec 22 14:07:19 2019 TCP: connect to [AF_INET]84.197.138.2:8449 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
    Sun Dec 22 14:07:24 2019 MANAGEMENT: >STATE:1577020044,RESOLVE,,,,,,
    Sun Dec 22 14:07:24 2019 MANAGEMENT: >STATE:1577020044,TCP_CONNECT,,,,,,

  • Well, that's strange, I can't reproduce this error on my XG. This error doesn't looks likes It's XG fault, It can be the client your using that's causing this.

    Well,

    One question, what client your using for the connection ? Your using the bundled client + config from the user portal, or you downloaded another client and just added the config?

    By the built date on the logs, looks like the client from the user portal.

    If It is, have you tried another client ?


    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v21 GA @ Home

    Sophos ZTNA (KVM) @ Home

  • Hi there,

    I did the trial and error on a windows 10 laptop with the config & client from the user portal indeed.

    I'll try Tunnelblick on my Macbook and report to you :-) 

    thnx!

  • This is the log from my Macbook with Tunnelblick 

     

    *Tunnelblick: macOS 10.15.2 (19C57); Tunnelblick 3.8.1 (build 5400); Admin user
    git commit 202d7d855181acbb15662bb08484f6229a113517


    Configuration frederiekpascal__ssl_vpn_config (1)

    "Sanitized" condensed configuration file for /Users/frederiek/Library/Application Support/Tunnelblick/Configurations/frederiekpascal__ssl_vpn_config (1).tblk:

    client
    dev tun
    proto tcp
    verify-x509-name "C=BE, ST=NA, L=Bonheiden, O=Manon, OU=OU, CN=SophosApplianceCertificate_C1C0B92HV4X99C7, emailAddress=frederiekpascal@gmail.com"
    route remote_host 255.255.255.255 net_gateway
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    <ca>
    [Security-related line(s) omitted]
    </ca>
    <cert>
    [Security-related line(s) omitted]
    </cert>
    <key>
    [Security-related line(s) omitted]
    </key>
    auth-user-pass
    cipher AES-128-CBC
    auth SHA256
    comp-lzo no
    route-delay 4
    verb 3
    reneg-sec 0
    remote frederiekpascal.myfirewall.co 8443


    ================================================================================

    Files in frederiekpascal__ssl_vpn_config (1).tblk:
    Contents/Resources/config.ovpn

    ================================================================================

    Configuration preferences:

    -keychainHasUsernameAndPassword = 1
    -notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
    -alwaysShowLoginWindow = 0
    -lastConnectionSucceeded = 0

    ================================================================================

    Wildcard preferences:

    -notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0

    ================================================================================

    Program preferences:

    launchAtNextLogin = 1
    tunnelblickVersionHistory = (
    "3.8.1 (build 5400)"
    )
    lastLaunchTime = 598725117.896216
    lastLanguageAtLaunchWasRTL = 0
    connectionWindowDisplayCriteria = showWhenConnecting
    maxLogDisplaySize = 102400
    keyboardShortcutIndex = 1
    updateCheckAutomatically = 1
    NSWindow Frame ConnectingWindow = 444 416 500 322 0 0 1440 877
    detailsWindowViewIndex = 0
    leftNavSelectedDisplayName = frederiekpascal__ssl_vpn_config (1)
    haveDealtWithOldTunTapPreferences = 1
    haveDealtWithOldLoginItem = 1
    haveDealtWithAfterDisconnect = 1
    SUEnableAutomaticChecks = 1
    SUScheduledCheckInterval = 86400
    SULastCheckTime = 2019-12-22 16:31:58 +0000
    SUHasLaunchedBefore = 1
    WebKitDefaultFontSize = 16
    WebKitStandardFont = Times

    ================================================================================

    Tunnelblick Log:

    2019-12-22 17:32:40.974748 *Tunnelblick: macOS 10.15.2 (19C57); Tunnelblick 3.8.1 (build 5400)
    2019-12-22 17:32:41.472703 *Tunnelblick: Attempting connection with frederiekpascal__ssl_vpn_config (1) using shadow copy; Set nameserver = 769; monitoring connection
    2019-12-22 17:32:41.472932 *Tunnelblick: openvpnstart start frederiekpascal__ssl_vpn_config\ (1).tblk 50826 769 0 1 0 1098032 -ptADGNWradsgnw 2.4.7-openssl-1.0.2t
    2019-12-22 17:32:41.491867 *Tunnelblick: openvpnstart starting OpenVPN
    2019-12-22 17:32:41.666976 OpenVPN 2.4.7 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Sep 11 2019
    2019-12-22 17:32:41.667033 library versions: OpenSSL 1.0.2t 10 Sep 2019, LZO 2.10
    2019-12-22 17:32:41.667941 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:50826
    2019-12-22 17:32:41.667978 Need hold release from management interface, waiting...
    2019-12-22 17:32:42.095345 *Tunnelblick: openvpnstart log:
    OpenVPN started successfully.
    Command used to start OpenVPN (one argument per displayed line):
    /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.4.7-openssl-1.0.2t/openvpn
    --daemon
    --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Sfrederiek-SLibrary-SApplication Support-STunnelblick-SConfigurations-Sfrederiekpascal__ssl_vpn_config (1).tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_1098032.50826.openvpn.log
    --cd /Library/Application Support/Tunnelblick/Users/frederiek/frederiekpascal__ssl_vpn_config (1).tblk/Contents/Resources
    --machine-readable-output
    --setenv IV_GUI_VER "net.tunnelblick.tunnelblick 5400 3.8.1 (build 5400)"
    --verb 3
    --config /Library/Application Support/Tunnelblick/Users/frederiek/frederiekpascal__ssl_vpn_config (1).tblk/Contents/Resources/config.ovpn
    --setenv TUNNELBLICK_CONFIG_FOLDER /Library/Application Support/Tunnelblick/Users/frederiek/frederiekpascal__ssl_vpn_config (1).tblk/Contents/Resources
    --verb 3
    --cd /Library/Application Support/Tunnelblick/Users/frederiek/frederiekpascal__ssl_vpn_config (1).tblk/Contents/Resources
    --management 127.0.0.1 50826 /Library/Application Support/Tunnelblick/jllpbogglpefipnfofldnbnlkpohigglnjhhloal.mip
    --management-query-passwords
    --management-hold
    --script-security 2
    --route-up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
    --down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
    2019-12-22 17:32:42.098954 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:50826
    2019-12-22 17:32:42.117863 MANAGEMENT: CMD 'pid'
    2019-12-22 17:32:42.117913 MANAGEMENT: CMD 'auth-retry interact'
    2019-12-22 17:32:42.117936 MANAGEMENT: CMD 'state on'
    2019-12-22 17:32:42.117969 MANAGEMENT: CMD 'state'
    2019-12-22 17:32:42.118076 MANAGEMENT: CMD 'bytecount 1'
    2019-12-22 17:32:42.118772 *Tunnelblick: Established communication with OpenVPN
    2019-12-22 17:32:42.120950 *Tunnelblick: >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info
    2019-12-22 17:32:42.121718 MANAGEMENT: CMD 'hold release'
    2019-12-22 17:32:58.369107 MANAGEMENT: CMD 'username "Auth" "frederiekpascal"'
    2019-12-22 17:32:58.369155 MANAGEMENT: CMD 'password [...]'
    2019-12-22 17:32:58.369458 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    2019-12-22 17:32:58.371782 MANAGEMENT: >STATE:1577032378,RESOLVE,,,,,,
    2019-12-22 17:32:58.440987 TCP/UDP: Preserving recently used remote address: [AF_INET]84.197.138.2:8443
    2019-12-22 17:32:58.441083 Socket Buffers: R=[131072->131072] S=[131072->131072]
    2019-12-22 17:32:58.441106 Attempting to establish TCP connection with [AF_INET]84.197.138.2:8443 [nonblock]
    2019-12-22 17:32:58.441161 MANAGEMENT: >STATE:1577032378,TCP_CONNECT,,,,,,

    ================================================================================

    Down log:

    (Not found)
    ================================================================================

    Previous down log:

    (Not found)
    ================================================================================

    Network services:

    An asterisk (*) denotes that a network service is disabled.
    USB Controls
    USB Controls 2
    USB 10/100/1000 LAN
    Display Ethernet
    Belkin USB-C LAN
    USB 10/100/1000 LAN 2
    iPad USB
    Display FireWire
    Wi-Fi
    iPhone USB
    Bluetooth PAN
    Thunderbolt Bridge

    Wi-Fi Power (en0): On

    ================================================================================

    ifconfig output:

    lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
    options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
    inet 127.0.0.1 netmask 0xff000000
    inet6 ::1 prefixlen 128
    inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
    nd6 options=201<PERFORMNUD,DAD>
    gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
    stf0: flags=0<> mtu 1280
    en5: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    ether ac:de:48:00:11:22
    inet6 fe80::aede:48ff:fe00:1122%en5 prefixlen 64 scopeid 0x4
    nd6 options=201<PERFORMNUD,DAD>
    media: autoselect (100baseTX <full-duplex>)
    status: active
    ap1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
    options=400<CHANNEL_IO>
    ether f2:18:98:38:1e:33
    media: autoselect
    status: inactive
    en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=400<CHANNEL_IO>
    ether f0:18:98:38:1e:33
    inet6 fe80::cea:10d7:4907:824%en0 prefixlen 64 secured scopeid 0x6
    inet 192.168.0.133 netmask 0xffffff00 broadcast 192.168.0.255
    nd6 options=201<PERFORMNUD,DAD>
    media: autoselect
    status: active
    en4: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=460<TSO4,TSO6,CHANNEL_IO>
    ether 82:9f:a3:48:a8:04
    media: autoselect <full-duplex>
    status: inactive
    en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=460<TSO4,TSO6,CHANNEL_IO>
    ether 82:9f:a3:48:a8:01
    media: autoselect <full-duplex>
    status: inactive
    en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=460<TSO4,TSO6,CHANNEL_IO>
    ether 82:9f:a3:48:a8:00
    media: autoselect <full-duplex>
    status: inactive
    en3: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=460<TSO4,TSO6,CHANNEL_IO>
    ether 82:9f:a3:48:a8:05
    media: autoselect <full-duplex>
    status: inactive
    bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=63<RXCSUM,TXCSUM,TSO4,TSO6>
    ether 82:9f:a3:48:a8:01
    Configuration:
    id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
    maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
    root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
    ipfilter disabled flags 0x2
    member: en1 flags=3<LEARNING,DISCOVER>
    ifmaxaddr 0 port 9 priority 0 path cost 0
    member: en2 flags=3<LEARNING,DISCOVER>
    ifmaxaddr 0 port 10 priority 0 path cost 0
    member: en3 flags=3<LEARNING,DISCOVER>
    ifmaxaddr 0 port 11 priority 0 path cost 0
    member: en4 flags=3<LEARNING,DISCOVER>
    ifmaxaddr 0 port 8 priority 0 path cost 0
    nd6 options=201<PERFORMNUD,DAD>
    media: <unknown type>
    status: inactive
    p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
    options=400<CHANNEL_IO>
    ether 02:18:98:38:1e:33
    media: autoselect
    status: inactive
    awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
    options=400<CHANNEL_IO>
    ether fe:c6:ed:49:e4:cc
    inet6 fe80::fcc6:edff:fe49:e4cc%awdl0 prefixlen 64 scopeid 0xe
    nd6 options=201<PERFORMNUD,DAD>
    media: autoselect
    status: active
    llw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=400<CHANNEL_IO>
    ether fe:c6:ed:49:e4:cc
    inet6 fe80::fcc6:edff:fe49:e4cc%llw0 prefixlen 64 scopeid 0xf
    nd6 options=201<PERFORMNUD,DAD>
    media: autoselect
    status: active
    utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
    inet6 fe80::e4c0:5a96:9902:fe10%utun0 prefixlen 64 scopeid 0x10
    nd6 options=201<PERFORMNUD,DAD>
    utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
    inet6 fe80::883a:250:7b2f:6fbe%utun1 prefixlen 64 scopeid 0x11
    nd6 options=201<PERFORMNUD,DAD>
    utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
    inet6 fe80::bd4f:5d8:4d38:d9f7%utun2 prefixlen 64 scopeid 0x12
    nd6 options=201<PERFORMNUD,DAD>
    utun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
    inet6 fe80::e149:2eba:1d6a:5aa5%utun3 prefixlen 64 scopeid 0x13
    nd6 options=201<PERFORMNUD,DAD>
    utun4: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
    inet6 fe80::32b4:8314:a526:e098%utun4 prefixlen 64 scopeid 0x14
    nd6 options=201<PERFORMNUD,DAD>
    utun5: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
    inet6 fe80::a9c0:abe0:16f4:ab7%utun5 prefixlen 64 scopeid 0x15
    nd6 options=201<PERFORMNUD,DAD>
    utun6: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
    inet6 fe80::913:bb37:f66b:5451%utun6 prefixlen 64 scopeid 0x16
    nd6 options=201<PERFORMNUD,DAD>

    ================================================================================

    Non-Apple kexts that are loaded:

    Index Refs Address Size Wired Name (Version) UUID <Linked Against>
    186 0 0xffffff7f8470a000 0x6000 0x6000 com.getdropbox.dropbox.kext (1.10.3) F29DD0CB-48D6-311A-9B69-E39CF775493C <8 6 5 2 1>

    ================================================================================

    Quit Log:

    2019-12-22 17:31:45.120489 applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes)
    2019-12-22 17:31:45.146011 shutDownTunnelblick: started.
    2019-12-22 17:31:45.146448 shutDownTunnelblick: Starting cleanup.
    2019-12-22 17:31:45.146779 cleanup: Entering cleanup
    2019-12-22 17:31:45.147070 cleanup aborted because Tunnelblick did not finish launching
    2019-12-22 17:31:45.147249 shutDownTunnelblick: Cleanup finished.
    2019-12-22 17:31:45.147444 Finished shutting down Tunnelblick; allowing termination

    ================================================================================

    Console Log:

    2019-12-22 17:31:37.924559 Tunnelblick[15265] Tunnelblick: macOS 10.15.2; Tunnelblick 3.8.1 (build 5400)
    2019-12-22 17:31:37.928506 Tunnelblick[15265] Propagating '-resetPrimaryInterfaceAfterDisconnect' preferences that are TRUE to '-resetPrimaryInterfaceAfterUnexpectedDisconnect'
    2019-12-22 17:31:38.251916 Tunnelblick[15265] Tunnelblick cannot run when it is on /Volumes because the volume has the MNT_NOSUID statfs flag set.
    2019-12-22 17:31:44.137158 Tunnelblick[15265] Tunnelblick needs to:
    • Be installed in /Applications as Tunnelblick
    • Change ownership and permissions of the program to secure it
    • Secure configurations
    2019-12-22 17:31:44.137217 Tunnelblick[15265] Beginning installation or repair
    2019-12-22 17:31:45.014909 Tunnelblick[15265] Installation or repair succeeded; Log:
    Tunnelblick installer started 2019-12-22 17:31:44.179060. 1 arguments: 0x0017
    getuid() = 504; getgid() = 20; geteuid() = 0; getegid() = 20
    Created directory /Library/Application Support/Tunnelblick with owner 0:80 and permissions 755
    Changed ownership of /Library/Application Support/Tunnelblick from 0:80 to 0:0
    Created directory /Library/Application Support/Tunnelblick/Logs with owner 0:0 and permissions 755
    Created directory /var/log/Tunnelblick with owner 0:0 and permissions 755
    Created directory /Library/Application Support/Tunnelblick/Shared with owner 0:0 and permissions 755
    Created directory /Library/Application Support/Tunnelblick/Tblks with owner 0:0 and permissions 755
    Created directory /Library/Application Support/Tunnelblick/expect-disconnect with owner 0:0 and permissions 755
    Created directory /Library/Application Support/Tunnelblick/Users with owner 0:0 and permissions 755
    Created directory /Library/Application Support/Tunnelblick/Users/frederiek with owner 0:0 and permissions 755
    Created .mip
    Changed ownership of /Users/frederiek/Library/Application Support/Tunnelblick from 504:20 to 504:80
    Changed ownership of /Users/frederiek/Library/Application Support/Tunnelblick/Configurations from 504:20 to 504:80
    Copied /Volumes/Tunnelblick/Tunnelblick.app to /Applications/Tunnelblick.app
    Removed any 'com.apple.quarantine' extended attributes
    Changed ownership of /Applications/Tunnelblick.app and its contents from 501:80 to 0:0
    Need to replace and/or reload 'tunnelblickd':
    tunnelblickdHashOK = NO
    launchctlPlistHashOK = NO
    tunnelblickdPlistOK = NO
    socketOK = NO
    Installed /Library/LaunchDaemons/net.tunnelblick.tunnelblick.tunnelblickd.plist
    Used launchctl to load tunnelblickd
    Tunnelblick installer finished without error
    2019-12-22 17:31:45.135375 Tunnelblick[15280] Tunnelblick: macOS 10.15.2; Tunnelblick 3.8.1 (build 5400)
    2019-12-22 17:31:45.146737 Tunnelblick[15265] cleanup: Entering cleanup
    2019-12-22 17:31:45.147033 Tunnelblick[15265] cleanup aborted because Tunnelblick did not finish launching
    2019-12-22 17:31:45.147411 Tunnelblick[15265] Finished shutting down Tunnelblick; allowing termination
    2019-12-22 17:31:45.637333 Tunnelblick[15280] Launching a thread to remove the old login item (if any) so we can use the new mechanism that controls Tunnelblick's launch on login
    2019-12-22 17:31:45.638004 Tunnelblick[15280] Changed permissions from 755 to 700 on /Users/frederiek/Library/LaunchAgents
    2019-12-22 17:31:45.638357 Tunnelblick[15280] Copied our 'net.tunnelblick.tunnelblick.LaunchAtLogin.plist' into ~/Library/LaunchAgents
    2019-12-22 17:31:45.653261 Tunnelblick[15280] No old login item to remove
    2019-12-22 17:31:57.841870 Tunnelblick[15280] Copied easy-rsa
    2019-12-22 17:31:57.842184 Tunnelblick[15280] Changed permissions from 755 to 700 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa
    2019-12-22 17:31:57.842724 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/build-ca
    2019-12-22 17:31:57.842941 Tunnelblick[15280] Changed permissions from 755 to 600 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/vars
    2019-12-22 17:31:57.843159 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/build-key-server
    2019-12-22 17:31:57.843355 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/build-key-pass
    2019-12-22 17:31:57.843547 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/build-req
    2019-12-22 17:31:57.843737 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/build-req-pass
    2019-12-22 17:31:57.843940 Tunnelblick[15280] Changed permissions from 644 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/libressl.cnf.template
    2019-12-22 17:31:57.844328 Tunnelblick[15280] Changed permissions from 755 to 700 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3
    2019-12-22 17:31:57.844557 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/ChangeLog
    2019-12-22 17:31:57.844782 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/README
    2019-12-22 17:31:57.845153 Tunnelblick[15280] Changed permissions from 755 to 700 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/easyrsa3
    2019-12-22 17:31:57.845593 Tunnelblick[15280] Changed permissions from 755 to 700 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/easyrsa3/x509-types
    2019-12-22 17:31:57.845828 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/easyrsa3/x509-types/ca
    2019-12-22 17:31:57.846053 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/easyrsa3/x509-types/server
    2019-12-22 17:31:57.846268 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/easyrsa3/x509-types/COMMON
    2019-12-22 17:31:57.846500 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/easyrsa3/x509-types/client
    2019-12-22 17:31:57.846747 Tunnelblick[15280] Changed permissions from 644 to 600 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/easyrsa3/openssl-1.0.cnf
    2019-12-22 17:31:57.846949 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/easyrsa3/easyrsa
    2019-12-22 17:31:57.847153 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/easyrsa3/vars.example
    2019-12-22 17:31:57.847364 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/COPYING
    2019-12-22 17:31:57.847725 Tunnelblick[15280] Changed permissions from 755 to 700 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/doc
    2019-12-22 17:31:57.847943 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/doc/Intro-To-PKI.md
    2019-12-22 17:31:57.848142 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/doc/EasyRSA-Readme.md
    2019-12-22 17:31:57.848337 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/doc/Hacking.md
    2019-12-22 17:31:57.848560 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/doc/EasyRSA-Advanced.md
    2019-12-22 17:31:57.848756 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/doc/TODO
    2019-12-22 17:31:57.848968 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/doc/EasyRSA-Upgrade-Notes.md
    2019-12-22 17:31:57.849313 Tunnelblick[15280] Changed permissions from 755 to 700 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/Licensing
    2019-12-22 17:31:57.849528 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/Licensing/gpl-2.0.txt
    2019-12-22 17:31:57.849735 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/KNOWN_ISSUES
    2019-12-22 17:31:57.850028 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/EasyRSA-3/README.quickstart.md
    2019-12-22 17:31:57.850263 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/clean-all
    2019-12-22 17:31:57.850475 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/build-dh
    2019-12-22 17:31:57.850760 Tunnelblick[15280] Changed permissions from 644 to 600 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/openssl-0.9.6.cnf
    2019-12-22 17:31:57.850974 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/pkitool
    2019-12-22 17:31:57.851190 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/sign-req
    2019-12-22 17:31:57.851408 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/build-key-pkcs12
    2019-12-22 17:31:57.851607 Tunnelblick[15280] Changed permissions from 644 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/whichopensslcnf
    2019-12-22 17:31:57.851809 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/build-inter
    2019-12-22 17:31:57.851996 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/README
    2019-12-22 17:31:57.852204 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/revoke-full
    2019-12-22 17:31:57.852412 Tunnelblick[15280] Changed permissions from 644 to 600 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/openssl-0.9.8.cnf
    2019-12-22 17:31:57.852621 Tunnelblick[15280] Changed permissions from 644 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/readme-libressl.txt
    2019-12-22 17:31:57.852826 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/TB-version.txt
    2019-12-22 17:31:57.853059 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/list-crl
    2019-12-22 17:31:57.853289 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/build-key
    2019-12-22 17:31:57.853581 Tunnelblick[15280] Changed permissions from 755 to 500 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/inherit-inter
    2019-12-22 17:31:57.853831 Tunnelblick[15280] Changed permissions from 644 to 600 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/openssl-1.0.0.cnf
    2019-12-22 17:31:57.854045 Tunnelblick[15280] Changed permissions from 644 to 400 on /Users/frederiek/Library/Application Support/Tunnelblick/easy-rsa/v3version.txt
    2019-12-22 17:31:58.033699 Tunnelblick[15280] Sparkle: ===== Tunnelblick.app =====
    2019-12-22 17:31:58.034246 Tunnelblick[15280] Sparkle: Verified appcast signature
    2019-12-22 17:32:08.895117 Tunnelblick[15280] Converting/Installing /Users/frederiek/Dropbox/frederiekpascal__ssl_vpn_config (1).ovpn: Converted OpenVPN configuration
    2019-12-22 17:32:14.500731 Tunnelblick[15280] Tunnelblick needs to perform an action that requires a computer administrator's authorization.
    2019-12-22 17:32:14.500825 Tunnelblick[15280] Beginning installation or repair
    2019-12-22 17:32:14.593700 Tunnelblick[15280] Installation or repair succeeded; Log:
    Tunnelblick installer started 2019-12-22 17:32:14.548272. 3 arguments: 0x0001
    /Users/frederiek/Library/Application Support/Tunnelblick/Configurations/frederiekpascal__ssl_vpn_config (1).tblk
    /private/var/folders/sj/yy52lxv500j_zw1gy9ww_2d00000gr/T/Tunnelblick-ii1MMt/frederiekpascal__ssl_vpn_config (1).tblk
    getuid() = 504; getgid() = 20; geteuid() = 0; getegid() = 20
    Copied /private/var/folders/sj/yy52lxv500j_zw1gy9ww_2d00000gr/T/Tunnelblick-ii1MMt/frederiekpascal__ssl_vpn_config (1).tblk
    to /Users/frederiek/Library/Application Support/Tunnelblick/Configurations/frederiekpascal__ssl_vpn_config (1).tblk.temp
    Renamed /Users/frederiek/Library/Application Support/Tunnelblick/Configurations/frederiekpascal__ssl_vpn_config (1).tblk.temp
    to /Users/frederiek/Library/Application Support/Tunnelblick/Configurations/frederiekpascal__ssl_vpn_config (1).tblk
    Changed ownership of /Users/frederiek/Library/Application Support/Tunnelblick/Configurations/frederiekpascal__ssl_vpn_config (1).tblk and its contents from 504:20 to 504:80
    Copied /Users/frederiek/Library/Application Support/Tunnelblick/Configurations/frederiekpascal__ssl_vpn_config (1).tblk
    to /Library/Application Support/Tunnelblick/Users/frederiek/frederiekpascal__ssl_vpn_config (1).tblk.temp
    Renamed /Library/Application Support/Tunnelblick/Users/frederiek/frederiekpascal__ssl_vpn_config (1).tblk.temp
    to /Library/Application Support/Tunnelblick/Users/frederiek/frederiekpascal__ssl_vpn_config (1).tblk
    Changed ownership of /Library/Application Support/Tunnelblick/Users/frederiek/frederiekpascal__ssl_vpn_config (1).tblk and its contents from 504:80 to 0:0
    Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/frederiek/frederiekpascal__ssl_vpn_config (1).tblk
    Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/frederiek/frederiekpascal__ssl_vpn_config (1).tblk/Contents
    Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/frederiek/frederiekpascal__ssl_vpn_config (1).tblk/Contents/Resources
    Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Users/frederiek/frederiekpascal__ssl_vpn_config (1).tblk/Contents/Resources/config.ovpn
    Created secure (shadow) copy of frederiekpascal__ssl_vpn_config (1).tblk
    Tunnelblick installer finished without error
    2019-12-22 17:32:58.309741 Tunnelblick[15280] Can't find Keychain item to delete: service = 'Tunnelblick-Auth-frederiekpascal__ssl_vpn_config (1)'; account = 'username'; status was -25300: 'The specified item could not be found in the keychain.'
    2019-12-22 17:32:58.348847 Tunnelblick[15280] Can't find Keychain item to delete: service = 'Tunnelblick-Auth-frederiekpascal__ssl_vpn_config (1)'; account = 'password'; status was -25300: 'The specified item could not be found in the keychain.'

  • These are the settings of my ISP modem (sorry in dutch)

    and on my Sophos