Ich hatte für mehrere Jahre den VPN Sever problemlos am laufen, seit ca. dem 1. Juni geht er nicht mehr.
Wenn ich anstelle der Dyn DNS die interne IP der NAS eintrage und mich intern im Netzwerk auf das OpenVPN verbinde funktioniert das Ganze. Nicht jedoch von "außerhalb". Der Router wurde nicht angefasst und hat sein letztes Update aus 2016. Portweiterleitungen sind auch alle gelistet.
Ich habe alles überprüft und bin so langsam echt ratlos, hat jemand eine Idee? Mein Internethoster ist Vodafone (Kabel Deutschland)
Wenn ich anstelle der Dyn DNS die interne IP der NAS eintrage und mich intern im Netzwerk auf das OpenVPN verbinde funktioniert das Ganze. Nicht jedoch von "außerhalb". Der Router wurde nicht angefasst und hat sein letztes Update aus 2016. Portweiterleitungen sind auch alle gelistet.
Ich habe alles überprüft und bin so langsam echt ratlos, hat jemand eine Idee? Mein Internethoster ist Vodafone (Kabel Deutschland)
Code:
*Tunnelblick: macOS 11.4 (20F71); Tunnelblick 3.8.4b (build 5602); prior version 3.8.4a (build 5601); Admin user
git commit da8c68736ed223969237fd6091edf43c99602fc5
The Tunnelblick.app process is not being translated
System Integrity Protection is enabled
Configuration VPNConfig_2
"Sanitized" condensed configuration file for /Users/patrick/Library/Application Support/Tunnelblick/Configurations/VPNConfig_2.tblk:
dev tun
tls-client
remote "SynologyIP" 1194
pull
proto udp
script-security 2
comp-lzo
reneg-sec 0
cipher AES-256-CBC
auth SHA512
auth-user-pass
<ca>
[Security-related line(s) omitted]
</ca>
================================================================================
Files in VPNConfig_2.tblk:
Contents/Resources/config.ovpn
================================================================================
Tunnelblick Kext Policy Data:
================================================================================
Configuration preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
-alwaysShowLoginWindow = 0
-lastConnectionSucceeded = 0
================================================================================
Wildcard preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
================================================================================
Program preferences:
launchAtNextLogin = 1
tunnelblickVersionHistory = (
"3.8.4b (build 5602)",
"3.8.4a (build 5601)",
"3.8.3 (build 5520)"
)
statusDisplayNumber = 0
lastLaunchTime = 647009072.697101
lastLanguageAtLaunchWasRTL = 0
connectionWindowDisplayCriteria = showWhenConnecting
maxLogDisplaySize = 102400
lastConnectedDisplayName = VPNConfig_2
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
NSWindow Frame ConnectingWindow = 1492 815 500 328 0 0 3440 1415
NSWindow Frame SUUpdateAlert = 1432 767 620 392 0 0 3440 1415
NSWindow Frame ListingWindow = 2476 597 500 422 0 0 3440 1417
detailsWindowFrameVersion = 5601
detailsWindowFrame = {{1283, 708}, {920, 470}}
detailsWindowLeftFrame = {{0, 0}, {167, 350}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = log
leftNavSelectedDisplayName = VPNConfig_2
AdvancedWindowTabIdentifier = connectingAndDisconnecting
haveDealtWithOldTunTapPreferences = 1
haveDealtWithOldLoginItem = 1
haveDealtWithAfterDisconnect = 1
SUEnableAutomaticChecks = 1
SUScheduledCheckInterval = 86400
SULastCheckTime = 2021-07-03 12:44:37 +0000
SUHasLaunchedBefore = 1
WebKitDefaultFontSize = 16
WebKitStandardFont = Times
================================================================================
Forced preferences:
(None)
================================================================================
Deployed forced preferences:
(None)
================================================================================
Tunnelblick Log:
2021-07-06 22:11:47.947449 *Tunnelblick: macOS 11.4 (20F71); Tunnelblick 3.8.4b (build 5602); prior version 3.8.4a (build 5601)
2021-07-06 22:11:48.446316 *Tunnelblick: Attempting connection with VPNConfig_2 using shadow copy; Set nameserver = 769; monitoring connection
2021-07-06 22:11:48.446736 *Tunnelblick: openvpnstart start VPNConfig_2.tblk 49842 769 0 1 0 1098032 -ptADGNWradsgnw 2.4.9-openssl-1.1.1k
2021-07-06 22:11:48.501744 *Tunnelblick: openvpnstart starting OpenVPN
2021-07-06 22:11:48.859271 OpenVPN 2.4.9 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Mar 25 2021
2021-07-06 22:11:48.859620 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
2021-07-06 22:11:48.899939 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:49842
2021-07-06 22:11:48.899968 Need hold release from management interface, waiting...
2021-07-06 22:11:49.710417 *Tunnelblick: openvpnstart log:
OpenVPN started successfully.
Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.4.9-openssl-1.1.1k/openvpn
--daemon
--log /Library/Application Support/Tunnelblick/Logs/-SUsers-Spatrick-SLibrary-SApplication Support-STunnelblick-SConfigurations-SVPNConfig_2.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_1098032.49842.openvpn.log
--cd /Library/Application Support/Tunnelblick/Users/patrick/VPNConfig_2.tblk/Contents/Resources
--machine-readable-output
--setenv IV_GUI_VER "net.tunnelblick.tunnelblick 5602 3.8.4b (build 5602)"
--verb 3
--config /Library/Application Support/Tunnelblick/Users/patrick/VPNConfig_2.tblk/Contents/Resources/config.ovpn
--setenv TUNNELBLICK_CONFIG_FOLDER /Library/Application Support/Tunnelblick/Users/patrick/VPNConfig_2.tblk/Contents/Resources
--verb 3
--cd /Library/Application Support/Tunnelblick/Users/patrick/VPNConfig_2.tblk/Contents/Resources
--management 127.0.0.1 49842 /Library/Application Support/Tunnelblick/damdheoeikdfdchbjpafmjcchcbogphadlpneadj.mip
--management-query-passwords
--management-hold
--script-security 2
--route-up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
--down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
2021-07-06 22:11:49.716971 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:49842
2021-07-06 22:11:49.735161 MANAGEMENT: CMD 'pid'
2021-07-06 22:11:49.735201 MANAGEMENT: CMD 'auth-retry interact'
2021-07-06 22:11:49.735217 MANAGEMENT: CMD 'state on'
2021-07-06 22:11:49.735277 MANAGEMENT: CMD 'state'
2021-07-06 22:11:49.735327 MANAGEMENT: CMD 'bytecount 1'
2021-07-06 22:11:49.735764 *Tunnelblick: Established communication with OpenVPN
2021-07-06 22:11:49.737718 *Tunnelblick: >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info
2021-07-06 22:11:49.739370 MANAGEMENT: CMD 'hold release'
2021-07-06 22:11:56.364331 MANAGEMENT: CMD 'username "Auth" "patrick"'
2021-07-06 22:11:56.364371 MANAGEMENT: CMD 'password [...]'
2021-07-06 22:11:56.382007 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2021-07-06 22:11:56.382109 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2021-07-06 22:11:56.418394 MANAGEMENT: >STATE:1625602316,RESOLVE,,,,,,
2021-07-06 22:11:56.456994 TCP/UDP: Preserving recently used remote address: [AF_INET]"SynologyIP":1194
2021-07-06 22:11:56.457108 Socket Buffers: R=[786896->786896] S=[9216->9216]
2021-07-06 22:11:56.457137 UDP link local (bound): [AF_INET][undef]:1194
2021-07-06 22:11:56.457149 UDP link remote: [AF_INET]"SynologyIP":1194
2021-07-06 22:11:56.457199 MANAGEMENT: >STATE:1625602316,WAIT,,,,,,
2021-07-06 22:11:56.459868 MANAGEMENT: >STATE:1625602316,AUTH,,,,,,
2021-07-06 22:11:56.459892 TLS: Initial packet from [AF_INET]"SynologyIP":1194, sid=7e59246b b11b7e18
2021-07-06 22:11:56.459966 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2021-07-06 22:11:56.492019 VERIFY OK: depth=1, C=TW, ST=Taiwan, L=Taipei, O=Synology Inc., OU=Certificate Authority, CN=Synology Inc. CA, emailAddress=product@synology.com
2021-07-06 22:11:56.492273 VERIFY OK: depth=0, C=TW, ST=Taiwan, L=Taipei, O=Synology Inc., OU=FTP Team, CN=synology.com, emailAddress=product@synology.com
2021-07-06 22:11:57.571785 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
2021-07-06 22:11:57.571860 [synology.com] Peer Connection Initiated with [AF_INET]"SynologyIP":1194
2021-07-06 22:11:58.841645 MANAGEMENT: >STATE:1625602318,GET_CONFIG,,,,,,
2021-07-06 22:11:58.841706 SENT CONTROL [synology.com]: 'PUSH_REQUEST' (status=1)
2021-07-06 22:11:58.842684 AUTH: Received control message: AUTH_FAILED
2021-07-06 22:11:58.842892 SIGUSR1[soft,auth-failure] received, process restarting
2021-07-06 22:11:58.842906 MANAGEMENT: >STATE:1625602318,RECONNECTING,auth-failure,,,,,
2021-07-06 22:12:04.157868 MANAGEMENT: CMD 'hold release'
2021-07-06 22:12:04.158030 MANAGEMENT: CMD 'hold release'
2021-07-06 22:12:07.919518 MANAGEMENT: CMD 'username "Auth" "patrick"'
2021-07-06 22:12:07.919565 MANAGEMENT: CMD 'password [...]'
2021-07-06 22:12:07.919580 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2021-07-06 22:12:07.919587 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2021-07-06 22:12:07.919865 TCP/UDP: Preserving recently used remote address: [AF_INET]"SynologyIP":1194
2021-07-06 22:12:07.919938 Socket Buffers: R=[786896->786896] S=[9216->9216]
2021-07-06 22:12:07.919963 UDP link local (bound): [AF_INET][undef]:1194
2021-07-06 22:12:07.919972 UDP link remote: [AF_INET]"SynologyIP":1194
2021-07-06 22:12:07.919988 MANAGEMENT: >STATE:1625602327,WAIT,,,,,,
2021-07-06 22:12:07.920915 MANAGEMENT: >STATE:1625602327,AUTH,,,,,,
2021-07-06 22:12:07.920935 TLS: Initial packet from [AF_INET]"SynologyIP":1194, sid=40fdd1bb 55dae4d8
2021-07-06 22:12:07.952771 VERIFY OK: depth=1, C=TW, ST=Taiwan, L=Taipei, O=Synology Inc., OU=Certificate Authority, CN=Synology Inc. CA, emailAddress=product@synology.com
2021-07-06 22:12:07.952904 VERIFY OK: depth=0, C=TW, ST=Taiwan, L=Taipei, O=Synology Inc., OU=FTP Team, CN=synology.com, emailAddress=product@synology.com
2021-07-06 22:12:09.031957 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
2021-07-06 22:12:09.032034 [synology.com] Peer Connection Initiated with [AF_INET]"SynologyIP":1194
2021-07-06 22:12:10.076712 MANAGEMENT: >STATE:1625602330,GET_CONFIG,,,,,,
2021-07-06 22:12:10.076785 SENT CONTROL [synology.com]: 'PUSH_REQUEST' (status=1)
2021-07-06 22:12:10.077850 AUTH: Received control message: AUTH_FAILED
2021-07-06 22:12:10.078044 SIGUSR1[soft,auth-failure] received, process restarting
2021-07-06 22:12:10.078062 MANAGEMENT: >STATE:1625602330,RECONNECTING,auth-failure,,,,,
2021-07-06 22:12:11.747181 *Tunnelblick: Disconnecting; user cancelled authorization or there was an error obtaining authorization
2021-07-06 22:12:11.890377 *Tunnelblick: Disconnecting using 'kill'
2021-07-06 22:12:12.177491 MANAGEMENT: CMD 'hold release'
2021-07-06 22:12:12.177576 MANAGEMENT: CMD 'hold release'
2021-07-06 22:12:12.184324 MANAGEMENT: Client disconnected
2021-07-06 22:12:12.184347 ERROR: could not read Auth username/password/ok/string from management interface
2021-07-06 22:12:12.184354 Exiting due to fatal error
2021-07-06 22:12:13.662560 *Tunnelblick: Expected disconnection occurred.
================================================================================
Down log:
21:59:01 *Tunnelblick: **********************************************
21:59:01 *Tunnelblick: Start of output from client.down.tunnelblick.sh
21:59:02 *Tunnelblick: WARNING: Not restoring network settings because no saved Tunnelblick DNS information was found.
21:59:02 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache
21:59:02 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
21:59:02 *Tunnelblick: End of output from client.down.tunnelblick.sh
21:59:02 *Tunnelblick: **********************************************
================================================================================
Previous down log:
13:06:13 *Tunnelblick: **********************************************
13:06:13 *Tunnelblick: Start of output from client.down.tunnelblick.sh
13:06:14 *Tunnelblick: WARNING: Not restoring network settings because no saved Tunnelblick DNS information was found.
13:06:14 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache
13:06:14 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
13:06:14 *Tunnelblick: End of output from client.down.tunnelblick.sh
13:06:14 *Tunnelblick: **********************************************
================================================================================
Network services:
An asterisk (*) denotes that a network service is disabled.
Loupedeck
Ethernet
Ethernet 2
Bluetooth PAN
iPhone
Wi-Fi
Wi-Fi Power (en1): On
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.51.68.120 netmask 0xff000000
nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
XHC0: flags=0<> mtu 0
XHC20: flags=0<> mtu 0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=40b<RXCSUM,TXCSUM,VLAN_HWTAGGING,CHANNEL_IO>
ether b4:2e:99:37:28:fe
inet6 fe80::10fe:a004:916:5234%en0 prefixlen 64 secured scopeid 0x6
inet 192.168.1.44 netmask 0xffffff00 broadcast 192.168.1.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect (1000baseT <full-duplex>)
status: active
en2: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=40b<RXCSUM,TXCSUM,VLAN_HWTAGGING,CHANNEL_IO>
ether b4:2e:99:37:28:fc
inet6 fe80::1085:ab00:d71:76b9%en2 prefixlen 64 secured scopeid 0x7
inet 192.168.1.45 netmask 0xffffff00 broadcast 192.168.1.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect (1000baseT <full-duplex>)
status: active
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 98:01:a7:df:30:b1
inet6 fe80::c25:d91f:2086:b644%en1 prefixlen 64 secured scopeid 0x8
inet 192.168.1.112 netmask 0xffffff00 broadcast 192.168.1.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
p2p0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 2304
options=400<CHANNEL_IO>
ether 0a:01:a7:df:30:b1
media: autoselect
status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
options=400<CHANNEL_IO>
ether 1e:15:20:42:75:27
inet6 fe80::1c15:20ff:fe42:7527%awdl0 prefixlen 64 scopeid 0xa
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
llw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 1e:15:20:42:75:27
inet6 fe80::1c15:20ff:fe42:7527%llw0 prefixlen 64 scopeid 0xb
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::b11f:8a4f:aba:958%utun0 prefixlen 64 scopeid 0xc
nd6 options=201<PERFORMNUD,DAD>
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
inet6 fe80::8eac:6506:9c0d:690d%utun1 prefixlen 64 scopeid 0xd
nd6 options=201<PERFORMNUD,DAD>
utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::59ab:9710:ef89:bc99%utun2 prefixlen 64 scopeid 0xe
nd6 options=201<PERFORMNUD,DAD>
utun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::d9e2:2653:a928:6e26%utun3 prefixlen 64 scopeid 0xf
nd6 options=201<PERFORMNUD,DAD>
utun4: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::546:96df:3061:78dd%utun4 prefixlen 64 scopeid 0x10
nd6 options=201<PERFORMNUD,DAD>
utun5: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::30e:6036:d9da:9fa%utun5 prefixlen 64 scopeid 0x11
nd6 options=201<PERFORMNUD,DAD>
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
48 6 0 0x2e000 0x2e000 as.vit9696.Lilu (1.5.3) A4C0AB78-C141-3DC5-812F-93408D94A4D7 <8 6 5 3 2 1>
49 0 0 0x17f000 0x17f000 as.vit9696.AppleALC (1.6.0) DDD8C0F0-0F68-3097-B152-5DA55047637F <48 14 8 6 5 3 2 1>
50 0 0 0xd000 0xd000 org.acidanthera.NVMeFix (1.0.7) 423AF334-A79C-3DBF-8961-C8B4E3B0FBCA <48 8 6 5 3 2 1>
51 0 0 0x10000 0x10000 com.rehabman.driver.USBInjectAll (0.7.6) 6C5A1DEA-E541-3792-81AF-D18B6E8D4877 <14 13 5 3>
52 0 0 0x7c000 0x7c000 as.vit9696.WhateverGreen (1.4.9) B4E8EBA3-3363-3C53-82F0-D6EAA8006841 <48 14 8 6 5 3 2 1>
53 2 0 0x1a000 0x1a000 as.vit9696.VirtualSMC (1.2.3) 72DED745-B559-3CB5-9F88-CD9531E38098 <48 13 8 6 5 3 2 1>
54 0 0 0xf000 0xf000 as.vit9696.SMCProcessor (1.2.3) BFC5DA76-0C0D-384A-9636-6BC30911AB36 <53 48 13 8 6 5 3 2 1>
64 0 0 0x8000 0x8000 com.osy86.USBWakeFixup (1) 36390E0E-C19D-3B81-BDAD-AB8C7A147B8C <13 5 3>
73 0 0 0x1f000 0x1f000 ru.joedm.SMCSuperIO (1.2.3) 90895019-DB93-3E6C-95A2-E9F0C02915B7 <53 48 13 8 6 5 3 2 1>
74 0 0 0x2e000 0x2e000 com.smalltree.driver.SmallTreeIntel82576 (1.2.5) 0E5F5CDA-75BD-3359-8426-E494578D6491 <46 14 6 5 3 1>
80 0 0 0x2a000 0x2a000 as.acidanthera.mieze.IntelMausi (1.0.6) D50B793E-4D88-34B7-AE6D-CAC1C4FC87DC <46 14 6 5 3 1>
129 0 0xffffff7f9cdb5000 0x4000 0x4000 com.joshuawise.kexts.HoRNDIS (6) 2FF769BE-1667-3CE2-A8AE-C9D86BAF30D4 <66 46 6 5 3 1>
145 0 0xffffff7f9cd12000 0x5000 0x5000 com.contourdesign.shuttle.kext (3.2) 49F1DFAD-70D9-3DC6-9288-ED3CDB860EE8 <108 62 22 6 5 3>
156 0 0xffffff7f9cdfb000 0x3000 0x3000 com.Cycling74.driver.Soundflower (2) 2D779840-7439-31E5-8A66-D786C3F47B75 <121 6 5 3>
================================================================================
Quit Log:
2021-05-28 16:57:07.304707 applicationShouldTerminate: termination because of restart; delayed until 'shutdownTunnelblick' finishes)
2021-05-28 16:57:07.305369 shutDownTunnelblick: started.
2021-05-28 16:57:07.305591 shutDownTunnelblick: Starting cleanup.
2021-05-28 16:57:07.305832 cleanup: Entering cleanup
2021-05-28 16:57:07.306088 synchronized user defaults
2021-05-28 16:57:08.567457 Set up flag files for shutting down the computer and expecting all configurations to be disconnected
2021-05-28 16:57:08.567702 doDisconnectionsForShuttingDownComputer: Set 'expect disconnect 1 ALL'
2021-05-28 16:57:08.567901 Started disconnecting all configurations
2021-05-28 16:57:08.568076 Skipping cleanup because computer is shutting down or restarting
2021-05-28 16:57:08.568211 shutDownTunnelblick: Cleanup finished.
2021-05-28 16:57:08.568379 Finished shutting down Tunnelblick; allowing termination
================================================================================
Console Log: