Open VPN mitm, DNS, Error

Post your questions about VPN Gate Academic Experiment Service here. Please answer questions if you can afford.
Post Reply
feiercrack
Posts: 2
Joined: Tue Jun 19, 2018 2:19 pm

Open VPN mitm, DNS, Error

Post by feiercrack » Tue Jun 19, 2018 2:35 pm

hi,

still get this errors.

i already delete all configs, then re-ad one.

still the same

macOS Hi-Sierra 10.13.5

Log:

*Tunnelblick: OS X 10.13.5; Tunnelblick 3.7.6 (build 5060); prior version 3.7.5a (build 5011)
2018-06-19 16:25:18 *Tunnelblick: Attempting connection with vpngate_vpn286957072.opengw.net_udp_1431-1 using shadow copy; Set nameserver = 769; monitoring connection
2018-06-19 16:25:18 *Tunnelblick: openvpnstart start vpngate_vpn286957072.opengw.net_udp_1431-1.tblk 60263 769 0 1 0 1065264 -ptADGNWradsgnw 2.4.6-openssl-1.0.2o
2018-06-19 16:25:19 *Tunnelblick: openvpnstart log:
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):

/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.4.6-openssl-1.0.2o/openvpn
--daemon
--log
/Library/Application Support/Tunnelblick/Logs/-SUsers-Schech-SLibrary-SApplication Support-STunnelblick-SConfigurations-Svpngate_vpn286957072.opengw.net_udp_1431--1.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_1065264.60263.openvpn.log
--cd
/Library/Application Support/Tunnelblick/Users/chech/vpngate_vpn286957072.opengw.net_udp_1431-1.tblk/Contents/Resources
--setenv
IV_GUI_VER
"net.tunnelblick.tunnelblick 5060 3.7.6 (build 5060)"
--verb
3
--config
/Library/Application Support/Tunnelblick/Users/chech/vpngate_vpn286957072.opengw.net_udp_1431-1.tblk/Contents/Resources/config.ovpn
--verb
3
--cd
/Library/Application Support/Tunnelblick/Users/chech/vpngate_vpn286957072.opengw.net_udp_1431-1.tblk/Contents/Resources
--management
127.0.0.1
60263
/Library/Application Support/Tunnelblick/nkbdnfccagienbimdnmgojgpdeeinkemmadbmmfj.mip
--management-query-passwords
--management-hold
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw

2018-06-19 16:25:18 OpenVPN 2.4.6 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Jun 9 2018
2018-06-19 16:25:18 library versions: OpenSSL 1.0.2o 27 Mar 2018, LZO 2.10
2018-06-19 16:25:18 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:60263
2018-06-19 16:25:18 Need hold release from management interface, waiting...
2018-06-19 16:25:18 *Tunnelblick: openvpnstart starting OpenVPN
2018-06-19 16:25:19 *Tunnelblick: Established communication with OpenVPN
2018-06-19 16:25:19 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:60263
2018-06-19 16:25:19 MANAGEMENT: CMD 'pid'
2018-06-19 16:25:19 MANAGEMENT: CMD 'state on'
2018-06-19 16:25:19 MANAGEMENT: CMD 'state'
2018-06-19 16:25:19 MANAGEMENT: CMD 'bytecount 1'
2018-06-19 16:25:19 MANAGEMENT: CMD 'hold release'
2018-06-19 16:25:19 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2018-06-19 16:25:19 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-06-19 16:25:19 MANAGEMENT: >STATE:1529418319,RESOLVE,,,,,,
2018-06-19 16:25:19 TCP/UDP: Preserving recently used remote address: [AF_INET]113.148.130.195:1431
2018-06-19 16:25:19 Socket Buffers: R=[196724->196724] S=[9216->9216]
2018-06-19 16:25:19 UDP link local: (not bound)
2018-06-19 16:25:19 UDP link remote: [AF_INET]113.148.130.195:1431
2018-06-19 16:25:19 MANAGEMENT: >STATE:1529418319,WAIT,,,,,,
2018-06-19 16:25:20 MANAGEMENT: >STATE:1529418320,AUTH,,,,,,
2018-06-19 16:25:20 TLS: Initial packet from [AF_INET]113.148.130.195:1431, sid=af697592 cdef3cc1
2018-06-19 16:25:20 VERIFY OK: depth=2, C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
2018-06-19 16:25:20 VERIFY OK: depth=1, C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
2018-06-19 16:25:20 VERIFY OK: depth=0, OU=Domain Control Validated, OU=PositiveSSL Wildcard, CN=*.opengw.net
2018-06-19 16:25:21 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
2018-06-19 16:25:21 [*.opengw.net] Peer Connection Initiated with [AF_INET]113.148.130.195:1431
2018-06-19 16:25:22 MANAGEMENT: >STATE:1529418322,GET_CONFIG,,,,,,
2018-06-19 16:25:22 SENT CONTROL [*.opengw.net]: 'PUSH_REQUEST' (status=1)
2018-06-19 16:25:23 PUSH: Received control message: 'PUSH_REPLY,ping 3,ping-restart 10,ifconfig 10.211.1.13 10.211.1.14,dhcp-option DNS 10.211.254.254,dhcp-option DNS 8.8.8.8,route-gateway 10.211.1.14,redirect-gateway def1'
2018-06-19 16:25:23 OPTIONS IMPORT: timers and/or timeouts modified
2018-06-19 16:25:23 OPTIONS IMPORT: --ifconfig/up options modified
2018-06-19 16:25:23 OPTIONS IMPORT: route options modified
2018-06-19 16:25:23 OPTIONS IMPORT: route-related options modified
2018-06-19 16:25:23 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2018-06-19 16:25:23 Outgoing Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
2018-06-19 16:25:23 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
2018-06-19 16:25:23 Incoming Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
2018-06-19 16:25:23 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
2018-06-19 16:25:23 Opening utun (connect(AF_SYS_CONTROL)): Resource busy (errno=16)
2018-06-19 16:25:23 Opened utun device utun1
2018-06-19 16:25:23 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
2018-06-19 16:25:23 MANAGEMENT: >STATE:1529418323,ASSIGN_IP,,10.211.1.13,,,,
2018-06-19 16:25:23 /sbin/ifconfig utun1 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2018-06-19 16:25:23 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2018-06-19 16:25:23 /sbin/ifconfig utun1 10.211.1.13 10.211.1.14 mtu 1500 netmask 255.255.255.255 up
2018-06-19 16:25:23 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw utun1 1500 1557 10.211.1.13 10.211.1.14 init
**********************************************
Start of output from client.up.tunnelblick.sh
Retrieved from OpenVPN: name server(s) [ 10.211.254.254 8.8.8.8 ], search domain(s) [ ] and SMB server(s) [ ] and using default domain name [ openvpn ]
Not aggregating ServerAddresses because running on OS X 10.6 or higher
Setting search domains to 'openvpn' because running under OS X 10.6 or higher and the search domains were not set manually (or are allowed to be changed) and 'Prepend domain name to search domains' was not selected
Saved the DNS and SMB configurations so they can be restored
Changed DNS ServerAddresses setting from '192.168.178.10' to '10.211.254.251 8.8.8.8'
Changed DNS SearchDomains setting from '' to 'openvpn'
Changed DNS DomainName setting from 'router' to 'openvpn'
Did not change SMB NetBIOSName setting of ''
Did not change SMB Workgroup setting of ''
Did not change SMB WINSAddresses setting of ''
DNS servers '10.211.254.254 8.8.8.8' will be used for DNS queries when the VPN is active
NOTE: The DNS servers include one or more free public DNS servers known to Tunnelblick and one or more DNS servers not known to Tunnelblick. If used, the DNS servers not known to Tunnelblick may cause DNS queries to fail or be intercepted or falsified even if they are directed through the VPN. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.
Flushed the DNS cache via dscacheutil
/usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
Notified mDNSResponder that the DNS cache was flushed
Setting up to monitor system configuration with process-network-changes
End of output from client.up.tunnelblick.sh
**********************************************
2018-06-19 16:25:27 *Tunnelblick: No 'connected.sh' script to execute
2018-06-19 16:25:27 /sbin/route add -net 113.148.130.195 192.168.178.1 255.255.255.255
add net 113.148.130.195: gateway 192.168.178.10
2018-06-19 16:25:27 /sbin/route add -net 0.0.0.0 10.211.1.14 128.0.0.0
add net 0.0.0.0: gateway 10.211.1.14
2018-06-19 16:25:27 /sbin/route add -net 128.0.0.0 10.211.1.14 128.0.0.0
add net 128.0.0.0: gateway 10.211.1.14
2018-06-19 16:25:27 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2018-06-19 16:25:27 Initialization Sequence Completed
2018-06-19 16:25:27 MANAGEMENT: >STATE:1529418327,CONNECTED,SUCCESS,10.211.1.13,113.148.130.195,1431,,
2018-06-19 16:25:32 *Tunnelblick process-network-changes: A system configuration change was ignored
2018-06-19 16:25:37 *Tunnelblick: This computer's apparent public IP address changed from xx.xxx.xxx.xxx before connection to 113.148.130.123 after connection

EndofFile:

What can be done?
Also there seems to be an DNS problem.
Finally, how can i add the auth-nocache flag and where?

P.S. How can i enable BBcode in here?

Many thanks in advance
Cheers

Post Reply