I'm trying to set up an openvpn server/client on a AWS server (free tier).
I've followed this tutorial:
https://www.comparitech.com/blog/vpn-pr ... -services/
Btw, the result is that Tunnelblick can't connect to the server because (i think so) of th iptable.
Indeed, i'm using a LTE router TPLINK with DHCP so i think i have a public ip relating to my operator gateway and also an other IP forwarding to me.
Furthemore i've a local ip 192.168.X.X on the mac i try to connect to the server...
And i think i'll also have a problem with the dns...
What kind of config file do i need to custom?
Here is the tunnelblick log when i'm trying to connect the server:
Any help ?*Tunnelblick: OS X 10.11.3; Tunnelblick 3.6.9 (build 4685)
2017-01-08 21:41:40 *Tunnelblick: Attempting connection with myconfig; Set nameserver = 769; monitoring connection
2017-01-08 21:41:40 *Tunnelblick: openvpnstart start myconfig.tblk 1337 769 0 3 0 1098544 -ptADGNWradsgnw 2.3.12-openssl-1.0.2j
2017-01-08 21:41:40 *Tunnelblick: openvpnstart log:
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.12-openssl-1.0.2j/openvpn
--daemon
--log
/Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-Smyconfig.tblk-SContents-SResources-Sconfig.ovpn.769_0_3_0_1098544.1337.openvpn.log
--cd
/Library/Application Support/Tunnelblick/Shared/myconfig.tblk/Contents/Resources
--verb
3
--config
/Library/Application Support/Tunnelblick/Shared/myconfig.tblk/Contents/Resources/config.ovpn
--verb
3
--cd
/Library/Application Support/Tunnelblick/Shared/myconfig.tblk/Contents/Resources
--management
127.0.0.1
1337
--management-query-passwords
--management-hold
--redirect-gateway
def1
--script-security
2
--route-up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
2017-01-08 21:41:40 *Tunnelblick: Established communication with OpenVPN
2017-01-08 21:41:40 OpenVPN 2.3.12 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Nov 17 2016
2017-01-08 21:41:40 library versions: OpenSSL 1.0.2j 26 Sep 2016, LZO 2.09
2017-01-08 21:41:40 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
2017-01-08 21:41:40 Need hold release from management interface, waiting...
2017-01-08 21:41:40 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
2017-01-08 21:41:40 MANAGEMENT: CMD 'pid'
2017-01-08 21:41:40 MANAGEMENT: CMD 'state on'
2017-01-08 21:41:40 MANAGEMENT: CMD 'state'
2017-01-08 21:41:40 MANAGEMENT: CMD 'bytecount 1'
2017-01-08 21:41:40 MANAGEMENT: CMD 'hold release'
2017-01-08 21:41:40 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2017-01-08 21:41:40 Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2017-01-08 21:41:40 WARNING: this cipher's block size is less than 128 bit (64 bit). Consider using a --cipher with a larger block size.
2017-01-08 21:41:40 Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2017-01-08 21:41:40 Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2017-01-08 21:41:40 WARNING: this cipher's block size is less than 128 bit (64 bit). Consider using a --cipher with a larger block size.
2017-01-08 21:41:40 Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2017-01-08 21:41:40 Socket Buffers: R=[131072->131072] S=[131072->131072]
2017-01-08 21:41:40 MANAGEMENT: >STATE:1483908100,RESOLVE,,,
2017-01-08 21:41:40 Opened utun device utun0
2017-01-08 21:41:40 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
2017-01-08 21:41:40 MANAGEMENT: >STATE:1483908100,ASSIGN_IP,,10.4.0.2,
2017-01-08 21:41:40 /sbin/ifconfig utun0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2017-01-08 21:41:40 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2017-01-08 21:41:40 /sbin/ifconfig utun0 10.4.0.2 10.4.0.1 mtu 1500 netmask 255.255.255.255 up
2017-01-08 21:41:40 /sbin/route add -net 35.166.99.72 192.168.0.1 255.255.255.255
add net 35.166.99.72: gateway 192.168.0.1
2017-01-08 21:41:40 /sbin/route add -net 0.0.0.0 10.4.0.1 128.0.0.0
add net 0.0.0.0: gateway 10.4.0.1
2017-01-08 21:41:40 /sbin/route add -net 128.0.0.0 10.4.0.1 128.0.0.0
add net 128.0.0.0: gateway 10.4.0.1
**********************************************
Start of output from client.up.tunnelblick.sh
2017-01-08 21:41:40 *Tunnelblick: openvpnstart starting OpenVPN
NOTE: No network configuration changes need to be made.
WARNING: Will NOT monitor for other network configuration changes.
WARNING: Will NOT disable IPv6 settings.
DNS servers '192.168.0.1' will be used for DNS queries when the VPN is active
NOTE: The DNS servers do not include any free public DNS servers known to Tunnelblick. This may cause DNS queries to fail or be intercepted or falsified even if they are directed through the VPN. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.
Flushed the DNS cache via dscacheutil
/usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
Notified mDNSResponder that the DNS cache was flushed
End of output from client.up.tunnelblick.sh
**********************************************
2017-01-08 21:41:42 Attempting to establish TCP connection with [AF_INET]35.166.99.72:1194 [nonblock]
2017-01-08 21:41:42 MANAGEMENT: >STATE:1483908102,TCP_CONNECT,,,
2017-01-08 21:41:52 TCP: connect to [AF_INET]35.166.99.72:1194 failed, will try again in 5 seconds: Operation timed out
Thanks,
Ed4.