Comments on: Correct Way to set up OpenVPN Client on Mac OS X http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/ Thoughts, Projects, Happenings, Ideas Mon, 06 Feb 2012 19:37:30 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: » OpenVPN: Update Client DNS on Mac OS X using from the command line. http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/comment-page-1/#comment-2343 » OpenVPN: Update Client DNS on Mac OS X using from the command line. Mon, 24 Oct 2011 17:06:09 +0000 http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/#comment-2343 [...] reason, even if use DHCP on the VPN server, OS X won't use the assigned DNS server(s). It's been recommended to use scutil, but the scripts are crazy long and I've read the resolver order sometimes gets reset [...] [...] reason, even if use DHCP on the VPN server, OS X won't use the assigned DNS server(s). It's been recommended to use scutil, but the scripts are crazy long and I've read the resolver order sometimes gets reset [...]

]]> By: Guide to Setting up OpenVPN and Tunnelblick | Brendan Sheehy http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/comment-page-1/#comment-2156 Guide to Setting up OpenVPN and Tunnelblick | Brendan Sheehy Wed, 24 Nov 2010 15:33:23 +0000 http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/#comment-2156 [...] Download this script: tap-up-down.sh (Original Location) [...] [...] Download this script: tap-up-down.sh (Original Location) [...]

]]> By: Tunnelblick gives the error “write to TUN/TAP : Input/output error (code=5)” Drija http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/comment-page-1/#comment-2151 Tunnelblick gives the error “write to TUN/TAP : Input/output error (code=5)” Drija Sat, 13 Nov 2010 12:35:25 +0000 http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/#comment-2151 [...] the steps in this post, received no change in behaviour (though I was missing some of the folders, and changed them [...] [...] the steps in this post, received no change in behaviour (though I was missing some of the folders, and changed them [...]

]]> By: Patrick http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/comment-page-1/#comment-1959 Patrick Sat, 04 Sep 2010 03:14:17 +0000 http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/#comment-1959 I'm running 10.6.4, and this script works, but after 5-10 minutes, the newly added resolver disappears, and DNS queries go haywire. Any suggestions? I’m running 10.6.4, and this script works, but after 5-10 minutes, the newly added resolver disappears, and DNS queries go haywire. Any suggestions?

]]> By: Wes http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/comment-page-1/#comment-1611 Wes Wed, 21 Apr 2010 05:02:05 +0000 http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/#comment-1611 Using Tunnelblick 3.0 (Build 1437). If you have the "Set nameserver" flag in the UI set then up scripts are not executed. I added the following line to invoke the standard up script as part of tap-up-down.sh. You may have Tunnelblick installed in a different directory, so modify, as appropriate. up) # Invoke standard up script before setting tap0 to DHCP /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.osx.sh $1 I've put something in the down) section, but I'm not sure it's needed. This is a known issue in the current Tunnelblick builds (http://code.google.com/p/tunnelblick/wiki/KnownIssues). Using Tunnelblick 3.0 (Build 1437). If you have the “Set nameserver” flag in the UI set then up scripts are not executed. I added the following line to invoke the standard up script as part of tap-up-down.sh. You may have Tunnelblick installed in a different directory, so modify, as appropriate.

up)
# Invoke standard up script before setting tap0 to DHCP
/Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.osx.sh $1

I’ve put something in the down) section, but I’m not sure it’s needed.

This is a known issue in the current Tunnelblick builds (http://code.google.com/p/tunnelblick/wiki/KnownIssues).

]]> By: Anonymous http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/comment-page-1/#comment-1587 Anonymous Wed, 24 Feb 2010 16:18:22 +0000 http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/#comment-1587 scutil –dns does not work on 10.4 scutil –dns does not work on 10.4

]]> By: Correct way to set up OpenVPN client on Mac OSX | Nixadmins.net http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/comment-page-1/#comment-1499 Correct way to set up OpenVPN client on Mac OSX | Nixadmins.net Sat, 24 Oct 2009 13:47:11 +0000 http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/#comment-1499 [...] So checkout the article at http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/ [...] [...] So checkout the article at http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/ [...]

]]> By: brent http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/comment-page-1/#comment-1186 brent Mon, 07 Jul 2008 18:50:38 +0000 http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/#comment-1186 We use the webmin plugin (OpenVPN + CA) to manage 3 instances of OpenVPN and two CAs. It's very easy to use - although requires that the CA reside on the OpenVPN server, which could lack some security. I would recommend it. We use the webmin plugin (OpenVPN + CA) to manage 3 instances of OpenVPN and two CAs. It’s very easy to use – although requires that the CA reside on the OpenVPN server, which could lack some security.
I would recommend it.

]]> By: Rola http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/comment-page-1/#comment-1178 Rola Wed, 18 Jun 2008 17:43:16 +0000 http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/#comment-1178 Hi. i'm just a beginner in using openvpn, let alone using it on mac os. Can anyone point me to where i can find some documentation on how to set up the Certificate Authority (CA) and generate certificates and keys for an OpenVPN server and client? Thanks Hi.

i’m just a beginner in using openvpn, let alone using it on mac os. Can anyone point me to where i can find some documentation on how to set up the Certificate Authority (CA) and generate certificates and keys for an OpenVPN server and client?

Thanks

]]> By: Hartleigh http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/comment-page-1/#comment-978 Hartleigh Thu, 24 Jan 2008 04:58:57 +0000 http://www.mccambridge.org/blog/2007/10/correct-way-to-set-up-openvpn-client-on-mac-os-x/#comment-978 Fixed it! I removed the down ./tap-up-down.sh line from the config file and now everything works as it should. Config file now looks like this... <i>verb 1 client dev tap proto udp remote xxx.xxx.xxx.xxx 1194 ca "ca.crt" tls-auth "ta.key" 1 comp-lzo auth-user-pass </i><i>up ./tap-up-down.sh</i> Fixed it!

I removed the down ./tap-up-down.sh line from the config file and now everything works as it should. Config file now looks like this…

verb 1
client
dev tap
proto udp
remote xxx.xxx.xxx.xxx 1194
ca “ca.crt”
tls-auth “ta.key” 1
comp-lzo
auth-user-pass
up ./tap-up-down.sh

]]>