VPN ne se connecte plus avec Lion ?

[LedZeFred]

Bonjour,
J'ai un VPN "arethusa" qui a toujours bien fonctionné, jusqu'à Lion !
J'utilise Tunnelblick, ça se connecte 5s, puis ça se déconnecte, puis ça se reconnecte 5s, etc ....

Avez-vous une idée ? Apple a il changé quelque chose dans les réseaux ?
Merci d'avance

 

[bompi]

Il y a des changements du côté de la gestion des droits et aussi des petites bizarreries sur les services sans doute dues à ces changements.

Quels sont les messages d'erreur (dans system.log et/ou secure.log par exemple) ?

 

[iBorg]

FWIW, je n'ai pas de problème avec le mien (StrongVPN). Peut-être que le protocole est différent.

 

[LedZeFred]

Voici le Log :
2011-07-25 07:53:35 *Tunnelblick: OS X 10.7.0; Tunnelblick 3.1.7 (build 2190.2413); OpenVPN 2.1.4
2011-07-25 07:53:41 *Tunnelblick: Attempting connection with arethusa; Set nameserver = 1; monitoring connection
2011-07-25 07:53:41 *Tunnelblick: /Applications/Tunnelblick.app/Contents/Resources/openvpnstart start arethusa.ovpn 1338 1 0 0 0 49
2011-07-25 07:53:41 OpenVPN 2.1.4 i386-apple-darwin10.7.1 [SSL] [LZO2] [PKCS11] built on Mar 1 2011
2011-07-25 07:53:41 MANAGEMENT: TCP Socket listening on 127.0.0.1:1338
2011-07-25 07:53:41 Need hold release from management interface, waiting...
2011-07-25 07:53:41 *Tunnelblick: openvpnstart: /Applications/Tunnelblick.app/Contents/Resources/openvpn --cd /Users/fredericpetit/Library/Application Support/Tunnelblick/Configurations --daemon --management 127.0.0.1 1338 --config /Users/fredericpetit/Library/Application Support/Tunnelblick/Configurations/arethusa.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Sfredericpetit-SLibrary-SApplication Support-STunnelblick-SConfigurations-Sarethusa.ovpn.1_0_0_0_49.1338.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d --down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d --up-restart
2011-07-25 07:53:42 MANAGEMENT: Client connected from 127.0.0.1:1338
2011-07-25 07:53:42 MANAGEMENT: CMD 'pid'
2011-07-25 07:53:42 MANAGEMENT: CMD 'state on'
2011-07-25 07:53:42 MANAGEMENT: CMD 'state'
2011-07-25 07:53:42 MANAGEMENT: CMD 'hold release'
2011-07-25 07:53:42 MANAGEMENT: CMD 'username "Auth" "t7561"'
2011-07-25 07:53:42 MANAGEMENT: CMD 'password [...]'
2011-07-25 07:53:42 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2011-07-25 07:53:42 LZO compression initialized
2011-07-25 07:53:42 Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:0 ]
2011-07-25 07:53:42 Socket Buffers: R=[42080->65536] S=[9216->65536]
2011-07-25 07:53:42 MANAGEMENT: >STATE:1311573222,RESOLVE,,,
2011-07-25 07:53:42 RESOLVE: NOTE: p2p.tunsrv.s6n.net resolves to 3 addresses
2011-07-25 07:53:42 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
2011-07-25 07:53:42 Local Options hash (VER=V4): '22188c5b'
2011-07-25 07:53:42 Expected Remote Options hash (VER=V4): 'a8f55717'
2011-07-25 07:53:42 UDPv4 link local: [undef]
2011-07-25 07:53:42 UDPv4 link remote: 94.102.51.6:443
2011-07-25 07:53:42 MANAGEMENT: >STATE:1311573222,WAIT,,,
2011-07-25 07:53:42 MANAGEMENT: >STATE:1311573222,AUTH,,,
2011-07-25 07:53:42 TLS: Initial packet from 94.102.51.6:443, sid=47b0668e fbdd480a
2011-07-25 07:53:42 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2011-07-25 07:53:42 VERIFY OK: depth=1, /C=AQ/ST=Antarctica/L=Mount_Vinson/O=S6N/CN=S6N_CA/emailAddress=root@s6n.org
2011-07-25 07:53:42 VERIFY OK: nsCertType=SERVER
2011-07-25 07:53:42 VERIFY OK: depth=0, /C=AQ/ST=Antarctica/L=Mount_Vinson/O=S6N/CN=nl2.tunsrv.s6n.net/emailAddress=root@s6n.org
2011-07-25 07:53:42 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
2011-07-25 07:53:42 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-07-25 07:53:42 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
2011-07-25 07:53:42 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-07-25 07:53:42 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2011-07-25 07:53:42 [nl2.tunsrv.s6n.net] Peer Connection Initiated with 94.102.51.6:443
2011-07-25 07:53:42 *Tunnelblick: Obtained VPN username and password from the Keychain
2011-07-25 07:53:43 MANAGEMENT: >STATE:1311573223,GET_CONFIG,,,
2011-07-25 07:53:45 SENT CONTROL [nl2.tunsrv.s6n.net]: 'PUSH_REQUEST' (status=1)
2011-07-25 07:53:45 PUSH: Received control message: 'PUSH_REPLY,topology subnet,route-gateway 10.22.3.254,dhcp-option DNS 10.10.10.10,dhcp-option DNS 8.8.8.8,ping 10,ping-restart 120,ifconfig 10.22.3.7 255.255.255.0'
2011-07-25 07:53:45 OPTIONS IMPORT: timers and/or timeouts modified
2011-07-25 07:53:45 OPTIONS IMPORT: --ifconfig/up options modified
2011-07-25 07:53:45 OPTIONS IMPORT: route-related options modified
2011-07-25 07:53:45 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2011-07-25 07:53:45 ROUTE default_gateway=192.168.0.254
2011-07-25 07:53:45 TUN/TAP device /dev/tun0 opened
2011-07-25 07:53:45 MANAGEMENT: >STATE:1311573225,ASSIGN_IP,,10.22.3.7,
2011-07-25 07:53:45 /sbin/ifconfig tun0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2011-07-25 07:53:45 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2011-07-25 07:53:45 /sbin/ifconfig tun0 10.22.3.7 10.22.3.7 netmask 255.255.255.0 mtu 1500 up
2011-07-25 07:53:45 /sbin/route add -net 10.22.3.0 10.22.3.7 255.255.255.0
add net 10.22.3.0: gateway 10.22.3.7
2011-07-25 07:53:45 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d tun0 1500 1558 10.22.3.7 255.255.255.0 init
No such key
2011-07-25 07:53:45 /sbin/route add -net 94.102.51.6 192.168.0.254 255.255.255.255
add net 94.102.51.6: gateway 192.168.0.254
2011-07-25 07:53:45 /sbin/route add -net 0.0.0.0 10.22.3.254 128.0.0.0
add net 0.0.0.0: gateway 10.22.3.254
2011-07-25 07:53:45 /sbin/route add -net 128.0.0.0 10.22.3.254 128.0.0.0
add net 128.0.0.0: gateway 10.22.3.254
2011-07-25 07:53:45 Initialization Sequence Completed
2011-07-25 07:53:45 MANAGEMENT: >STATE:1311573225,CONNECTED,SUCCESS,10.22.3.7,94.102.51.6
2011-07-25 07:53:45 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such key' warnings are normal and may be ignored
2011-07-25 07:53:45 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and WINS configurations for later use
2011-07-25 07:53:45 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor system configuration with leasewatch
2011-07-25 07:53:45 *Tunnelblick: Flushed the DNS cache
2011-07-25 07:53:50 *Tunnelblick leasewatch: A network configuration change was detected
* DNS configuration has changed:
* --- BEGIN EXPECTED DNS CFG ---
* <dictionary> {
* DomainName : openvpn
* }
* ---- END EXPECTED DNS CFG ----
*
* --- BEGIN CURRENT DNS CFG ---
* <dictionary> {
* DomainName : openvpn
* SearchDomains : <array> {
* 0 : openvpn
* }
* ServerAddresses : <array> {
* 0 : 208.67.222.222
* 1 : 208.67.220.220
* }
* }
* ---- END CURRENT DNS CFG ----
*
* --- BEGIN PRE-VPN DNS CFG ---
* <dictionary> {
* ServerAddresses : <array> {
* 0 : 212.27.40.240
* 1 : 212.27.40.241
* }
* }
* ---- END PRE-VPN DNS CFG ----
* Sending USR1 to OpenVPN (process ID 18646) to restart the connection.

 

[bompi]

Je ne vois pas de message très parlant, désolé. Ce que tu peux toujours faire est désinstaller puis réinstaller l'application. Et, aussi, la mettre à jour : tu as la version 3.1.7 et une nouvelle version bêta semble conseillée (cf. ici).

 

[elamapi]

Tu peux aussi essayer de télécharger la version de demo de viscosity (un client openvpn, comme celui que tu utilise) pour tester.

 

[LedZeFred]

Merci Bompi
ça marche avec :http://code.google.com/p/tunnelblick/downloads/detail?name=Tunnelblick_3.2beta26.dmg