Once the configuration is adjusted and imported to Tunnelblick and Shimo, both applications were able to connect to the server properly. The 'settings' for the TLS handshake come from the OpenVPN configuration file and keys. In the nf (client configuration file) we had to add such a line: cipher BF-CBC It may seem to you that the 'settings' must be different for Tunnelblick, but they aren't, because the 'settings' have nothing to do with Tunnelblick, and Tunnelblick has nothing to do with the 'settings'. The solution is hidden in the Tunnelblick message. But apparently, the source of the problem is the same.
Looks completely different and tells nothing about the cipher issue. In other cases, Shimo is not connecting at all. In some cases, Shimo is connecting but the network is not working anymore once VPN is connected. This error already can shed some light on the issue, but let’s take a look at what is happening in Shimo. 13:00:55.580711 ERROR: Failed to apply push options Add the server's cipher ('BF-CBC') to -data-ciphers (currently 'AES-256-GCM:AES-128-GCM') if you want to connect to this server. Tunnelblick is not able to connect to the server, and in the logs, you can read: 13:00:55.580699 OPTIONS ERROR: failed to negotiate cipher with server.
Tunnelblick openvpn configuration mac#
The issue starts when it comes to Mac users.
Tunnelblick openvpn configuration android#
They are working fine on various platforms – OpenVPN clients in Windows, on Android phones, iPhones, Linux machines. The keys are generated on the EdgeRouter, and the configuration files are prepared to be used by the clients.
In one of our configurations, we are using EdgeRouter (Ubiquity EdgeRouter 12) to handle not only routing but also to act as an OpenVPN server. This is rather a specific situation, but I thought that it can be useful to share our expertise since someone else can have the same problem too.
0 kommentar(er)
