Streisand: Tunnelblick instructions should instruct to use OpenVPN v >= 2.4

Created on 27 Mar 2018  路  8Comments  路  Source: StreisandEffect/streisand

The generated instructions for OpenVPN on macOS should specify the usage of an OpenVPN version of >= 2.4 as tls-crypt now requires this.

Tunnelblick bundles several versions of OpenVPN and defaults to a v2.3 series, which does not work with our generated configurations.

areopenvpn kindocs kinupdate

Most helpful comment

@alimakki Happens to me using Mac, as well.

All 8 comments

I get also the following warning before connecting my AWS instance with generated configuration on Tunnelblick 3.7.5a (build 5011):

Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:3: block-outside-dns (2.4.4)

@deniztoprak that can be safely ignored, it's a quirk for Windows clients to prevent dns leaks.

@alimakki Happens to me using Mac, as well.

@pandemicsoul, what version of tunnelblick are you using?

@alimakki Having same issue with unrecognized block-outside-dns here on mac with Tunnelblick 3.7.5a

Tunnelblick 3.7.5a (build 5011) on MacOS, same bug. I get this error every time I connect to VPN.

According to logs and settings, Tunnelblick uses OpenVPN 2.4.4

2018-05-02 10:53:17 OpenVPN 2.4.4 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Mar 27 2018

The latest tunnelblick builds are clever enough to automatically detect which version of OpenVPN to use.

Having same issue with unrecognized block-outside-dns here on mac with Tunnelblick 3.7.5a

It is possible to ignore block-outside-dns macOS Tunnelblick warning by adding this line to local cofiguration:

pull-filter ignore "block-outside-dns"
Was this page helpful?
0 / 5 - 0 ratings

Related issues

NightMachinary picture NightMachinary  路  5Comments

M-Razavi picture M-Razavi  路  5Comments

alphazo picture alphazo  路  5Comments

sudoyum999 picture sudoyum999  路  4Comments

damko picture damko  路  5Comments