Tunnelblick installation for MacOS To configure we used the ver. Mojave, quite similar to the other versions. Open the site and download the version of Tunnelblick. We recommend downloading the latest Stable version available. See full list on tunnelblick.net. Describe the bug When using any version of Tunnelblick (even latest betas) there seems to be an issue where sometimes the DNS will stop functioning for connections to OpenVPN Access Server on Mac OSX (Mojave) To Reproduce Steps to reprod. Describe the bug When using OpenVPN Access Server 2.6.1, with the settings as defined in Additional context regarding DNS, they are not properly set on OSX Mojave. For example, if I let Tunnelblick. Jul 27, 2018 Share your OpenVPN connection on MacOS Sierra,High Sierra,Mojave(10.12,10.13,10.14) I've written this script myself to make the process of sharing VPN connection on MacOS hassle free.

[22/05/2015: The content of this post is very very very out of date.]
[17/08/2020: Kext-deprecation note and comment added]

Due to deprecation of kernel extensions in MacOS (10.12 and newer) OpenVPN seems to be defunct on macOS (at least for private servers), please see my comment. I sincerely hope the TunnelBlick development team will take the time and effort to rebuild the client to use the new KPIs in macOS Big Sur, but latest response suggest they have no interest to do so :(

An OpenVPN Client is easy, just download Tunnelblick. But to connect to your own Mac or maybe a server you own or are the maintainer for at work, you will need an OpenVPN Server set-up. This is how you do it.

IMPORTANT NOTE: Jon Bullard (developer of TunnelBlick) has commented that with recent (beta) versions, much of this article is no longer needed. Please read his comment on the bottom of the article before doing all this :)

1. Install TunTap;

Download and install the package. This will allow your system to create virtual network devices. After install open the Terminal and type

2. Install XCODE if you haven’t already.

3. Install MacPorts if you haven’t already (http://macports.org)

4. Install openvpn

5. Switch to SuperUser mode. Be careful here, you can ruin a lot.

6. Duplicate the installed files to a more common and safe-from-overwrite location.

7. Edit the bottom 8 or so lines (of the vars file) to match your setup

8. Initialize the PKI (Public Key Infrastructure)

9. Now build a server-key

10. And create a key for your first client

Ofcourse, pinocchio is a sample username.

11. Create some other file I don’t know what it does but apparently is needed (Diffie Hellman parameters);

Certificates are created in the subfolder keys (full path /etc/openvpn/easy-rsa/2.0/keys)

12. Copy the files ca.crt, pinnochio.key and pinnochio.crt to a USB stick or very securely to the client machine. We’ll get to those in a different post.

13. Configure the server. Copy the server configuration file to a suitable location.

14 Edit the configuration.

Change the line

if you want to specify a certain IP-address the VPN server must respond to. Useful if you have multiple IP-addresses on your server and only a few are allowed to be used for VPN.

Change the lines

to match your set-up;

And change the line

to

Change the lines

to

And finally, if you want to allow VPN-connected machines to see each other, change the line

Tunnelblick Mojave Water

to

15. Last step; making the server run on boot;

Tunnelblick Mojave Beach

and copy/past this into the terminal;

Terminate input with CTRL+D

16. Fire up the server

17. Exit Super User mode

next post; setting up the client machine.

Highlighted Articles News Installing Tunnelblick Uninstalling Tunnelblick Setting up Configurations Using Tunnelblick Getting VPN Service Common Problems Configuring OpenVPN Release Notes Thanks FAQ Discussion Group Read Before You Post

Note: To use Tunnelblick you need access to a VPN server — your computer is one end of the tunnel and the VPN server is the other end. See Getting VPN Service for details. Tunnelblick comes as a ready-to-use application with all necessary binaries and drivers (including OpenVPN and tun/tap). No additional installation is necessary — just add your configuration and encryption information. Tunnelblick 3.6 runs on OS X 10.7 through macOS 10.12 ('Lion', 'Mountain Lion', 'Mavericks', 'Yosemite', 'El Capitan', and 'Sierra'). Tunnelblick 3.5 runs on OS X 10.5 through 10.11 ('Leopard', 'Snow Leopard', 'Lion', 'Mountain Lion', 'Mavericks', 'Yosemite', and 'El Capitan'). Tunnelblick 3.4 runs on OS X 10.4 through 10.9 ('Tiger', 'Leopard', 'Snow Leopard', 'Lion', 'Mountain Lion', and 'Mavericks'). Tunnelblick 3.3 runs on OS X 10.4 through 10.8 ('Tiger', 'Leopard', 'Snow Leopard', 'Lion', and 'Mountain Lion'). Tunnelblick 3.2 runs on OS X 10.4 through 10.7 ('Tiger', 'Leopard', 'Snow Leopard', and 'Lion'). It may or may not work for you on OS X 10.8 or 10.9 ('Mountain Lion' or 'Mavericks'). Tunnelblick 3.1 and 3.0 run on OS X 10.4 through 10.6 ('Tiger', 'Leopard', and 'Snow Leopard'). Tunnelblick 2.0.1 runs on OS X 10.3 ('Panther'). PowerPC only About PPC/Intel compatibility: Tunnelblick 3.6 and higher run on Intel processors only. Tunnelblick 3.0 - 3.5 are Universal applications, so they run on Intel or PPC processors. About 64-bit compatibility: Tunnelblick 3.6 and higher are 64-bit applications and run on modern versions of macOS. Tunnelblick 3.0 - 3.5 are 32-bit applications, so they run as an application in 32-bit mode on versions of OS X that support it. Tunnelblick 3.0 - 3.5 include Intel 32/64-bit versions of tun.kext and tap.kext. 32-bit kernels use the 32-bit tun/tap, and 64-bit kernels use the 64-bit tun/tap. Signed and unsigned kexts are included; Tunnelblick uses the signed kexts on OS X 10.9 ('Mavericks'); unsigned kexts are used on earlier versions of OS X. Tunnelblick 3.0 - 3.5 include 32-bit versions of OpenVPN for PPC, and 32/64-bit versions for Intel.