Cannot access HDA from Mac with OpenVPN and TunnelBlick

[cpeddie]

Hi,

I have my HDA up and running, installed the one-click OpenVPN app. Opened the port on my router. When I click on the openvpn-tester on the Control Panel, it comes up green and tells me it's time to install clients. So far so good. Downloaded tunnelblick and have created a configuration, but does not work. I created it using the files AmahiHDAClient.crt, AmahiHDAClient.key and ca-cert.crt found on the VPN Android wiki page. The config.ovpn file has the following in it:
client
;dev tap
dev tun
;dev-node MyTap
;proto tcp
proto udp
remote 71.92.241.116 1194
;remote my-server-2 1194
;remote-random
resolv-retry infinite
nobind
group nobody
persist-key
persist-tun
;mute-replay-warnings
ca ca-cert.crt
cert AmahiHDAClient.crt
key AmahiHDAClient.key
;ns-cert-type server
;tls-auth ta.key 1
;cipher x
comp-lzo
verb 3
;mute 20

Never successfully connected. Here is output from the tunnelblick log:

2014-03-21 11:07:45 *Tunnelblick: OS X 10.9.2; Tunnelblick 3.4beta20 (build 3727)
2014-03-21 11:07:46 *Tunnelblick: Attempting connection with peddieHDA-2; Set nameserver = 1; monitoring connection
2014-03-21 11:07:46 *Tunnelblick: openvpnstart start peddieHDA-2.tblk 1337 1 0 3 0 305 -ptADGNWradsgnw 2.2.1
2014-03-21 11:07:46 *Tunnelblick: openvpnstart log:
Loading tun-signed.kext

OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):

/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn
--cd
/Library/Application Support/Tunnelblick/Shared/peddieHDA-2.tblk/Contents/Resources
--daemon
--management
127.0.0.1
1337
--config
/Library/Application Support/Tunnelblick/Shared/peddieHDA-2.tblk/Contents/Resources/config.ovpn
--log
/Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-SpeddieHDA--2.tblk-SContents-SResources-Sconfig.ovpn.1_0_3_0_305.1337.openvpn.log
--management-query-passwords
--management-hold
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -f -ptADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -f -ptADGNWradsgnw

2014-03-21 11:07:46 *Tunnelblick: Established communication with OpenVPN
2014-03-21 11:07:46 OpenVPN 2.2.1 i386-apple-darwin10.8.0 [SSL] [LZO2] [PKCS11] [eurephia] built on Jan 6 2014
2014-03-21 11:07:46 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2014-03-21 11:07:46 Need hold release from management interface, waiting...
2014-03-21 11:07:46 MANAGEMENT: Client connected from 127.0.0.1:1337
2014-03-21 11:07:46 MANAGEMENT: CMD 'pid'
2014-03-21 11:07:46 MANAGEMENT: CMD 'state on'
2014-03-21 11:07:46 MANAGEMENT: CMD 'state'
2014-03-21 11:07:46 MANAGEMENT: CMD 'bytecount 1'
2014-03-21 11:07:46 MANAGEMENT: CMD 'hold release'
2014-03-21 11:07:46 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2014-03-21 11:07:46 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2014-03-21 11:07:46 LZO compression initialized
2014-03-21 11:07:46 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
2014-03-21 11:07:46 Socket Buffers: R=[196724->65536] S=[9216->65536]
2014-03-21 11:07:46 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
2014-03-21 11:07:46 Local Options hash (VER=V4): '41690919'
2014-03-21 11:07:46 Expected Remote Options hash (VER=V4): '530fdded'
2014-03-21 11:07:46 UDPv4 link local: [undef]
2014-03-21 11:07:46 UDPv4 link remote: 71.92.241.116:1194
2014-03-21 11:07:46 MANAGEMENT: >STATE:1395425266,WAIT,,,
2014-03-21 11:07:46 MANAGEMENT: >STATE:1395425266,AUTH,,,
2014-03-21 11:07:46 TLS: Initial packet from 71.92.241.116:1194, sid=e84071f6 d1317f77
2014-03-21 11:07:46 VERIFY OK: depth=1, /C=US/ST=CA/L=SanJose/O=HomeHDA/OU=VPN/CN=yourhda.com/emailAddress=info@homehda.com
2014-03-21 11:07:46 VERIFY OK: depth=0, /C=US/ST=CA/L=SanJose/O=HomeHDA/OU=VPN/CN=server/emailAddress=info@homehda.com
2014-03-21 11:07:46 *Tunnelblick: openvpnstart starting OpenVPN
2014-03-21 11:08:46 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2014-03-21 11:08:46 TLS Error: TLS handshake failed
2014-03-21 11:08:46 TCP/UDP: Closing socket
2014-03-21 11:08:46 SIGUSR1[soft,tls-error] received, process restarting
2014-03-21 11:08:46 MANAGEMENT: >STATE:1395425326,RECONNECTING,tls-error,,
2014-03-21 11:08:46 MANAGEMENT: CMD 'hold release'
2014-03-21 11:08:46 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2014-03-21 11:08:46 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2014-03-21 11:08:46 Re-using SSL/TLS context
2014-03-21 11:08:46 LZO compression initialized
2014-03-21 11:08:46 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
2014-03-21 11:08:46 Socket Buffers: R=[196724->65536] S=[9216->65536]
2014-03-21 11:08:46 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
2014-03-21 11:08:46 Local Options hash (VER=V4): '41690919'
2014-03-21 11:08:46 Expected Remote Options hash (VER=V4): '530fdded'
2014-03-21 11:08:46 UDPv4 link local: [undef]
2014-03-21 11:08:46 UDPv4 link remote: 71.92.241.116:1194
2014-03-21 11:08:46 MANAGEMENT: >STATE:1395425326,WAIT,,,
2014-03-21 11:08:46 MANAGEMENT: >STATE:1395425326,AUTH,,,
2014-03-21 11:08:46 TLS: Initial packet from 71.92.241.116:1194, sid=6204de49 3061b8a2
2014-03-21 11:08:46 VERIFY OK: depth=1, /C=US/ST=CA/L=SanJose/O=HomeHDA/OU=VPN/CN=yourhda.com/emailAddress=info@homehda.com
2014-03-21 11:08:46 VERIFY OK: depth=0, /C=US/ST=CA/L=SanJose/O=HomeHDA/OU=VPN/CN=server/emailAddress=info@homehda.com
2014-03-21 11:09:46 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2014-03-21 11:09:46 TLS Error: TLS handshake failed
2014-03-21 11:09:46 TCP/UDP: Closing socket


What am I doing wrong?

Thanks.....

[ambient711]

I am sure your question was probably figured out by now. But I didn't have any luck with TunnelBlick either. I would instead recommend using Viscosity. I have been using it for years now and it works like a charm. Never had any issues both with my HDA or other VPN providers.

https://www.sparklabs.com/viscosity/

Austin