tunnelblick icon Tunnelblick free software for OpenVPN on macOS We need translators for several languages…
Home Downloads Support Documents Issues Source Contribute Contact

Highlighted Articles
  Installing Tunnelblick
  Uninstalling Tunnelblick
  Setting up Configurations
  Using Tunnelblick
  Getting VPN Service
  Common Problems
  Configuring OpenVPN
  Release Notes

Discussion Group
  Read Before You Post

Tunnelblick and macOS Catalina

The following is the current status of issues that have been identified using Tunnelblick 3.7.8beta04 on macOS Catalina Beta 3 – "macOS Catalina Version 10.15 Beta (19A501i)"

If you are not using the latest beta of macOS or Tunnelblick, please update them!

OPEN: Restarting the computer is required by macOS before connecting some configurations for the first time.

If a configuration requires a "tun" or "tap" system extension, the first time Tunnelblick asks macOS to load the appropriate system extension, macOS will tell the user that they must give permission to load system extensions signed by "Jonathan Bullard" in System Preferences : Security & Privacy : General. If the user give such permission by clicking "Allow", macOS must restart the computer before the permission will be honored. After you have given the permission and restarted the computer, you may then connect the VPN configuration normally.

Tests indicate that this is a "one time" requirement. Once permission has been granted and the computer restarted, no further action is needed. Tunnelblick will be able to load both "tun" and "tap" system extensions for any configuration without user interaction, and that ability will persist after computer restarts, "safe boots", and updates to Tunnelblick.


  1. This is a new requirement in Developer Beta 3; it is not known if it will be included in the final version of Catalina.
  2. If you are using a "tun" VPN, you can avoid needing to load the "tun" system extension. See the note at the start of Errors Loading Kexts (Device Drivers).

PARTIALLY RESOLVED: Catalina refuses to open a downloaded Tunnelblick disk image, saying it is "from an unidentified developer".

This problem was partially fixed in Catalina beta 3. Catalina beta 3 opens the disk image, but it fails to note that the disk image has been scanned and is free of malware.

This is apparently a bug in Catalina beta 2. It doesn't happen on macOS Mojave and it doesn't happen on Catalina using disk images that are not notarized. It happens on Catalina with several notarized disk images, including Tunnelblick's and others.

Workaround: Open the disk image by Control-clicking it and selecting "Open". You'll again be told it is from an unidentified developer, but you can click the "Open" button to open the disk image. Once the disk image has been opened, you can double-click the Tunnelblick icon to install Tunnelblick without further warnings.

RESOLVED: "Installation or repair took too long or failed" appears when trying to install Tunnelblick.

This problem was fixed in Tunnelblick 3.8.0beta04. It was reported as Issue #559.

If you have this problem while trying to install Tunnelblick 3.8.0beta04 , please send the contents of /tmp/tunnelblick-installer-log.txt in an email to developers@tunnelblick.net.

RESOLVED: "System Requirements Not Met: the tmp system folder (/tmp) is not secure" appears each time Tunnelblick is launched.

This problem was fixed in Tunnelblick 3.8.0beta03.

See Permissions check is broken for MacOS Catalina (/tmp folder stored in System Volume).

Workaround: Click "Continue".

(This page was updated 2019-07-08.)

  Deutsch     Français     中文(简体)     Русский     Español     日本語     …