Setting up Configurations
Getting VPN Service
Read Before You Post
OpenVPN and OpenSSL Versions Included in Tunnelblick
Tunnelblick includes multiple versions of OpenVPN to accomodate several types of use. You may choose which version of OpenVPN will be used to connect a configuration on the "Settings" tab of the "Configurations" panel of Tunnelblick's "VPN Details" window.
Typically, Tunnelblick includes:
- OpenVPN 2.3, which is past its end-of-life and is included only for those who need to connect to old versions of OpenVPN.
- OpenVPN 2.4, which is the current version and is used by default.
- OpenVPN 2.5, which is the next version.
- Although OpenVPN 2.5 Beta 3 is included in Tunnelblick 3.8.3a, future stable versions of Tunnelblick will include only released, non-beta versions of OpenVPN.
- Beta versions of Tunnelblick will continue to include unreleased versions of OpenVPN. These versions of OpenVPN should be used only for testing new features of OpenVPN. They have not been as thoroughly tested as released versions of OpenVPN and they may contain serious security vulnerabilities.
- Because OpenVPN 2.3 and the SSL libraries used with it are no longer supported, they may contain security vulnerabilities and should be used only if absolutely necessary to connect to OpenVPN servers that require such old versions. It is strongly recommended that such old versions be updated so that modern, secure versions of OpenVPN and the SSL libraries can be used.
Tunnelblick's copies of OpenVPN include OpenSSL or LibreSSL libraries:
- OpenVPN 2.4 and 2.5 include only the latest stable version of OpenSSL, 1.1.1, which is a Long Term Support version that will be supported until 2023-09-11.
- OpenVPN 2.3 does not work with OpenSSL 1.1.1, so one of Tunnelblick's copies of OpenVPN 2.3 includes OpenSSL 1.0.2, which is "out of support and should not be used". The other copy of OpenVPN 2.3 includes LibreSSL 2.7.1, which is similarly no longer supported.
(This page was updated 2020-09-12.)