This article explains what Tunnelblick is, when you need it and how to install/uninstall it. Further, a useful list of VPN providers that allow Tunnelblick connections is included.
If you are running MacOs you have probably heard people talking about Tunnelblick and how it can be used to set up a VPN connection. You may find below all you need to know about Tunnelblick in order to make the most of it.
- What is it
- What you need to run Tunnelblick
- VPN services that support Tunnelblick
- How to install it
- How to uninstall it
- Can you run Tunnelblick on iPad and iPhone?
- Tunnelblick for Windows
- Is it vulnerable to the OpenSSL Heartbeat attack?
- Tunnelblick vs Viscosity
What is Tunnelblick
Tunnelblick is an open source MacOS application that provides secure access to an OpenVPN server. For those of you who don’t know, OpenVPN implements VPN techniques for creating secure point-to-point or site-to-site connections. The server running OpenVPN securely connects the Mac machine to the Internet, bypassing restrictions and censorship.
Tunnelblick is free and comes with easy to use graphic user interface for the control of OpenVPN client and/or server connections. All necessary binaries and drivers, including OpenVPN and tun/tap drivers, are installed and configured by the Tunnelblick package.
What you need to run Tunnelblick
Tunnelblick runs on OS X 10.4 through 10.9.
It is important to understand that it does not provide VPN by itself. It only helps a Mac computer to connect to a VPN server.
Thus, you need access to a VPN server with OpenVPN software installed. The OpenVPN server can be:
- Provided by your company (if you are using it for business purposes). Then you need to get the connection configuration from the network administrator (OpenVPN configuration files: .ovpn / .conf with the appropriate certificate and key files, or a Tunnel blick VPN Configuration: .tblk file).
- A server provided by a VPN service (take a look below to a list of recommended VPN providers).
- A more advanced option is to connect to another computer that you have access to or to a router that acts as VPN server. You may consider ZeroShell or Untangle to configure the computer you want to access or OpenVPN on DD-WRT to configure your router.
VPN services that support Tunnelblick
Regarding the VPN service providers, you need to know that not all of them allow their users to connect to their servers using Tunnel blick. Many of them use their own Mac VPN clients or Viscosity to connect to their clients.
You may find below a list with several good VPN providers that allow Tunnelblick connections.
|VPN Provider||Tunnelblick||Own Mac VPN Client||Viscosity|
|IPVanish||Yes||Yes (OSX 10.6.8+)||–|
|Private Internet Access||Yes||Yes (10.6+)||Yes|
How to install it
Before starting the installation you need to get the config files from the VPN service provider or from the network administrator (in case you want to connect to the company network). Save them on your Mac computer.
- Download it.
- Install it following the onscreen instructions.
- Launch it.
- Add configuration files by clicking on ‘I have configuration files‘.
- Select ‘OpenVPN Configuration(s)‘.
- Next, select ‘Open Private Configurations Folder‘.
- Select ‘Done‘.
- A new window with the folder ‘Configurations‘ will appear.
- Now you need the OpenVPN configuration files. Extract the entire contents into the ‘Configurations‘ folder. Close the window when done.
- Launch it from ‘Applications‘.
- Click on icon on taskbar.
- Select a VPN location you would like to connect to and it will prompt you for your VPN username and password.
- Connect to the VPN server.
How to uninstall it
When you no longer need to use it to connect to a VPN server, follow the below described actions:
- Drag the program from your ‘Applications’ folder to your Trash.
- Click your hard disk icon on your desktop (or open your Finder).
- Click on ‘Library’->’Application Support’, and ‘Delete’/Trash the it folder if it exists.
- Click on ‘Library’->’Preferences’, and ‘Delete’/Trash the “com.tunnelblick.Tunnelblick.plist” file if it exists.
- Empty your Trash.
- Restart your Mac computer.
Can you run Tunnelblick on iPad and iPhone?
No, it is for MacOS only. But you may connect from your iPad or iPhone to an OpenVPN server using applications like OpenVPN Connect.
Tunnelblick for Windows
The app is only available on Mac computers and there is no Windows version. OpenVPN provides easy to use Windows application to connect to the VPN servers running OpenVPN.
Is it vulnerable to the OpenSSL Heartbeat attack?
Several versions of Tunnelblick include a version of the OpenSSL library that is vulnerable to the heartbleed attack:
- All 3.4 versions before 3.4beta22 (build 3789)
- All 3.3 versions before 3.3.2 (build 3518.3792)
Tunnelblick vs Viscosity
Viscosity is a paid alternative to Tunnelblick and it provides a rich user interface for creating, editing, and controlling VPN connections. Basically, it performs the same job, but il looks nicer. Plus, Viscosity is available for both Mac and Windows, unlike Tunnelblick that only runs on Mac computers.
Moreover, Viscosity can run AppleScript or Batch/Vbs scripts before connect/on connect/on disconnect per tunnel.
Thus, if you plan to go with Viscosity, take into account that there are significantly less VPN providers that accept Viscosity connections.
The subscription costs $9 and includes email support and free updates for all future 1.x versions.
Tunnelblick is an excellent solution for creating VPN connections on your Mac computers and to secure your Internet traffic. It is simple to install and to use even by those that are not computer freaks. It does not provide VPN by itself, it only helps the Mac to connect to an OpenVPN server. There are plenty of VPN providers that accept such connection (check the list provided in the article). You may consider Viscosity as an alternative to Tunnelblick, if you need detailed traffic statistics, enterprise support or script control. Enjoy!