no openvpn outgoing connection possible

This sort of thing can sometimes be an MTU problem. See https://groups.google.com/forum/#!topic/tunnelblick-discuss/ttvriICTZV0.

Another possibility is a DNS problem. Set Tunnelblick to (A) route everything through the VPN and to (B) check if the IP address changes (both settings are in the "VPN Details" window of Tunnelblick 3.6beta20). Then wait at least 90 seconds after connecting and look in the Tunnelblick log for a message about the IP address change. (The IP address change tries to contact tunnelblick.net via its name, and if that fails, by its IP address, so it can help diagnose DNS problems from routing problems.)

VPN through apple routers has always been somewhat problematic.

It is really important though .. the IP address at both ends is different.. and with apple using 10.0.1.1 as standard home address it is messy if the other end is 10.x.x.x as well.

I am guessing your old router was 192.168.x.x and it could be worth moving the TC to that address just to try.

Also important to make sure you do not double NAT.

What modem do you have? Is it also a router?

Apple do not use UPNP to open ports.. and without it a PC might simply not have ports open.. you are sending ok from the sound of it but not opening the required ports .. which you have to do manually .. to pick up the responses.

It is really important though .. the IP address at both ends is different.. and with apple using 10.0.1.1 as standard home address it is messy if the other end is 10.x.x.x as well.

That can definitely be a problem. The OpenVPN log should show a "subnet conflict" warning if that happens.

Apple do not use UPNP to open ports.. and without it a PC might simply not have ports open.. you are sending ok from the sound of it but not opening the required ports .. which you have to do manually .. to pick up the responses.

An OpenVPN client (as cbaahmi is using) does not require an open port on the router, either via UPNP or manual configuration.

In reply to the original post, note that "ping" and many other command-line commands (and Network Utility, which is just a GUI for such commands) do not use the DNS resolution that the rest of OS X uses. There can be situations where "ping example.com" works but browsing to it doesn't, and vice versa. (OS X does not use /etc/resolv.conf for DNS resolution.)

I was traveling overseas when I updated my iPhone 6 Plus to IOS 10. My VPN immediately stopped working since Apple dropped PPTP support. There was nothing I could do because I needed to physically access my router at home in order to troubleshoot the problem. I was using an ASUS RT-AC68U router with PPTP configured as my VPN, but it was useless since I no longer had that option on my iPhone. Fortunately, the router supports OpenVPN, which took some time to systematically configure the right settings to work on all my apple devices. In all, the one setting in particular that fixed the problem was switching the VPN protocol from UDPv4 to TCP. This worked instantly on all my devices.

One side note, if anyone is trying to figure out how to get the openvpn setting on your device: in addition to using the OpenVPN App on my phone I also had to upload the *.ovpn profile with Microsoft OneDrive through my PC. I opened the OneDrive app on my phone and pressed on the *.ovpn profile that I uploaded. I entered my credentials and connected with no issues. I hope this helps

v/r

ED

Change from UDP to TCP and this deals with non-standard MTU and PMTUD vandalism. Also, TCP is easier for NAT to track. Also use lzop compression with TCP as you no longer have to worry about MTU and frame sizes. Also if NAT is involved client config will need the "nobind" option. I have used OpenVPN this way through hotel worst effort "Internet" services. As hotel networks are not to be trusted use perfect forward security and OpenVPN as default route. This requires the default route to be used only for the OpenVPN concentrator.