Weird behaviour between Windows Vista & Windows 7 VPN - can anyone help?

Guus Sliepen guus at tinc-vpn.org
Sun Jun 12 22:34:13 CEST 2011 

On Sun, Jun 12, 2011 at 02:34:15PM -0400, Alan S. Lawee wrote:

> I am trying to connect a Windows Vista (Home) machine to a Windows 7
> (Office) machine.  I set up the tinc config files normally, and I am able to
> see the Vista (Home) machine from the Window 7 (Office) machine, but I
> cannot seem to do the reverse.  I am beginning to wonder if this might be a
> known issue that someone has seen before.

From the routing table at Home:

Network Destination        Netmask          Gateway       Interface  Metric
      192.168.2.0    255.255.255.0         On-link       192.168.2.8    276
      192.168.1.0    255.255.255.0     192.168.19.1     192.168.19.2     33
     192.168.19.0    255.255.255.0         On-link      192.168.19.2    286

I see you have a LAN at the Office (192.168.1.0/24), and one at Home
(192.168.2.0/24). But you have set up tinc to use a third subnet,
192.168.19.0/24, with .1 being Office and .2 Home. You have added gateway
routes, but this will not work since you are using tinc in router mode,
unless you tell tinc about the 192.168.1.0/24 and 192.168.2.0/24 subnets.
There are three options to make your setup work:

1. Add "Subnet = 192.168.1.0/24" to hosts/Office, and "Subnet = 192.168.2.0/24"
   to hosts/Home.

2. Use "Mode = switch" in tinc.conf on both sides, you don't need the Subnet
   statements anymore in that case.

3. Don't use the 192.168.19.0/24 subnet at all; it is not necessary. Use the
   Subnets from 1. in router mode, or just use switch mode. Give the VPN
   interfaces the same IP addresses as the LAN interfaces, and add routes for the
   other nodes LAN subnets to the VPN interface, or if you plan on adding more
   nodes, you can add a route for 192.168.0.0/16 to the VPN interface.

Apart from that I did not see a problem, except that you also put your private
keys in the zip file, you must regenerate them!

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20110612/bf8f2e4b/attachment.pgp>

More information about the tinc mailing list