Weird behaviour between Windows Vista & Windows 7 VPN - can anyone help?. Still no success

Alan S. Lawee info at polygration.com
Wed Jun 22 16:56:59 CEST 2011 

Your last suggestion was the key.  The firewall must have been blocking
traffic on the TAP adapter.  
Thanks so much, Guus.  
Best regards,
Alan

-----Original Message-----
From: tinc-bounces at tinc-vpn.org [mailto:tinc-bounces at tinc-vpn.org] On Behalf
Of Guus Sliepen
Sent: Tuesday, June 21, 2011 05:26
To: tinc at tinc-vpn.org
Subject: Re: Weird behaviour between Windows Vista & Windows 7 VPN - can
anyone help?. Still no success

On Mon, Jun 20, 2011 at 12:48:26PM -0400, Alan S. Lawee wrote:

> I am at a loss to explain why it still doesn't work.  I regenerated 
> the keys and have eliminated the 'Bogus data received message'.  In 
> fact, the debug log looks totally normal now.  However, when I try to 
> 'ping' from the Home PC to the Office PC, I get a 'request timed out' 
> message & Windows Networking is still not able to see the PC at the 
> other end.  I do see a burst of activity in the debug log window when 
> I issue the 'ping' request, so I'm pretty certain that the message is
getting across to the other side.

The logs indeed look normal. However, if you cannot ping, then either the
LibenVPN interface is not configured correctly, or your firewall is blocking
packets from the VPN.

> I was reluctant to use the 'switch' mode because I didn't really 
> understand if the traffic going across the VPN would be limited to 
> what was generated by the PC running the tinc daemon, or if all 
> traffic on the LAN would be forwarded.

Tinc will not see traffic from the LAN interface regardless of the Mode
setting, unless you explicitly set up routing or bridging to forward traffic
between the LAN and LibenVPN interface.

> Now that you have recommended it and I am using it, I'm beginning to 
> wonder if the problem isn't to do with the firewall (Norton Internet 
> Security).  I will try to verify this by disabling the firewall the 
> next time I visit the client.  I did open port 655 on both the 
> physical adapter and the TAP adapter, but I'm now wondering if there 
> is something more that I have to do.

You should allow everything on the TAP adapter. Port 655 is only used on the
physical adapter.

--
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>

More information about the tinc mailing list