Feasibility of Tinc vpn with my current setup.
Bobby Thomas
bobbythomas.tvm at gmail.com
Mon Oct 19 07:52:47 CEST 2015
Thanks for the reply Guss,
So in my case the Amazon VPS server is behind a FULL CONE NAT(static NAT),
so is that enough to hole punch other nodes. what all ports will should be
opened up on the NAT device? Most of the other nodes are behind cg-nat, so
I wont have any control over its nat.
Thank you,
Regards,
Bobby Thomas.
On Oct 19, 2015 1:45 AM, "Guus Sliepen" <guus at tinc-vpn.org> wrote:
> On Sun, Oct 18, 2015 at 02:00:36PM -0500, Bobby Thomas wrote:
>
> > IPfire router/firewall(openvpn client) --->ISP(Internet)--->Amazon
> > VPS(openvpn server).
> >
> > The ipfire router is behind a CARRIER-GRADE NAT [...] I have come to
> > know that Tinc VPN supports spoke to spoke(full mesh) direct
> > connection bypassing hub (so clients can reach other clients without
> > going through a server) , can this be possible in my scenario? I am
> > really looking out for a solution.
>
> Tinc needs at least one node that is not behind NAT to assist with the
> hole punching of other nodes' NATs. As long as either of two nodes that
> want to connect to each other is behind cone NAT, this will work. It is
> likely that your carrier-grade NAT is cone NAT.
>
> --
> Met vriendelijke groet / with kind regards,
> Guus Sliepen <guus at tinc-vpn.org>
>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20151019/f1fc2851/attachment.html>
More information about the tinc
mailing list