Tinc Router Mode - PING RESULT is destination host unreachable

Eric Yau ericyaukhy at hotmail.com
Sat Feb 13 17:37:18 CET 2016 

Here is the ConnectTo parameter for your info. Due to my company has firewall to block the incoming connection and NAT, so I just can use my company PC to initial connect to my home network.

Home/hosts/company
ConnectTo=Home
Address=company
Subnet=10.0.0.2/32
Subnet=192.168.2.0/24
Subnet=192.168.3.0/24


-----Original Message-----
From: Ramses [mailto:ramses.sevilla at gmail.com] 
Sent: Saturday, February 13, 2016 1:34 AM
To: tinc at tinc-vpn.org
Subject: Re: Tinc Router Mode - PING RESULT is destination host unreachable

El 12 de febrero de 2016 16:51:59 CET, Eric Yau <ericyaukhy at hotmail.com> escribió:
>Hi All,
>
> 
>
>I am trying to setup the site-to-site VPN with TINC for connect my home 
>network to company network. Here is the IP allocation and configuration 
>for your reference.
>
> 
>
>Home PC (192.168.1.2) ß-----à Home (OPENWRT Router, 192.168.1.1,
>10.0.0.1)
>ß----------------à INTERNET ß-------------à COMPANY (Windows 7 
>PC,192.168.2.1, 10.0.0.2) ß------------à COMPANY (SERVER ZONE) ß----à 
>SERVER A (192.168.3.1)
>
> 
>
>Question: On home side (OpenWrt Router) and company side (Windows 7 
>PC), I can ping all the IP addresses. But on Home PC (Behind the 
>OPENWRT Router), I cannot ping to Company (Windows 7 PC) and Company 
>(Server A). The PING RESULT is destination host unreachable. Any idea 
>about that?
>
> 
>
>IP Allocation - LAN
>
>a.  Home – 192.168.1.0/24
>
>b.  Company – 192.168.2.0/24
>
>c.  Company (Server zone)– 192.168.3.0/24
>
> 
>
>IP Allocation – LAN (TINC Server)
>
>a.  Home – TINC:10.0.0.1/32, LAN:192.168.1.1/32 (OpenWrt Router)
>
>b.  Company – TINC:10.0.0.2/32, LAN:192.168.2.1/32 (Windows 7 PC)
>
> 
>
>TINC Configuration – Home (OpenWrt Router)
>
> 
>
>Tinc.conf
>
>name=Home
>
>Interface=tinc0
>
>PrivateKeyFile=/etc/tinc/Home/rsa_key.priv
>
>Mode=router
>
>KeyExpire=3600
>
>AddressFamily=ipv4
>
>ProcessPriority=normal
>
>PingTimeOut=5
>
>PingInterval=60
>
> 
>
>Tinc-up
>
>ifconfig $INTERFACE 10.0.0.1 netmask 255.255.255.0
>
>route add -net 192.168.2.0 netmask 255.255.255.0 dev tinc0
>
>route add -net 192.168.3.0 netmask 255.255.255.0 dev tinc0
>
> 
>
>home/hosts/Home
>
>Address=Home
>
>Subnet=10.0.0.1/32
>
>Subnet=192.168.1.0/24
>
> 
>
>-----BEGIN RSA PUBLIC KEY-----
>
>xxx
>
>-----END RSA PUBLIC KEY-----
>
> 
>
>Home/hosts/company
>
>Address=company
>
>Subnet=10.0.0.2/32
>
>Subnet=192.168.2.0/24
>
>Subnet=192.168.3.0/24
>
> 
>
>-----BEGIN RSA PUBLIC KEY-----
>
>xxx
>
>-----END RSA PUBLIC KEY-----
>
> 
>
>Kernel IP routing table
>
>Destination     Gateway         Genmask         Flags Metric Ref    Use
>Iface
>
>0.0.0.0         192.168.1.1   0.0.0.0         UG    0      0        0
>br-lan
>
>192.168.2.0      0.0.0.0         255.255.255.0     U     0      0      
> 0
>tinc0
>
>192.168.3.0      0.0.0.0         255.255.255.0     U     0      0      
> 0
>tinc0
>
>192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0
>br-lan
>
> 
>
>TINC Configuration – Company (Windows 7 PC)
>
> 
>
>C:\PROGRAM FILES\tinc\Home\Tinc.conf
>
>name=Home
>
>Interface=tinc0
>
>PrivateKeyFile=C:\PROGRAM FILES\tinc\Home\rsa_key.priv
>
>Mode=router
>
>KeyExpire=3600
>
>AddressFamily=ipv4
>
>ProcessPriority=normal
>
>PingTimeOut=5
>
>PingInterval=60
>
> 
>
>C:\PROGRAM FILES\tinc\Home\hosts\Home
>
>Address=home.publicip.net
>
>Subnet=10.0.0.1/32
>
>Subnet=192.168.1.0/24
>
> 
>
>-----BEGIN RSA PUBLIC KEY-----
>
>xxx
>
>-----END RSA PUBLIC KEY-----
>
> 
>
>C:\PROGRAM FILES\tinc\Home\hosts\company
>
>Address=company
>
>Subnet=10.0.0.2/32
>
>Subnet=192.168.2.0/24
>
>Subnet=192.168.3.0/24
>
> 
>
>-----BEGIN RSA PUBLIC KEY-----
>
>xxx
>
>-----END RSA PUBLIC KEY-----
>
> 
>
>IPv4 Route Table
>
>=======================================================================
>=====
>==================
>
>Active Routes:
>
>Network Destination                 Netmask              Gateway
>Interface     Metric
>
>0.0.0.0                             0.0.0.0              192.168.1.1
>192.168.1.2       281
>
>127.0.0.0                           255.0.0.0             On-link
>127.0.0.1         26
>
>127.0.0.1                           255.255.255.255       On-link
>127.0.0.1         306
>
>127.255.255.255                     255.255.255.255       On-link
>127.0.0.1         306
>
>255.255.255.255                     255.255.255.255       On-link
>127.0.0.1         306
>
>192.168.1.0                         255.255.255.0         On-link
>10.0.0.2          31
>
>192.168.1.255                       255.255.255.255       On-link
>10.0.0.2          286
>
>192.168.2.0                         255.255.255.0         On-link
>192.168.2.1       31
>
>192.168.2.255                       255.255.255.255       On-link
>192.168.2.1       31
>
>192.168.2.1                         255.255.255.255       On-link
>192.168.2.1       286 
>
>=======================================================================
>=====
>==================
>
> 
>
>Regards,
>
>Eric
>
>
>
>-----------------------------------------------------------------------
>-
>
>_______________________________________________
>tinc mailing list
>tinc at tinc-vpn.org
>http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc

Hi Eric,

Where is the ConnecTo parameter in the tinc.conf configuration files?


Regards,

Ramses

More information about the tinc mailing list