How to route between tinc and physical interface.
Guus Sliepen
guus at tinc-vpn.org
Sun Oct 1 21:31:25 CEST 2017
On Mon, Sep 18, 2017 at 07:57:39PM -0500, Leonardo Taborda wrote:
> I am working on a community wireless project where we have an isolated
> mesh network that we want to link by VPN. In order to fulfill this
> requirement we setup a tinc VPN, with two "nodes", servera and serverb.
> Servera has ip 10.0.0.1/24 and serverb has 10.0.0.2/24, and a spare
> network interface (enx00010a0b7359) where we intend to connect a mesh
> router with 10.1.1.1/24 as ip address. The final goal is to have all the
> mesh being accesible through tinc by anyone having our vpn set up in
> their laptops. It will help us to diagnose and troubleshoot issues.
>
> Thus, I am having a hard time trying to get this setup working. I
> assigned enx00010a0b7359 10.1.1.2 on serverb and i can ping it from
> 10.0.0.1, but if i plug the mesh router with 10.1.1.1 as ip, i got no
> response, but a traceroute partially works, getting the first hop but
> failing to finish the trace.
Check whether forwarding of packets between interfaces is allowed. You
need to set /proc/sys/net/ipv4/ip_forward to 1, and if you have any
firewall rules, check that the FORWARD table allows traffic between the
VPN interface and the one where the mesh router is connected to.
> Tried doing a bridge with brctl but i end having the same results,
> almost done but something little is missing.
Bridges are also affected by FORWARD rules.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20171001/50162b0a/attachment.sig>
More information about the tinc
mailing list