Help on a Nat To Nat soluction - tinc servers won't ping remote clients
Parke
parke.nexus at gmail.com
Tue Apr 3 18:27:42 CEST 2018
On Tue, Apr 3, 2018 at 2:55 AM, John Radley (yahoo) <jradxl at yahoo.com> wrote:
> This is annoying however. Now I have to give very client a route back to the
> VPN network, just to support Server to Client connectivity
> I would have thought just specifying each client to have a route back to
> Tinc Server (using local lan address) was sufficient.
> How I have found and described problem, can you explain why and offer any
> alternative than such explicit routes.
The "why" is that each system needs to know how to route each outbound
packet before it can send that packet.
As for an alternative:
I believe you could eliminate the separate subnet for the Servers.
Just give each Server an IP address on the same subnet as the clients
it serves. In fact, the Servers probably already have such an IP
address (although I could be wrong about this as I have not reviewed
your configuration / network graph in detail).
Best,
Parke
More information about the tinc
mailing list