Please help with configuration

Drake Drake drakemails at gmail.com
Fri Feb 8 23:14:40 CET 2019 

I managed to configure and I can ping both server and client. But Tvheadend
can't see the Satip server.

2019. febr. 7., Cs 19:08 dátummal Michael Munger <mj at hph.io> ezt írta:

> Get it connected first and able to ping the remote server's IP. Then, you
> should be able to access stuff on the server network as if you were on that
> LAN.
>
> You should also remove the pet forwarding on the client side. It's
> unnecessary.
>
> Get Outlook for Android <https://aka.ms/ghei36>
>
>
>
>
> On Thu, Feb 7, 2019 at 12:49 PM -0500, "Drake Drake" <drakemails at gmail.com
> > wrote:
>
> Thanks Michael, I will proceed like this.
>> I think I didn't have UDP 655 forwarded on the remote server, will do
>> that (had it at my client's router).
>> If tinc connects, will both server and client see each other, for example
>> I will be able to access all webui's running on SERVER from CLIENT side?
>> For example, SERVER is running webui of Tvheadend on 192.168.0.4:9981
>> How can I access that from CLIENT? Do I need to use iptables or routing?
>> Thanks,
>> drake
>>
>> On Thu, Feb 7, 2019 at 6:26 PM Michael Munger <mj at hph.io> wrote:
>>
>>> Local IPs of the client are irrelevant.
>>>
>>> The client should be configured to look for the host by domain name
>>> (/etc/tinc/yournetwork/hosts/EXAMPLESERVER should have the dDNS name in the
>>> Address directive) and the tinc.conf file should have that as the host to
>>> connect to for the network. (ConnectTo=EXAMPLESERVER)
>>>
>>> Then, you need port forwarding in your router to forward TCP/UDP 655
>>> from the WAN address to the router to the LAN address of the server. The
>>> server should be a static IP on that network *or *it should have a DHCP
>>> reservation so it doesn't move and break NAT port forwarding.
>>>
>>> When tinc starts, it will check tinc.conf for the ConnectTo directive.
>>> In your case, it will be ConnectTo=EXAMPLESERVER. Then, it looks in the
>>> hosts/ directory for the EXAMPLESERVER file, and reads the Address=
>>> directive to see where that server is. Since you're using ddns, it will do
>>> a DNS lookup for that domain name, and find your current IP address
>>> (hopefully) and try to connect on udp/655. When those packets reach your
>>> router, they should get forwarded to the server, which will authenticate
>>> the connection. If the server can authenticate the client, it will keep the
>>> connection, and if not, it will drop it.
>>>
>>> Make sure that your host files are properly exchanged on both sides so
>>> that both sides can authenticate the other side using the public / private
>>> key pair. (Private keys are never exchanged. Only public ones as kept in
>>> the hosts/ directory).
>>>
>>> Michael Munger, dCAP, MCPS, MCNPS, MBSS
>>> *Microsoft Certified Professional*
>>> *Microsoft Certified Small Business Specialist*
>>> *Digium Certified Asterisk Professional*
>>> *High Powered Help, Inc.*
>>> p: 678-905-8569
>>> w: hph.io  e: mj at hph.io
>>>
>>> On 2/7/19 5:03 AM, Drake Drake wrote:
>>>
>>> Hi,
>>>
>>> I'm new to Tinc and I'm having some hard time to figure out the proper
>>> configuration for my use case. In hope you can help me out.
>>>
>>> A) SERVER running tinc (Ubuntu 16.04 LTS)
>>> External IP: 111.111.111.111 (ddns)
>>> Behind a router with NAT, local IP of SERVER: 192.168.0.4
>>>
>>> B) CLIENT running tinc (Ubuntu 16.04 LTS)
>>> External IP: 222.222.222.222 (ddns)
>>> Behind a router with NAT, local IP of CLIENT: 192.168.1.100
>>>
>>> I would like to make a tunnel between SERVER and CLIENT in order to
>>> access TVheadend SatIP on SERVER from CLIENT. The ports are 9981 and 9981
>>> (UDP and TCP). That is, my CLIENT should see the SERVER.
>>> I don't want to route any of the internet traffic over client or server,
>>> just to have access to these remote ports.
>>> What would be the way to achieve this?
>>>
>>> Many thanks,
>>> drake
>>>
>>> _______________________________________________
>>> tinc mailing listtinc at tinc-vpn.orghttps://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>>>
>>> _______________________________________________
>>> tinc mailing list
>>> tinc at tinc-vpn.org
>>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>>>
>> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20190208/61c51383/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mdonhcmajalnajpc.png
Type: image/png
Size: 738 bytes
Desc: not available
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20190208/61c51383/attachment-0001.png>

More information about the tinc mailing list