<pre>Yes, my netmask was 255.255.0.0.<br><br>With respect to the "all traffic" comment, using the (horrible) Windows firewall does not allow <br>interface by interface configuration. So, if I allow all traffic on that interface, I open it up<br>
to all traffic on all interfaces. At least that is the way it is in XPProSp3. So, I left my <br>firewall in place (which allows traffic on selected ports only, one of which is 655).<br><br>I could have sworn that after my last configuration edits I stopped and restarted the service, but <br>
I guess not, because when I rebooted both machines this morning, the configuration shown below<br>worked just fine without any modifications.<br><br>I ran debug command line, and I guess I don't have something set properly, because nothing<br>
much shows up in the console window. First, the console window starts with:<br><br>C:\Program Files\tinc>tincd -n ivpn -D d5<br>tincd 1.0.11 (Nov 1 2009 17:03:44) starting, debug level 0<br>Tap reader running<br>{5227xxxx-012D-4x53-8725-588x3x4174x8} (vpn) is a Windows tap device<br>
Ready<br><br>At that point, the console is frozen (I can't enter any commands in that window), which is <br>exactly what I expect.<br><br>When I open another console window and tracert or ping to the other machine, it works and there<br>
is nothing that shows up in this console (no debug messages). This is true whether MachineA is<br>accessing MachineB or the other way around. This is true whether access is via ping, tracert or <br>a Windows program such as VNC (which works swimmingly I might add).<br>
<br>The only thing that showed up on that console was the following:<br><br>Bogus data received from <unknown> (192.168.1.8 port 2943)<br>Old connection_t for <unknown> (192.168.1.8 port 2943) status 0010 still lin<br>
gering, deleting...<br><br>I have no idea what would have generated that message.<br><br>In any event, thank you for the prompt response. As is my habit, I'm closing the loop by writing<br>this message so that somebody else who reviews this thread will know of its resolution.<br>
<br>************************************************************<br><br>On Tue, Jan 26, 2010 at 07:44:43PM -0800, Anon wrote:<br><br>><i> Anyway, I have tincd running as a service on two windows machines on the<br></i>><i> same lan. I'm trying to establish a connection between those two<br>
</i>><i> computers on the vpn ip's (10.20.30.1 and 10.20.40.1). I have confirmed<br></i>><i> that port 655 is open because each machine can ping the other on the LAN<br></i>><i> ip address (192.168.1.x) and "telnet 192.168.1.x 655" works on both<br>
</i>><i> machines (x=4 on one machine and 8 on the other) (it responds with "0<br></i>><i> MachineB 17" on MachineA and "0 MachineA 17" on MachineB.<br></i>><i> <br></i>><i> ipconfig /all confirms that each computer can see itself on the 10.20.x.1<br>
</i>><i> addresses.<br></i>><i> <br></i>><i> MachineA<br></i>><i> <br></i>><i> Address = 192.168.1.4<br></i>><i> Subnet = <a href="http://10.20.30.0/24">10.20.30.0/24</a><br></i>><i> <br></i>><i> MachineB<br>
</i>><i> <br></i>><i> Address = 192.168.1.8<br></i>><i> Subnet = <a href="http://10.20.40.0/24">10.20.40.0/24</a><br></i><br>The netmask of the VPN interface should be 255.255.0.0. Is this the case? If<br>you have a fireall on the Windows machines, make sure it allows all traffic on<br>
the VPN interface. You can also start tinc with the options -d5 -D, this will<br>not start it as a service but run in the console. You can then see what happens<br>when you try tracert or anything else via the VPN.<br><br>
-- <br>Met vriendelijke groet / with kind regards,<br> Guus Sliepen <<a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc">guus at tinc-vpn.org</a>><br></pre>