VPN between two servers
Brian Candler
B.Candler at pobox.com
Fri Apr 21 11:48:07 CEST 2006
On Fri, Apr 21, 2006 at 11:16:22AM +0200, Torsten Schlabach wrote:
> I would like to use tinc to create a virtual private network that just
> exists between the two servers. I want a virtual interface on each of the
> servers, probably with a 192.168.x.x address so that I could have some
> daemon on server A listen to say 192.168.1.1 only and have server B connect
> to that daemon through the tinc VPN from 192.168.1.2 for example.
>
> I think all the samples work from the assumption that the servers are
> gatways that have networks behind them. I have setup my boxes according to
> the samples, but I cannot ping between the virtual interfaces.
Did you configure 192.168.1.1 and 192.168.1.2 as loopback addresses on the
two machines? (e.g. ifconfig lo:0 192.168.1.1/32)
Have you chosen the right source address when pinging? e.g.
ping -S 192.168.1.1 192.168.1.2
Have you enabled IP forwarding on both machines?
What does tcpdump show when you do the ping command shown above?
Just a few suggestions from someone who lurks on the TINC list rather than
actually uses it :-) Another option you could consider is to configure IPSEC
transport mode between the two machines, but that's not TINC.
Regards,
Brian.
More information about the tinc
mailing list