No subject
Tue Feb 2 19:30:04 CET 2010
"PrivateKeyFile" as this is default, otherwise configuration is quite
minimal.
======= Configuration =========
Server Side
===========
# cat tinc.conf
Name = fsvpns3f30
Mode = switch
Device = /dev/net/tun
AddressFamily = ipv4
PingInterval = 30
PrivateKeyFile = /etc/tinc/fsvpn/rsa_key.priv
# cat tinc-up
#!/bin/sh
ifconfig $INTERFACE 10.10.100.30 netmask 255.255.0.0
# cat hosts/fsvpns3f30
Address = xyz.dyndns.org
Port=655
Compression=9
Subnet=10.10.0.0/16
TCPonly=yes
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----
Client Side
========
# cat tinc.conf
Name = fsvpnmf
Mode = switch
Device = /dev/net/tun
AddressFamily = ipv4
PingInterval = 30
ConnectTo = fsvpns3f30
PrivateKeyFile=/etc/tinc/fsvpn/rsa_key.priv
# cat tinc-up
#!/bin/sh
ifconfig $INTERFACE 10.10.101.1 netmask 255.255.0.0
# cat fsvpnmf
Port = tinc
Compression = 9
Subnet = 10.10.101.1/32
TCPonly=yes
ConnectTo = xyz.dyndns.org
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----
This setup works now for a while with the restriction that I can
directly only reach one machine on my network. I can ssh through it to
reach the other machines in the network, but this is not ideal (e.g.
if I want to directly reach windows machines). That means from my
laptop I can only directly reach the 10.10.0.30/10.10.100/30 machine.
It looks like a routing problem. I guess I will have to add on tinc-up
script on both sides but in combination with the vpn device I need
some guidance.
Can you see how the configuration can be enhanced to reach the whole
network of machines on the home network from laptops directly ?
Any suggestions are welcome.
Mansour Farghaly
More information about the tinc
mailing list