No subject
Tue Feb 2 19:30:04 CET 2010
"PrivateKeyFile" as this is default, otherwise configuration is q=
uite<br>
minimal.<br>
<br>
<br>
=3D=3D=3D=3D=3D=3D=3D Configuration =3D=3D=3D=3D=3D=3D=3D=3D=3D<br>
<br>
Server Side<br>
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br>
# cat tinc.conf<br>
Name =3D fsvpns3f30<br>
Mode =3D switch<br>
Device =3D /dev/net/tun<br>
AddressFamily =3D ipv4<br>
PingInterval =3D 30<br>
PrivateKeyFile =3D /etc/tinc/fsvpn/rsa_key.priv<br>
<br>
# cat tinc-up<br>
#!/bin/sh<br>
ifconfig $INTERFACE 10.10.100.30 netmask 255.255.0.0<br>
<br>
# cat hosts/fsvpns3f30<br>
Address =3D <a href=3D"http://xyz.dyndns.org" target=3D"_blank">xyz.dyndns.=
org</a><br>
Port=3D655<br>
Compression=3D9<br>
Subnet=3D<a href=3D"http://10.10.0.0/16%0ATCPonly=3Dyes" target=3D"_blank">=
10.10.0.0/16<br>
TCPonly=3Dyes</a><br>
-----BEGIN RSA PUBLIC KEY-----<br>
...<br>
-----END RSA PUBLIC KEY-----<br>
<br>
Client Side<br>
=3D=3D=3D=3D=3D=3D=3D=3D<br>
# cat tinc.conf<br>
Name =3D fsvpnmf<br>
Mode =3D switch<br>
Device =3D /dev/net/tun<br>
AddressFamily =3D ipv4<br>
PingInterval =3D 30<br>
ConnectTo =3D fsvpns3f30<br>
PrivateKeyFile=3D/etc/tinc/fsvpn/rsa_key.priv<br>
<br>
# cat tinc-up<br>
#!/bin/sh<br>
ifconfig $INTERFACE 10.10.101.1 netmask 255.255.0.0<br>
<br>
# cat fsvpnmf<br>
Port =3D tinc<br>
Compression =3D 9<br>
Subnet =3D <a href=3D"http://10.10.101.1/32%0ATCPonly=3Dyes" target=3D"_bla=
nk">10.10.101.1/32<br>
TCPonly=3Dyes</a><br>
ConnectTo =3D <a href=3D"http://xyz.dyndns.org" target=3D"_blank">xyz.dyndn=
s.org</a><br>
-----BEGIN RSA PUBLIC KEY-----<br>
...<br>
-----END RSA PUBLIC KEY-----<br>
<br>
This setup works now for a while with the restriction that I can<br>
directly only reach one machine on my network. I can ssh through it to<br>
reach the other machines in the network, but this is not ideal (e.g.<br>
if =A0I want to directly reach windows machines). That means from my<br>
laptop I can only directly reach the <a href=3D"http://10.10.0.30/10.10.100=
/30" target=3D"_blank">10.10.0.30/10.10.100/30</a> machine.<br>
It looks like a routing problem. I guess I will have to add on tinc-up<br>
script on both sides but in combination with the vpn device I need<br>
some guidance.<br>
<br>
Can you see how the configuration can be enhanced to reach the whole<br>
network of machines on the home network from laptops directly ?<br>
<br>
Any suggestions are welcome.<br>
<br>
Mansour Farghaly<br>
_______________________________________________<br>
tinc mailing list<br>
<a href=3D"mailto:tinc at tinc-vpn.org">tinc at tinc-vpn.org</a><br>
<a href=3D"http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target=3D=
"_blank">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a><br>
</blockquote></div><br>
--000e0cd23ef23e5ddf047f0a7463--
More information about the tinc
mailing list