Configuration of hosts
Rob Townley
rob.townley at gmail.com
Wed Jan 27 19:14:25 CET 2010
going from memory bc on my phone.
u had posted a 10./24 which is 255.255.255.0.
The debug level parameter is wrong.
try -D5
not -D d5
5 will be too much info so u will want a lower number.
On 1/27/10, Anon <anon4321 at gmail.com> wrote:
> Yes, my netmask was 255.255.0.0.
>
> With respect to the "all traffic" comment, using the (horrible)
> Windows firewall does not allow
> interface by interface configuration. So, if I allow all traffic on
> that interface, I open it up
> to all traffic on all interfaces. At least that is the way it is in
> XPProSp3. So, I left my
> firewall in place (which allows traffic on selected ports only, one of
> which is 655).
>
> I could have sworn that after my last configuration edits I stopped
> and restarted the service, but
> I guess not, because when I rebooted both machines this morning, the
> configuration shown below
> worked just fine without any modifications.
>
> I ran debug command line, and I guess I don't have something set
> properly, because nothing
> much shows up in the console window. First, the console window starts with:
>
> C:\Program Files\tinc>tincd -n ivpn -D d5
> tincd 1.0.11 (Nov 1 2009 17:03:44) starting, debug level 0
> Tap reader running
> {5227xxxx-012D-4x53-8725-588x3x4174x8} (vpn) is a Windows tap device
> Ready
>
> At that point, the console is frozen (I can't enter any commands in
> that window), which is
> exactly what I expect.
>
> When I open another console window and tracert or ping to the other
> machine, it works and there
> is nothing that shows up in this console (no debug messages). This is
> true whether MachineA is
> accessing MachineB or the other way around. This is true whether
> access is via ping, tracert or
> a Windows program such as VNC (which works swimmingly I might add).
>
> The only thing that showed up on that console was the following:
>
> Bogus data received from <unknown> (192.168.1.8 port 2943)
> Old connection_t for <unknown> (192.168.1.8 port 2943) status 0010 still lin
> gering, deleting...
>
> I have no idea what would have generated that message.
>
> In any event, thank you for the prompt response. As is my habit, I'm
> closing the loop by writing
> this message so that somebody else who reviews this thread will know
> of its resolution.
>
> ************************************************************
>
> On Tue, Jan 26, 2010 at 07:44:43PM -0800, Anon wrote:
>
>>* Anyway, I have tincd running as a service on two windows machines on the
> *>* same lan. I'm trying to establish a connection between those two
> *>* computers on the vpn ip's (10.20.30.1 and 10.20.40.1). I have confirmed
> *>* that port 655 is open because each machine can ping the other on the LAN
> *>* ip address (192.168.1.x) and "telnet 192.168.1.x 655" works on both
> *>* machines (x=4 on one machine and 8 on the other) (it responds with "0
> *>* MachineB 17" on MachineA and "0 MachineA 17" on MachineB.
> *>*
> *>* ipconfig /all confirms that each computer can see itself on the
> 10.20.x.1
> *>* addresses.
> *>*
> *>* MachineA
> *>*
> *>* Address = 192.168.1.4
> *>* Subnet = 10.20.30.0/24
> *>*
> *>* MachineB
> *>*
> *>* Address = 192.168.1.8
> *>* Subnet = 10.20.40.0/24
> *
> The netmask of the VPN interface should be 255.255.0.0. Is this the case?
> If
> you have a fireall on the Windows machines, make sure it allows all traffic
> on
> the VPN interface. You can also start tinc with the options -d5 -D, this
> will
> not start it as a service but run in the console. You can then see what
> happens
> when you try tracert or anything else via the VPN.
>
> --
> Met vriendelijke groet / with kind regards,
> Guus Sliepen <guus at tinc-vpn.org
> <http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc>>
>
More information about the tinc
mailing list