FW: New issue, configuring 2 Vista nodes behind Norton Internet Security 2010 Firewalls
Guus Sliepen
guus at tinc-vpn.org
Thu Jul 22 00:16:26 CEST 2010
On Wed, Jul 21, 2010 at 05:58:47PM -0400, Alan S. Lawee wrote:
> Finally resolved the problem, I'm actually impressed with the throughput
> over the tinc VPN!
Great!
> First, the config files need to go in different places, depending on whether
> you run tinc as a service or in the foreground from a Command Prompt running
> as Administrator (C:\Program Files\tinc\...) or if you are running tinc in
> the foreground from a Command Prompt running as a normal user, even if the
> user has administrative privileges (C:\User\AppData\Local\Virtual
> Store\Program Files\tinc\...). It does not seem to matter to tinc which
> environment it runs under - you just have to make sure that the VPN & Host
> files are in the right place for the environment you choose.
Aha. When install tinc, it sets a registry key, storing the installation
directory there. On XP, I believe tinc could always find that key, whether it
was installed/run as admin, normal user or normal user with administrator
rights. However, your observations suggest that an application gets a different
registry view depending on how it is started. I think I will have to mention
very clearly in the documentation that you should always install and start as
the same user, with administrator rights.
> Second, even after tinc was properly configured, the Norton Internet
> Security 2010 (NIS 2010) Firewall prevented proper communication in both
> directions over the VPN. We resolved this problem by establishing 'Full
> Trust' in the NIS 2010 Network Security Map, both over the Office LAN (for
> when both nodes are connected to the Office LAN) and also over the VPN (for
> when both nodes are connected to different LANs). *** NOTE: This did not
> start working until we brought down the VPN at each end and started it up
> again at both ends.
Thanks for reporting what the solution for your problem was. This will
certainly help others encountering a similar problem.
> My next challenge is to set tinc up on my Windows 7 notebook.
I think this should be easy now :)
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20100722/6ad84de0/attachment.pgp>
More information about the tinc
mailing list