Weird behaviour between Windows Vista & Windows 7 VPN - can anyone help?

Alan S. Lawee info at polygration.com
Tue Jun 14 00:45:02 CEST 2011 

I followed your instructions as best I could, Guus.  

I set the Office TAP adapter IP to 192.168.1.207, and the Home TAP adapter
IP to 192.168.2.208 (Should it have been 1.208 ?)

Now I am getting a strange message about 'Bogus data received from [the home
PC]' (see DebugTraceOffice110613.txt) and the Office PC (Windows 7) is
closing the connection.

Some additional information that might be relevant.  I'm using Norton
Internet Security 2011 on both PCs, and I have opened Port 655 on both
machines in both directions.  Tinc v1.0.14 on both machines.

Thanks for all the help.  
Alan
-----Original Message-----
From: tinc-bounces at tinc-vpn.org [mailto:tinc-bounces at tinc-vpn.org] On Behalf
Of Guus Sliepen
Sent: Sunday, June 12, 2011 16:34
To: tinc at tinc-vpn.org
Subject: Re: Weird behaviour between Windows Vista & Windows 7 VPN - can
anyone help?

On Sun, Jun 12, 2011 at 02:34:15PM -0400, Alan S. Lawee wrote:

> I am trying to connect a Windows Vista (Home) machine to a Windows 7
> (Office) machine.  I set up the tinc config files normally, and I am 
> able to see the Vista (Home) machine from the Window 7 (Office) 
> machine, but I cannot seem to do the reverse.  I am beginning to 
> wonder if this might be a known issue that someone has seen before.

>From the routing table at Home:

Network Destination        Netmask          Gateway       Interface  Metric
      192.168.2.0    255.255.255.0         On-link       192.168.2.8    276
      192.168.1.0    255.255.255.0     192.168.19.1     192.168.19.2     33
     192.168.19.0    255.255.255.0         On-link      192.168.19.2    286

I see you have a LAN at the Office (192.168.1.0/24), and one at Home
(192.168.2.0/24). But you have set up tinc to use a third subnet,
192.168.19.0/24, with .1 being Office and .2 Home. You have added gateway
routes, but this will not work since you are using tinc in router mode,
unless you tell tinc about the 192.168.1.0/24 and 192.168.2.0/24 subnets.
There are three options to make your setup work:

1. Add "Subnet = 192.168.1.0/24" to hosts/Office, and "Subnet =
192.168.2.0/24"
   to hosts/Home.

2. Use "Mode = switch" in tinc.conf on both sides, you don't need the Subnet
   statements anymore in that case.

3. Don't use the 192.168.19.0/24 subnet at all; it is not necessary. Use the
   Subnets from 1. in router mode, or just use switch mode. Give the VPN
   interfaces the same IP addresses as the LAN interfaces, and add routes
for the
   other nodes LAN subnets to the VPN interface, or if you plan on adding
more
   nodes, you can add a route for 192.168.0.0/16 to the VPN interface.

Apart from that I did not see a problem, except that you also put your
private keys in the zip file, you must regenerate them!

--
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Liben.zip
Type: application/octet-stream
Size: 7063 bytes
Desc: not available
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20110613/c8ec5de5/attachment.obj>

More information about the tinc mailing list