Tinc clients behind a NAT, tunnels get unstable
Guus Sliepen
guus at tinc-vpn.org
Fri Sep 25 09:36:10 CEST 2015
On Fri, Sep 25, 2015 at 08:41:06AM +0200, Marcus Schopen wrote:
> I'm running some tinc clients behind a NAT (masquerading, Cisco Router)
> connecting to a host outside on a public IP in a different network. The
> tunnels get unstable every few minutes and I see packet loss when
> pinging the clients on their internal tunnel IPs from the host side.
> Before putting the tinc clients behind the NAT they were running on
> public IPs too (clients and host in different networks) and the tunnels
> were rock stable without any problems. As a workaround(?) I added
> "TCPOnly = yes" [1] to the host's config file and since then all tunnels
> seem to work stable again, but I can't explain this to me as the NAT
> should handle UDP connections. Any ideas?
Maybe the timeout for UDP NAT mappings is a bit short on your Cisco. Try
adding PingInterval = 30 to the tinc.conf on those clients, perhaps that
will help.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20150925/2e9f265d/attachment.sig>
More information about the tinc
mailing list