Change default Server ports

Etienne Dechamps etienne at edechamps.fr
Fri Dec 30 11:38:51 CET 2016 

I believe the reason why you're experiencing this problem is because tinc
does not use the connection TCP port to determine which port to send UDP
packets to. Instead, it uses the port that is *advertised* by the other
node.

https://github.com/gsliepen/tinc/blob/06b820133285f83f7e1a839cccbed13358b84081/src/protocol_auth.c#L886

That means that if node A is configured with UDP port 655, that's the UDP
port it will advertise to node B when it connects and that's what node B
will use, even if node B used a different TCP port to establish the
metaconnection.

I'm not sure why you didn't encounter this problem in tinc 1.0 - at first
glance the code seems identical in that respect.

On 29 December 2016 at 20:46, Guillermo Bisheimer <
gbisheimer at bys-control.com.ar> wrote:

> I'm using Tinc 1.1pre14 and I'm trying to connect a node that is behind a
> firewall that blocks all non-standard ports.
>
> I set up a rule in the server to redirect port 25 (that is not used in the
> server right now) to port 655, both in tcp and udp protocols, and set up
> the port 25 in the server host configuration file.
>
> The client can reach the server, but after the initial sync and key
> exchange using TCP using port 25, it tries to make UDP connections to port
> 655 instead of 25. The tunnel is never built and I cannot reach the client.
>
> I remember to have the same setup using tinc 1.0.x and it was working
> fine, but I'm unable to test it now. Is there a chance that tinc ignores
> the specified port and uses de default 655 port for UDP connections?
>
> Thanks!
> --
>
> *Ing. Guillermo Bisheimer*
>
> *B&S Sistemas de Control y Equipamientos*
>
> Av. de los Constituyentes 1172
>
> (E3116CIX) Crespo, Entre Ríos
>
> Tel/Fax: (0343) 407-8990 (Nuevo número)
>
> Cel: (0343) 154679052
>
> WEB: www.bys-control.com.ar
>
> e-mail: gbisheimer at bys-control.com.ar
>
> skype: guillermo.bisheimer
>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20161230/39ceb422/attachment.html>

More information about the tinc mailing list