issues connecting in other sites

Guus Sliepen guus at tinc-vpn.org
Thu Mar 15 21:56:50 CET 2018 

On Thu, Mar 15, 2018 at 03:41:00PM +0000, Chris . wrote:

> I admit that I am not familiar with Tinc very well, but have Tinc running at approximately 20 sites and functioning as a mesh vpn/network.  I am having issues adding an additional site as it will not communicate with the rest. I have taken the firmware of one and flashed it on another router to make it duplicate and then tested it working but when I change the hostname, and IP to what we need it to be (in this case 172.16.100.0) it no longer communicates with the rest of the network even though I have the same public key (they all have the same key) as well as adding it to the host folder and tinc config file on every other router. Am I missing something? The current system seems to be working now but having issues to add new.

I suspect you do have an error in your configuration somewhere. Either
on the new node, or in the other node(s) that will have connections with
the new node. Check for typos.

> Partial file contents of /etc/config/tinc
> 
> config tinc-net NETNAME
>         option enabled 1
>         option logfile /tmp/log/tinc.log
>         option debug 1
>         option AddressFamily ipv4
> 
>         list ConnectTo=pfsense2
>         list ConnectTo=pfsense4
>         list ConnectTo=pfsense12
>         list ConnectTo=pfsense201
>         list ConnectTo=pfsense11
>         list ConnectTo=pfsense1
>         list ConnectTo=pfsense19
>         list ConnectTo=pfsense7
>         list ConnectTo pfsense26
>         list ConnectTo pfsense27
>         list ConnectTo pfsense100
>         option Name pfsense16

I'm no pfsense expert. But why do some lines have ConnectTo=pfsense with
a = sign between ConnectTo and pfsense, and other lines have a space
instead of the =?

> To be clear (also not sure how it works without it) but tinc.conf is not in the /etc/tinc/NETNAME folder. We can see it in the /tmp/tinc/NETNAME directory only and its contents are below.
> File contents of /tmp/tinc/NETNAME/tinc.conf (this is on the pfsense16 unit with subnet 172.16.16.0)
> AddressFamily = ipv4
> ConnectTo = pfsense26
> ConnectTo = pfsense27
> Name = pfsense16

I see only two ConnectTo's here, ConnectTo = pfsense100 is missing.
Could that be the problem?

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20180315/dc2cdf97/attachment.sig>

More information about the tinc mailing list