Cannot ping subnet hosts

Davide L davide.lovreglio at gmail.com
Thu May 24 22:26:40 CEST 2018 

I have done it... added on both routers a new firewall zone covering the
tinc interface, policy in accept, out accept, fwd accept, interzone
forwarding from/to LAN.... when I do it, I am not even able to ping the
routers between them, even though the PING PONG is ok in the tinc debug....

2018-05-24 20:28 GMT+02:00 Naemr . <naemrr at gmail.com>:

> did you add a forwarding allow rule from tinc interface to lan and vise
> versa on both ends? even with firewall off default is to not forward till
> told to do so.
>
> On Thu, May 24, 2018, 10:07 AM Davide L <davide.lovreglio at gmail.com>
> wrote:
>
>> Dear all,
>>
>> I am trying to configure a basic TINC vpn between two sites using OpenWRT
>> routers. The link seems to work, the ping between the two routers is ok,
>> but I can't ping hosts between the subnets behind the routers.
>>
>> This is the configuration:
>>
>> ======== SITE 1 (CLIENT) - polimnia (subnet 192.168.4.0/24, gw
>> 192.168.4.1)
>>
>> tinc.conf
>> -------------
>> Name = polimnia
>> ConnectTo = calliope
>>
>> hosts/polimnia
>> ---------------------
>> Subnet = 172.16.0.4/32
>> Subnet = 192.168.4.0/24
>>
>>
>> tinc-up script
>> -------------------
>> #!/bin/sh
>> ip link set $INTERFACE up
>> ip addr add 172.16.0.4/24 dev $INTERFACE
>> ip route add 192.168.2.0/24 dev $INTERFACE
>>
>> ======== SITE 2 (SERVER) - calliope (subnet 192.168.2.0/24, gw
>> 192.168.2.1)
>>
>> tinc.conf
>> -------------
>> Name = calliope
>>
>> hosts/calliope
>> ---------------------
>> Address = [ip public address] ........
>> Subnet = 172.16.0.2/32
>> Subnet = 192.168.2.0/24
>>
>> tinc-up script
>> -------------------
>> #!/bin/sh
>> ip link set $INTERFACE up
>> ip addr add 172.16.0.2/24 dev $INTERFACE
>> ip route add 192.168.4.0/24 dev $INTERFACE
>>
>> =========================================================
>>
>> When I run both tincd daemons in verbose mode, the connection starts
>> correctly and the two routers can reach each others, but not the hosts in
>> the subnets.
>>
>> I tried deactivating the firewalls on both routers, thus I don't think it
>> is a firewall issue.
>>
>> The line "ip route add" is in both tinc-up script, so it should work....
>>
>> I don't know how to solve the problem.
>>
>> Thank you in advance for any help.
>> Davide
>>
>> _______________________________________________
>> tinc mailing list
>> tinc at tinc-vpn.org
>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>>
>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20180524/c22851a8/attachment-0001.html>

More information about the tinc mailing list