Cannot ping subnet hosts

Naemr . naemrr at gmail.com
Thu May 24 22:34:12 CEST 2018 

are these routers also the primary gateways for each network?

On Thu, May 24, 2018, 2:26 PM Davide L <davide.lovreglio at gmail.com> wrote:

> I have done it... added on both routers a new firewall zone covering the
> tinc interface, policy in accept, out accept, fwd accept, interzone
> forwarding from/to LAN.... when I do it, I am not even able to ping the
> routers between them, even though the PING PONG is ok in the tinc debug....
>
> 2018-05-24 20:28 GMT+02:00 Naemr . <naemrr at gmail.com>:
>
>> did you add a forwarding allow rule from tinc interface to lan and vise
>> versa on both ends? even with firewall off default is to not forward till
>> told to do so.
>>
>> On Thu, May 24, 2018, 10:07 AM Davide L <davide.lovreglio at gmail.com>
>> wrote:
>>
>>> Dear all,
>>>
>>> I am trying to configure a basic TINC vpn between two sites using
>>> OpenWRT routers. The link seems to work, the ping between the two routers
>>> is ok, but I can't ping hosts between the subnets behind the routers.
>>>
>>> This is the configuration:
>>>
>>> ======== SITE 1 (CLIENT) - polimnia (subnet 192.168.4.0/24, gw
>>> 192.168.4.1)
>>>
>>> tinc.conf
>>> -------------
>>> Name = polimnia
>>> ConnectTo = calliope
>>>
>>> hosts/polimnia
>>> ---------------------
>>> Subnet = 172.16.0.4/32
>>> Subnet = 192.168.4.0/24
>>>
>>>
>>> tinc-up script
>>> -------------------
>>> #!/bin/sh
>>> ip link set $INTERFACE up
>>> ip addr add 172.16.0.4/24 dev $INTERFACE
>>> ip route add 192.168.2.0/24 dev $INTERFACE
>>>
>>> ======== SITE 2 (SERVER) - calliope (subnet 192.168.2.0/24, gw
>>> 192.168.2.1)
>>>
>>> tinc.conf
>>> -------------
>>> Name = calliope
>>>
>>> hosts/calliope
>>> ---------------------
>>> Address = [ip public address] ........
>>> Subnet = 172.16.0.2/32
>>> Subnet = 192.168.2.0/24
>>>
>>> tinc-up script
>>> -------------------
>>> #!/bin/sh
>>> ip link set $INTERFACE up
>>> ip addr add 172.16.0.2/24 dev $INTERFACE
>>> ip route add 192.168.4.0/24 dev $INTERFACE
>>>
>>> =========================================================
>>>
>>> When I run both tincd daemons in verbose mode, the connection starts
>>> correctly and the two routers can reach each others, but not the hosts in
>>> the subnets.
>>>
>>> I tried deactivating the firewalls on both routers, thus I don't think
>>> it is a firewall issue.
>>>
>>> The line "ip route add" is in both tinc-up script, so it should work....
>>>
>>> I don't know how to solve the problem.
>>>
>>> Thank you in advance for any help.
>>> Davide
>>>
>>> _______________________________________________
>>> tinc mailing list
>>> tinc at tinc-vpn.org
>>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>>>
>>
>> _______________________________________________
>> tinc mailing list
>> tinc at tinc-vpn.org
>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>>
>>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20180524/2349606a/attachment.html>

More information about the tinc mailing list