Second VPN network fails to start
Robert Horgan
Robert at gainplus.asia
Mon May 20 06:11:39 CEST 2019
Hello Lars,
Thanks for your feedback. Unfortunately I made an error in writing the network I expected to connect to. I meant 10.3.0.0/24 The one I wrote in fact was one network of the already established VPN. I have included full details of my relevant files below.
Background: I am trying to set up a second VPN between two servers: gtdb and db2. Both servers are already part of separate VPNs: 10.1.0.0/24 and 10.0.0.0/24
These are my files:
On server 1: db2
/etc/tinc/nets.boot
#
gainplus (this works fine, autostarts, etc)
vpn1
/etc/tinc/vpn1/tinc.conf
Name = db2
BindToAddress = 10.130.17.192
AddressFamily = ipv4
Port = 656
ConnectTo = gtdb
Interface = tun0
/etc/tinc/vpn1/tinc-up
#!/bin/sh
# tinc-up
ip addr add 10.3.0.50/24 dev $INTERFACE
ip link set dev $INTERFACE up
/etc/tinc/vpn1/hosts/gtdb
Subnet = 10.3.0.51/32
Port = 656
-----BEGIN RSA PUBLIC KEY-----
/etc/tinc/vpn1/hosts/db2
Address = 10.130.17.192
Subnet = 10.3.0.50/32
Port = 656
-----BEGIN RSA PUBLIC KEY-----
#########################################################
On server 2: gtdb
/etc/tinc/nets.boot
#
gainplus
vpn1
/etc/tinc/vpn1/tinc.conf
Name = gtdb
BindToAddress = 10.130.8.6
AddressFamily = ipv4
Port = 656
ConnectTo = db2
Interface = tun0
/etc/tinc/vpn1/tinc-up
#!/bin/sh
# tinc-up
ip addr add 10.3.0.51/24 dev $INTERFACE
ip link set dev $INTERFACE up
/etc/tinc/vpn1/hosts/gtdb
Address = 10.130.8.6
Subnet = 10.3.0.0/24
Port = 656
-----BEGIN RSA PUBLIC KEY-----
/etc/tinc/vpn1/hosts/db2
Address = 10.130.17.192
Subnet = 10.3.0.50/32
Port = 656
-----BEGIN RSA PUBLIC KEY-----
The result I get when running ip a on either server only shows the first VPN tunnel:
9: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 500
link/none
inet 10.0.0.51/24 scope global tun0
valid_lft forever preferred_lft forever
regards
Robert
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20190520/2ebe6da1/attachment-0001.html>
More information about the tinc
mailing list