Thanks for getting back to me so quickly on this.
In thinking about the topology that I am trying to set up, I will
probably only set up a "private" DNS on the VPN for the 10.x.x.x
users.
With this in mind, I have now come up with a new question relating to this.
What I will like to do is to give all of the uses, including
roadwarriors, a static IP address on the 10.x.x.x address net and have a
name in our VPN DNS associated with each one. This lead to the next problem.
Is there a way that the TinC project can come up with a new variable
possibly called "VPNDNS=" or something like that such that the
roadwarriors hosts files can use it to resolve the "ADDRESS="
variable.
I am looking for a way to allow users to connect to the roadwarrior Tinc
hosts as well and was thinking that my VPN DNS could do the job as it
will handle the entire VPN.
What do you think?
Thanks,
Lonnie
Guus Sliepen wrote:
>On Sun, Oct 24, 2004 at 03:28:54PM -0500, Lonnie Cumberland wrote:
>
>
>
>>I was just looking over how to set up the hosts files for Tinc and was
>>wondering about how to handle Roadwarriors?
>>
>>It appears that the variable "Address=" must be set for
individuals to
>>connect to a host, right?
>>
>>
>
>The manpage says:
>
>Address = address [recommended]
> The IP address or hostname of this tinc daemon on the real net?
> work. This wil only be used when trying to make an outgoing con?
> nection to this tinc daemon. Multiple Address variables can be
> specified, in which case each address will be tried until a work?
> ing connection has been established.
>
>Note that you can put a hostname there (so you can use dyndns) and that
>the Address is only used for outgoing connections, so a roadwarrior that
>does not expect a ConnectTo pointing to him doesn't need an Address to
>be set for himself.
>
>
>
>>Also, I am wondering about possibly using a private DNS+DHCP server
>>combination that would allow the 10.x.x.x users to have their VPN ip
>>resolved but this does not help regarding "Real" IP addresses
on the
>>Internet for the Roadwarriors.
>>
>>
>
>Setting up a DNS zone for your private addresses is not a problem at
>all. If you want to run DHCP on the VPN, then you need to run tinc in
>switch mode. But if you can assign static VPN addresses just as well,
>I'd avoid DHCP.
>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>tinc mailing list
>tinc@tinc-vpn.org
>http://brouwer.uvt.nl/cgi-bin/mailman/listinfo/tinc
>
>