Hi: I'm having some trouble connecting to the tinc VPN I've setup for my client. Basically I would like to connect to the LAN of my client (as I'm currently thousands of miles away and won't be back for a month and a half) to continue with the development of an in-house ERP. I've setup the router (a Linksys router running the stock firmware) to forward both TCP and UDP packets port 655 to 192.168.100.248 (which hosts the tinc daemon). Problem now is that when I try to ping the other host (either way) I couldn't seem to have them see each other. Here's the settings for both my client and I: ME RUNNING TINC ----> internet ---> Firewall ---> SERVER RUNNING TINC ME RUNNING TINC: Real IP address varies, "roadwarrior" tinc.conf: Name=pfalcone ConnectTo=erp AddressFamily=ipv4 Mode=switch TCPonly=yes tinc-up: #!/bin/sh ifconfig $INTERFACE 192.168.100.244 netmask 255.255.0.0 hosts/pfalcone: Subnet=192.168.100.244/32 hosts/erp: Address=283.870.215.224 (replace with some real IP address of the firewall here) Subnet=192.168.100.248/32 SERVER RUNNING TINC: Real IP address is 192.168.100.248 netmask 255.255.255.0 tinc.conf: Name=erp AddressFamily=ipv4 Mode=switch TCPonly=yes tinc-up: #!/bin/sh ifconfig $INTERFACE 192.168.100.248 netmask 255.255.0.0 hosts/pfalcone: Subnet=192.168.100.244/32 hosts/erp: Address=283.870.215.224 (replace with some real IP address of the firewall here) Subnet=192.168.100.248/32 -- Paolo Alexis Falcone pfalcone@free.net.ph -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20060422/8b209d9d/attachment.pgp
On Sat, Apr 22, 2006 at 07:12:09PM +0800, Paolo Alexis Falcone wrote:> I'm having some trouble connecting to the tinc VPN I've setup for my client. > Basically I would like to connect to the LAN of my client (as I'm currently > thousands of miles away and won't be back for a month and a half) to continue > with the development of an in-house ERP. > > I've setup the router (a Linksys router running the stock firmware) to forward > both TCP and UDP packets port 655 to 192.168.100.248 (which hosts the tinc > daemon). > > Problem now is that when I try to ping the other host (either way) I couldn't > seem to have them see each other.Let's have a look at your configuration:> tinc.conf: > Name=pfalcone > ConnectTo=erp > AddressFamily=ipv4 > Mode=switch > TCPonly=yesIf you use TCPonly=yes, you don't have to forward UDP on your router of course.> tinc-up: > #!/bin/sh > ifconfig $INTERFACE 192.168.100.244 netmask 255.255.0.0 > > hosts/pfalcone: > Subnet=192.168.100.244/32With Mode=switch, Subnet statements are ignored.> hosts/erp: > Address=283.870.215.224 (replace with some real IP address of the firewall > here) > Subnet=192.168.100.248/32[...] Your configuration looks OK, but check your routing table (route -n), the firewall rules on erp and pfalcone (iptables -L -v -x -n), and the output of tinc running with the -d5 -D options. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus@sliepen.eu.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20060424/5f50281d/attachment.pgp