Hello, I am having an issue with getting tinc to route the packets between 2 Windows tinc installations. Here is what I have so far: homeClient: Physical Interface: 192.168.6.50 gateway 192.168.6.102 homeClient: Tap-Win32 192.168.10.23 no gateway homeClient file: Address:192.168.6.50 Subnet=192.168.10.0/24 vpnoffice: Physical Interface 192.168.6.102 gateway 192.168.6.1 vpnoffice: Tap-Win32 192.168.98.10 no gateway vpnoffice file: Address = 192.168.6.102 Subnet = 192.168.98.0/24 I run tinc -n vpn -d5 -D on both machines and I can see them connect and everything seems to go right, but nothing is being captured by tinc in the homeClient VMWare instance. I see minimal activity when I Wireshark the interface also. I have tried just about everything I can find and think of, but I am at a loss with this one. Any help would be appreciated. Robert
On Wed, Sep 23, 2009 at 12:20:55PM -0700, Robert Spraggs wrote:> I am having an issue with getting tinc to route the packets between > 2 Windows tinc installations. Here is what I have so far: > > homeClient: Physical Interface: 192.168.6.50 gateway 192.168.6.102 > homeClient: Tap-Win32 192.168.10.23 no gatewayWhat are the netmasks of those interfaces?> vpnoffice: Physical Interface 192.168.6.102 gateway 192.168.6.1 > vpnoffice: Tap-Win32 192.168.98.10 no gateway > > I run tinc -n vpn -d5 -D on both machines and I can see them connect > and everything seems to go right, but nothing is being captured by > tinc in the homeClient VMWare instance. I see minimal activity when > I Wireshark the interface also.The netmask of the TAP-Win32 interfaces should be 255.255.0.0 in your case. If there is masquerading going on between the two machines, you might want to add "TCPOnly = yes" to the host config files. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20090923/93960c94/attachment.pgp>
First, use different networks at home and office, or it will not work. I change your home network to 192.168.7.0/24 so it may work.> homeClient: Physical Interface: 192.168.6.50 gateway 192.168.6.102homeClient: Physical Interface: 192.168.7.50/255.255.255.0 gateway 192.168.7.102> homeClient: Tap-Win32 192.168.10.23 no gatewayUse same IP as physical ip, but larger network mask: Tap-Win32 192.168.7.50/255.255.0.0 no gateway> homeClient file: > Address:192.168.6.50Address:192.168.7.50> Subnet=192.168.10.0/24Subnet=192.168.7.0/24> vpnoffice: Physical Interface 192.168.6.102 gateway 192.168.6.1vpnoffice: Physical Interface 192.168.6.102/255.255.255.0 gateway 192.168.6.1> vpnoffice: Tap-Win32 192.168.98.10 no gatewayvpnoffice: Tap-Win32 192.168.6.102/255.255.0.0 no gateway> vpnoffice file: > Address = 192.168.6.102Address = 192.168.6.102> Subnet = 192.168.98.0/24Subnet = 192.168.6.0/24 Wenn vpn is up, try ping from home tinc computer to office tinc computer. If you want to route other computers via vpn, set default gateay on other computers to your local tinc computer or add extra route for 192.168.0.0/255.255.0.0 to your tinc computer (maybe better way, but more work). Add extra route to your gateways too. Add tcponly line to both tinc.conf files. Add tcp port 655 forwarding to your local tinc computers on both gateways. ALBI...
> I did not realize the VMWare interface was active. I thought I haddisabled them all. Ok, for shure this is the problem, or better, your strange networks you did configure. I have some questions: 1. Why do you use netmask 255.255.0.0 on your physical interfaces? I know all is possible, but is there any real reason? 2. What is your default gateway at vpnoffice? I did not find it in your mail. It looks like vpnoffcie can't route anywhere outside his own networks. 3. YOu use 192.168.98.1 as default gateway on vpnhome and as tap ip on vpnoffice. Reasons? Can you explain what you want to do and how? I thought you have a offcie pc in office and a home pc at home. They both have internet connection. Thats easy situation, but your config show some different things. ALBI...