Hi, I use German umts internet (O2) sometimes. Now I tried to start a tinc tunnel, but it just does not work. I told that to my isp, they answered me that they use some sort of NAT anmd PAT. I get a internal ip 10.x.y.z when I get online. Normally this should be no problem with tinc, but until now I just get no packets through the tunnel. tinc connects to my tinc server in internet and receives some subnet informations. But tinc says it does not receive any ptmu information from other tinc server. Is there anything I can do to check what is possible? I already tried tcponly. Thanks for any help. ALBI...
Hi, I use German umts internet (O2) sometimes. Now I tried to start a tinc tunnel, but it just does not work. I told that to my isp, they answered me that they use some sort of NAT anmd PAT. I get a internal ip 10.x.y.z when I get online. Normally this should be no problem with tinc, but until now I just get no packets through the tunnel. tinc connects to my tinc server in internet and receives some subnet informations. But tinc says it does not receive any ptmu information from other tinc server. Is there anything I can do to check what is possible? I already tried tcponly. Thanks for any help. ALBI...
On Tue, Mar 02, 2010 at 08:43:51AM +0100, Albi Rebmann wrote:> I use German umts internet (O2) sometimes. Now I tried to start a tinc > tunnel, but it just does not work. I told that to my isp, they answered me > that they use some sort of NAT anmd PAT. I get a internal ip 10.x.y.z when > I get online. Normally this should be no problem with tinc, but until now > I just get no packets through the tunnel. > tinc connects to my tinc server in internet and receives some subnet > informations. But tinc says it does not receive any ptmu information from > other tinc server. > Is there anything I can do to check what is possible? > I already tried tcponly.If you run a recent version of tinc, you do not need to use the TCPOnly and IndirectData options anymore, tinc will automatically fall back to TCP and/or indirect communication if direct communication via UDP is not possible. If tinc logs that a connection with the other side is activated, and you still cannot reach the other side, then check: - whether you have a firewall on either side blocking packets on the VPN, - whether the 10.x.y.z range from O2 conflicts with your VPN address range. If those things are not the problem, then run tinc with -d5, try to ping the other side, and email the log output. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20100302/883e9817/attachment-0001.pgp>
Hello Albi, I also use german O2 UMTS on my Ubuntu netbook and I have tinc vpn tunnel to my homebase without problem (except the configuration could be enhanced) so I do not think you have a provider problem. I use O2 prepaid Internet Service on a monthly base. You can find my configuration on the tinc mailing list/archive heading "Only reaching one machine at network" 7.Feb this year. Mansour On Tue, Mar 2, 2010 at 8:43 AM, Albi Rebmann <albi at albi.life.de> wrote:> Hi, > > I use German umts internet (O2) sometimes. Now I tried to start a tinc > tunnel, but it just does not work. I told that to my isp, they answered me > that they use some sort of NAT anmd PAT. I get a internal ip 10.x.y.z when > I get online. Normally this should be no problem with tinc, but until now > I just get no packets through the tunnel. > tinc connects to my tinc server in internet and receives some subnet > informations. But tinc says it does not receive any ptmu information from > other tinc server. > Is there anything I can do to check what is possible? > I already tried tcponly. > Thanks for any help. > > > ALBI... > > > > > > > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >
> If you run a recent version of tinc, you do not need to use the TCPOnlyOk, it is ubuntu 9.10 remix, tinc 1.09.> - whether you have a firewall on either side blocking packets on theVPN,> - whether the 10.x.y.z range from O2 conflicts with your VPN addressrange.> > If those things are not the problem, then run tinc with -d5, try to pingthe> other side, and email the log output.No firewall. Here is a part of the log: Mar 3 06:41:01 albi-laptop tinc.life[2128]: Sending MTU probe length 829 to vs12 (85.88.14.172 port 655) Mar 3 06:41:01 albi-laptop tinc.life[2128]: Sending MTU probe length 1256 to vs12 (85.88.14.172 port 655) Mar 3 06:41:01 albi-laptop tinc.life[2128]: Flushing queue for vs12 (85.88.14.172 port 655) Mar 3 06:41:03 albi-laptop tinc.life[2128]: Sending MTU probe length 621 to vs12 (85.88.14.172 port 655) Mar 3 06:41:03 albi-laptop tinc.life[2128]: Sending MTU probe length 106 to vs12 (85.88.14.172 port 655) Mar 3 06:41:03 albi-laptop tinc.life[2128]: Sending MTU probe length 213 to vs12 (85.88.14.172 port 655) Mar 3 06:41:05 albi-laptop tinc.life[2128]: Sending MTU probe length 128 to vs12 (85.88.14.172 port 655) Mar 3 06:41:05 albi-laptop tinc.life[2128]: Sending MTU probe length 467 to vs12 (85.88.14.172 port 655) Mar 3 06:41:05 albi-laptop tinc.life[2128]: Sending MTU probe length 559 to vs12 (85.88.14.172 port 655) Mar 3 06:41:07 albi-laptop tinc.life[2128]: Sending MTU probe length 1355 to vs12 (85.88.14.172 port 655) Mar 3 06:41:07 albi-laptop tinc.life[2128]: Sending MTU probe length 883 to vs12 (85.88.14.172 port 655) Mar 3 06:41:07 albi-laptop tinc.life[2128]: Sending MTU probe length 155 to vs12 (85.88.14.172 port 655) Mar 3 06:41:09 albi-laptop tinc.life[2128]: Sending MTU probe length 216 to vs12 (85.88.14.172 port 655) Mar 3 06:41:09 albi-laptop tinc.life[2128]: Sending MTU probe length 1401 to vs12 (85.88.14.172 port 655) Mar 3 06:41:09 albi-laptop tinc.life[2128]: Sending MTU probe length 1197 to vs12 (85.88.14.172 port 655) Mar 3 06:41:11 albi-laptop tinc.life[2128]: Sending MTU probe length 594 to vs12 (85.88.14.172 port 655) Mar 3 06:41:11 albi-laptop tinc.life[2128]: Sending MTU probe length 1439 to vs12 (85.88.14.172 port 655) Mar 3 06:41:11 albi-laptop tinc.life[2128]: Sending MTU probe length 746 to vs12 (85.88.14.172 port 655) Mar 3 06:41:13 albi-laptop tinc.life[2128]: Sending MTU probe length 505 to vs12 (85.88.14.172 port 655) Mar 3 06:41:13 albi-laptop tinc.life[2128]: Sending MTU probe length 1402 to vs12 (85.88.14.172 port 655) Mar 3 06:41:13 albi-laptop tinc.life[2128]: Sending MTU probe length 1303 to vs12 (85.88.14.172 port 655) Mar 3 06:41:15 albi-laptop tinc.life[2128]: Sending MTU probe length 504 to vs12 (85.88.14.172 port 655) Mar 3 06:41:15 albi-laptop tinc.life[2128]: Sending MTU probe length 1462 to vs12 (85.88.14.172 port 655) Mar 3 06:41:15 albi-laptop tinc.life[2128]: Sending MTU probe length 1031 to vs12 (85.88.14.172 port 655) Mar 3 06:41:17 albi-laptop tinc.life[2128]: Sending MTU probe length 1089 to vs12 (85.88.14.172 port 655) Mar 3 06:41:17 albi-laptop tinc.life[2128]: Sending MTU probe length 1060 to vs12 (85.88.14.172 port 655) Mar 3 06:41:17 albi-laptop tinc.life[2128]: Sending MTU probe length 1154 to vs12 (85.88.14.172 port 655) Mar 3 06:41:19 albi-laptop tinc.life[2128]: No response to MTU probes from vs12 (85.88.14.172 port 655) And here is log during ping, strange, looks like I receive an answer: Mar 3 07:36:26 albi-laptop tinc.life[1287]: Sending packet of 98 bytes to vs12 (85.88.14.172 port 655) Mar 3 07:36:27 albi-laptop tinc.life[1287]: Read packet of 98 bytes from Linux tun/tap device (tun mode) Mar 3 07:36:27 albi-laptop tinc.life[1287]: Sending packet of 98 bytes to vs12 (85.88.14.172 port 655) Mar 3 07:36:28 albi-laptop tinc.life[1287]: Read packet of 98 bytes from Linux tun/tap device (tun mode) Mar 3 07:36:28 albi-laptop tinc.life[1287]: Sending packet of 98 bytes to vs12 (85.88.14.172 port 655) Mar 3 07:36:29 albi-laptop tinc.life[1287]: Read packet of 98 bytes from Linux tun/tap device (tun mode) Mar 3 07:36:29 albi-laptop tinc.life[1287]: Sending packet of 98 bytes to vs12 (85.88.14.172 port 655) Is there any problem with tinc version 1.09? Never used this version. Other side is tinc 1.03 ALBI...
> I also use german O2 UMTS on my Ubuntu netbook and I have tinc vpn > tunnel to my homebase without problem (except the configuration could > be enhanced) so I do not think you have a provider problem.Thanks for that info. Do you get 10.* address when you are online? Gateway 10.64.64.64? Can you tell me which version of tinc you use? ALBI...