thr3ads.net - tinc - Create a VPN network with some PC clients. [Oct 2010]

If this information is useful, please help other people find it:
Share via:

Ramses II

2010-Oct-17 08:56 UTC

Create a VPN network with some PC clients.

Hi to everybody,

I want create a VPN with some PC clients and only one server, instead of
LAN-to-LAN, but I'm not very sure how to do this.

For example, I need to have:

- Server LAN -------- (192.168.0.1/24) ---- tinc-VPN ---- (192.168.100.1/24)
- Client-01 LAN --- (192.168.50.1/24) ---- tinc-VPN ---- (192.168.100.10/24)
- Client-02 LAN --- (192.168.80.1/24) ---- tinc-VPN ---- (192.168.100.11/24)

Currently, I have this config in the server:

--------- tinc.conf ------------
Name = ServerA
----------------------------------
------------- tinc-up ----------
#!/bin/sh
ifconfig $INTERFACE 192.168.100.1 netmask 255.255.0.0
------------------------------------
----------- ServerA ----------
Subnet = 192.168.100.0/24
Address = 80.80.80.80
Compression = 10
-- key --
------------------------------------
----------- Client-01 ----------
Subnet = 192.168.101.0/24
Address = 80.80.80.81
Compression = 10
-- key --
------------------------------------

And I have this config in Client-01:

--------- tinc.conf ------------
Name = Client-01
ConnectTo = ServerA
----------------------------------
------------- tinc-up ----------
#!/bin/sh
ifconfig $INTERFACE 192.168.101.1 netmask 255.255.0.0
------------------------------------
----------- ServerA ----------
Subnet = 192.168.100.0/24
Address = 80.80.80.80
Compression = 10
-- key --
------------------------------------
----------- Client-01 ----------
Subnet = 192.168.101.0/24
Address = 80.80.80.81
Compression = 10
-- key --
------------------------------------

And the Client-02 is configured in the other VPN subnet.

If I put them both on the same subnet, evidently, it can not work in router
mode.

I need to build a VPN star but not LAN-to-LAN, only ServerA <--->
PC-Client

There are somehow to do this with only one VPN subnet?

Best regards,

Ramses

Guus Sliepen

2010-Oct-17 09:03 UTC

head link

Create a VPN network with some PC clients.

On Sun, Oct 17, 2010 at 10:56:35AM +0200, Ramses II wrote:
> I want create a VPN with some PC clients and only one server, instead of
> LAN-to-LAN, but I'm not very sure how to do this.
> 
> For example, I need to have:
> 
> - Server LAN -------- (192.168.0.1/24) ---- tinc-VPN ----
(192.168.100.1/24)
> - Client-01 LAN --- (192.168.50.1/24) ---- tinc-VPN ----
(192.168.100.10/24)
> - Client-02 LAN --- (192.168.80.1/24) ---- tinc-VPN ----
(192.168.100.11/24)
> 
> Currently, I have this config in the server:
> 
> ifconfig $INTERFACE 192.168.100.1 netmask 255.255.0.0
Why the 255.255.0.0 netmask? If your VPN only consists of nodes with
192.168.100.* addresses, then the netmask should be 255.255.255.0.
> Subnet = 192.168.100.0/24
And in the host config files, use /32 instead of /24, since each node only uses
one IP address from the whole VPN range.
> ----------- Client-01 ----------
> Subnet = 192.168.101.0/24
That should be 192.168.100.10/32, according to the diagram you wrote above.
> ifconfig $INTERFACE 192.168.101.1 netmask 255.255.0.0
And 192.168.100.10 netmask 255.255.255.0.
> If I put them both on the same subnet, evidently, it can not work in router
> mode.
With the /32 Subnets this is not a problem.

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20101017/c1cf2bd7/attachment.pgp>

Ramses II

2010-Oct-18 07:42 UTC

head link

[SOLVED]: RE: Create a VPN network with some PC clients.

Hi Guus,

I Guus,

It was what I said, the 32bits of the subnet parameter, now work well.

Now, the config files are these:

--------- tinc.conf (Server) ------------
Name = ServerA
Device = /dev/net/tun
----------------------------------
------------- tinc-up ----------
#!/bin/sh
ifconfig $INTERFACE 192.168.100.1 netmask 255.255.255.0
------------------------------------
----------- ServerA ----------
Subnet = 192.168.100.1/32
Address = 80.80.80.80
Compression = 10
-- key --
------------------------------------
----------- Client-01 ----------
Subnet = 192.168.100.10/32
Address = 80.80.80.81
Compression = 10
-- key --
------------------------------------

And I have this config in Client-01:

--------- tinc.conf (Client-01) ------------
Name = Client-01
Device = /dev/net/tun
ConnectTo = ServerA
----------------------------------
------------- tinc-up ----------
#!/bin/sh
ifconfig $INTERFACE 192.168.100.10 netmask 255.255.255.0
------------------------------------
----------- ServerA ----------
Subnet = 192.168.100.1/32
Address = 80.80.80.80
Compression = 10
-- key --
------------------------------------
----------- Client-01 ----------
Subnet = 192.168.100.10/32
Address = 80.80.80.81
Compression = 10
-- key --
------------------------------------

And the Client-02 is configured in the other VPN subnet (Subnet
192.168.100.11/32).


Very thanks and best regards,

Ramses

Maybe Matching Threads

Search for more apparently analagous threads

tinc - Oct 2010 - Create a VPN network with some PC clients.

Create a VPN network with some PC clients.

Create a VPN network with some PC clients.

[SOLVED]: RE: Create a VPN network with some PC clients.

Maybe Matching Threads