Hi guys, thanks in advance for any answers. Trying to get tinc up and running, I hit a roadblock though. What I’m trying to do is to connect to my roaming notebook to my company network. All hosts on our network live in the 10.42.x.x range, netmask is 255.255.0.0. Tinc 1.1pre14 service is running on a Windows host 10.42.2.50. Public ports are natted through, telnetting public ip port 655 the daemon answers. On my notebook running Windows 10 I also have tinc 1.1pre14 running. The server is configured as follows: --- tinc.conf --- Name = serverwin Interface = VPN --- hosts\client --- -----BEGIN RSA PUBLIC KEY----- xxx -----END RSA PUBLIC KEY----- Ed25519PublicKey = yyy --- tap/tun --- The virtual network adapter is named VPN and configured for IP 10.42.100.3, subnet 255.255.0.0. The client is configured as follows: --- tinc.conf --- Name = client Interface = vpn ConnectTo = serverwin --- hosts\serverwin --- Address = public ip -----BEGIN RSA PUBLIC KEY----- xxx -----END RSA PUBLIC KEY----- Ed25519PublicKey = yyy --- tap/tun --- The virtual network adapter is named vpn and configured for IP 10.42.100.2, subnet 255.255.0.0. Pulling tinc info client on the server gives the following: Node: client Node ID: xxx928356yyy Address: public IP university network port 655 Online since: 2016-11-17 13:04:03 Status: validkey visited reachable sptps Options: pmtu_discovery clamp_mss Protocol: 17.7 Reachability: directly with TCP Edges: serverwin Subnets: Pulling tinc info serverwin on the client gives the following: Node: serverwin Node ID: xxx168af2859yyy Address: public IP company network port 655 Online since: 2016-11-17 13:04:03 Status: validkey visited reachable sptps Options: pmtu_discovery clamp_mss Protocol: 17.7 Reachability: directly with TCP Edges: client Subnets: Nothing answers on ping from my notebook though, pinging 10.42.100.3 times out. Pinging 10.42.2.50 times out. Pinging the notebook from the server (10.42.100.2) also times out. What am I doing wrong or missing here? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20161117/adef7258/attachment.html>
On Thu, Nov 17, 2016 at 12:36:47PM +0000, Herr Brandes wrote:> Trying to get tinc up and running, I hit a roadblock though. What I’m trying to do is to connect to my roaming notebook to my company network.[...]> Pulling tinc info client on the server gives the following: > Node: client[...]> Subnets: > > Pulling tinc info serverwin on the client gives the following: > Node: serverwin[...]> Subnets:It looks like you didn't configure any Subnets. If tinc is in router mode (which is the default), then it needs to know which IP ranges belong to which nodes. To tell tinc that, just do the following: On serverwin: tinc [-n netname] add Subnet 10.42.100.3 On client: tinc [-n netname] add Subnet 10.42.100.2 Another option is to run tinc in switch mode, in that case you don't need any Subnets configured. You can enable switch mode using: tinc [-n netname] set Mode switch You have to do that on all nodes of your VPN. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20161117/b64cfe24/attachment.sig>