Hello, Please excuse my (probably newbie) question, but: Since RouterOS, MikroTik's proprietary OS, is largely based on GNU/Linux, anyone knows a way to run tinc on a MikroTik device? This would be in order to make an (imposed, no choice given...) MikroTik device (say the B1100AHX4 router) to participate in a tinc mesh, in interoperation with GNU/Linux machines. Please see: https://mikrotik.com/ https://mikrotik.com/product/rb1100ahx4 (Confession: after using tinc for a few years, on a few dozen free software machines, going back to point-to-point L2TP/IPSec tunnels, even with Strongswan, would be a NIGHTMARE. This is just because someone in the organization insists in using hardware routers and proprietary software... So this is a cry for help ;-) ) Friendly regards, Răzvan -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20181116/c956efc1/attachment.html>
Get a RPi (or faster/cheaper/equivalent), and bridge it into the Mikrotik……….> On 16 Nov 2018, at 12:32 , Răzvan Sandu <rsandu2007 at gmail.com> wrote: > > Hello, > > Please excuse my (probably newbie) question, but: > > Since RouterOS, MikroTik's proprietary OS, is largely based on GNU/Linux, anyone knows a way to run tinc on a MikroTik device? > > This would be in order to make an (imposed, no choice given...) MikroTik device (say the B1100AHX4 router) to participate in a tinc mesh, in interoperation with GNU/Linux machines. > > Please see: > > https://mikrotik.com/ <https://mikrotik.com/> > https://mikrotik.com/product/rb1100ahx4 <https://mikrotik.com/product/rb1100ahx4> > > (Confession: after using tinc for a few years, on a few dozen free software machines, going back to point-to-point L2TP/IPSec tunnels, even with Strongswan, would be a NIGHTMARE. This is just because someone in the organization insists in using hardware routers and proprietary software... So this is a cry for help ;-) ) > > Friendly regards, > Răzvan > > > > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20181116/eaba5050/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: Message signed with OpenPGP URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20181116/eaba5050/attachment.sig>
*hvjunk said:*> Get a RPi (or faster/cheaper/equivalent), and bridge it into the Mikrotik……….Unfortunately, I don't think this is an option (even if I may put there a full PC, not only a Raspberry Pi), for a few reasons: - what I'm trying to achieve is to substitute MikroTik's native L2TP/IPSec tunnels with tinc, not to have TWO tunnels - supposing I have two different tunnels to the same destination, I can't imagine a way to route traffic between them (since in tinc routing is fully automatic and elegant, point-top-point L2TP/IPSec is very inflexible) Best regards, Răzvan În vin., 16 nov. 2018 la 12:32, Răzvan Sandu <rsandu2007 at gmail.com> a scris:> Hello, > > Please excuse my (probably newbie) question, but: > > Since RouterOS, MikroTik's proprietary OS, is largely based on GNU/Linux, > anyone knows a way to run tinc on a MikroTik device? > > This would be in order to make an (imposed, no choice given...) MikroTik > device (say the B1100AHX4 router) to participate in a tinc mesh, in > interoperation with GNU/Linux machines. > > Please see: > > https://mikrotik.com/ > https://mikrotik.com/product/rb1100ahx4 > > (Confession: after using tinc for a few years, on a few dozen free > software machines, going back to point-to-point L2TP/IPSec tunnels, even > with Strongswan, would be a NIGHTMARE. This is just because someone in the > organization insists in using hardware routers and proprietary software... > So this is a cry for help ;-) ) > > Friendly regards, > Răzvan > > > > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20181116/5c9bdbae/attachment.html>
On 2018-11-16 10:32, Răzvan Sandu wrote:> Hello, > > Please excuse my (probably newbie) question, but: > > Since RouterOS, MikroTik's proprietary OS, is largely based on > GNU/Linux, anyone knows a way to run tinc on a MikroTik device? > > This would be in order to make an (imposed, no choice given...) > MikroTik device (say the B1100AHX4 router) to participate in a tinc > mesh, in interoperation with GNU/Linux machines. > > Please see: > > https://mikrotik.com/ [1] > https://mikrotik.com/product/rb1100ahx4 [2] >Not sure if its on ARM stuff: https://wiki.mikrotik.com/wiki/Manual:Metarouter I was hoping to build a mini appliance for these situations: These seem pretty nice, put standard OpenWRT on mine, has headers and holes for PoE mod with any cheap DC-DC board too. https://www.amazon.co.uk/GL-iNet-GL-MT300N-V2-Pre-installed-Performance-Compatible/dp/B073TSK26W/ref=sr_1_1 Quad core CPU on this one http://linuxgizmos.com/tiny-hacker-board-features-dual-ethernet-and-a-13-90-price/ Love the voltage input range on these things https://openwrt.org/toh/hwdata/mikrotik/mikrotik_rbmap-2nd> (Confession: after using tinc for a few years, on a few dozen free > software machines, going back to point-to-point L2TP/IPSec tunnels, > even with Strongswan, would be a NIGHTMARE. This is just because > someone in the organization insists in using hardware routers and > proprietary software... So this is a cry for help ;-) ) >And OpenVPN support in RouterOS was allways annoying for me. Regards JWP
Have whomever insists on the Mikrotik solution to manage it 🤣. Why not get a pfsense appliance instead? Tinc I'd an easy add on package included in the package manager. Then you'd satisfy their hardware requirement + your tinc need. On Fri, Nov 16, 2018, 6:02 AM Răzvan Sandu <rsandu2007 at gmail.com wrote:> *hvjunk said:* > > > Get a RPi (or faster/cheaper/equivalent), and bridge it into the Mikrotik………. > > Unfortunately, I don't think this is an option (even if I may put there a full PC, not only a Raspberry Pi), for a few reasons: > > - what I'm trying to achieve is to substitute MikroTik's native L2TP/IPSec tunnels with tinc, not to have TWO tunnels > > - supposing I have two different tunnels to the same destination, I can't imagine a way to route traffic between them (since in tinc routing is fully automatic and elegant, point-top-point L2TP/IPSec is very inflexible) > > Best regards, > > Răzvan > > > > > În vin., 16 nov. 2018 la 12:32, Răzvan Sandu <rsandu2007 at gmail.com> a > scris: > >> Hello, >> >> Please excuse my (probably newbie) question, but: >> >> Since RouterOS, MikroTik's proprietary OS, is largely based on GNU/Linux, >> anyone knows a way to run tinc on a MikroTik device? >> >> This would be in order to make an (imposed, no choice given...) MikroTik >> device (say the B1100AHX4 router) to participate in a tinc mesh, in >> interoperation with GNU/Linux machines. >> >> Please see: >> >> https://mikrotik.com/ >> https://mikrotik.com/product/rb1100ahx4 >> >> (Confession: after using tinc for a few years, on a few dozen free >> software machines, going back to point-to-point L2TP/IPSec tunnels, even >> with Strongswan, would be a NIGHTMARE. This is just because someone in the >> organization insists in using hardware routers and proprietary software... >> So this is a cry for help ;-) ) >> >> Friendly regards, >> Răzvan >> >> >> >> >> _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20181116/1b1b004b/attachment.html>