<html><head></head><body><div
style="font-family: Verdana;font-size: 12.0px;"><div>Hi
everyone,</div>
<div> </div>
<div>I am trying to run tinc version 1.1pre17 on fedora 30 hosts and I am
running into a problem. Building and starting tinc works just fine. After
starting the network using "tinc -n prod start", the interface shows
up properly and it has the correct IP addresses configured:</div>
<div> </div>
<div>
<div>vpn0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1280 qdisc fq_codel
state UNKNOWN group default qlen 1000<br/>
link/ether 5e:e1:e0:e1:1c:94 brd ff:ff:ff:ff:ff:ff<br/>
inet6 fd10:1:1::1/128 scope global<br/>
valid_lft forever preferred_lft forever<br/>
inet6 fe80::5ce1:e0ff:fee1:1c94/64 scope link<br/>
valid_lft forever preferred_lft forever</div>
<div> </div>
<div> </div>
<div>However, the hosts cannot connect to each other. When checking the
logs, the following appears over and over again, for any combination of
hosts:</div>
<div> </div>
<div>
<div>Error while connecting to node04 (<redacted> port 655):
Permission denied<br/>
Closing connection with node04 (<redacted> port 655)<br/>
Could not set up a meta connection to node04<br/>
Trying to re-establish outgoing connection in 50 seconds</div>
<div> </div>
<div> </div>
<div>I have checked my selinux configuration and everything is fine on
that end:</div>
<div> </div>
<div>
<div>tincd_port_t tcp 655<br/>
tincd_port_t udp 655</div>
<div> </div>
<div> </div>
<div>Can someone point me into the right direction?</div>
<div> </div>
<div>Kind regards,</div>
<div>Christopher</div>
</div>
</div>
</div></div></body></html>
On Sun, Aug 25, 2019 at 02:41:03PM +0200, Christopher Klinge wrote:> I am trying to run tinc version 1.1pre17 on fedora 30 hosts and I am running > into a problem. Building and starting tinc works just fine.[...]> However, the hosts cannot connect to each other. When checking the logs, the > following appears over and over again, for any combination of hosts: > > Error while connecting to node04 (<redacted> port 655): Permission deniedThat sounds like there is a local firewall rule that blocks outgoing TCP connections to <redacted> port 655. Either that, or the Address statement in hosts/node04 contains an error, so that it thinks it's a broadcast address. Check if you can manually connect to node04's address port 655 using the socket or telnet commands. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20190826/9e0fee02/attachment.sig>
<html><head></head><body><div style="font-family: Verdana;font-size: 12.0px;"><div> <div>Thank you very much... I should have thought about that.</div> <div> </div> <div>Kind regards</div> <div> <div name="quote" style="margin:10px 5px 5px 10px; padding: 10px 0 10px 10px; border-left:2px solid #C3D9E5; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"> <div style="margin:0 0 10px 0;"><b>Gesendet:</b> Montag, 26. August 2019 um 13:27 Uhr<br/> <b>Von:</b> "Guus Sliepen" <guus@tinc-vpn.org><br/> <b>An:</b> tinc@tinc-vpn.org<br/> <b>Betreff:</b> Re: tinc 1.1pre17 on fedora 30</div> <div name="quoted-content">On Sun, Aug 25, 2019 at 02:41:03PM +0200, Christopher Klinge wrote:<br/> <br/>> I am trying to run tinc version 1.1pre17 on fedora 30 hosts and I am running<br/> > into a problem. Building and starting tinc works just fine.<br/>[...]<br/>> However, the hosts cannot connect to each other. When checking the logs, the<br/> > following appears over and over again, for any combination of hosts:<br/> ><br/> > Error while connecting to node04 (<redacted> port 655): Permission denied<br/><br/> That sounds like there is a local firewall rule that blocks outgoing<br/> TCP connections to <redacted> port 655. Either that, or the Address<br/> statement in hosts/node04 contains an error, so that it thinks it's a<br/> broadcast address.<br/> <br/> Check if you can manually connect to node04's address port 655 using the<br/> socket or telnet commands.<br/> <br/> --<br/> Met vriendelijke groet / with kind regards,<br/> Guus Sliepen <guus@tinc-vpn.org><br/> _______________________________________________<br/> tinc mailing list<br/> tinc@tinc-vpn.org<br/> <a href="https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_blank">https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a></div> </div> </div> </div></div></body></html>