search for: coreybrett

...t;VPN Netmask" option is specific to the pfSense implementation, or does it correspond to a tinc config item? On Tue, Aug 28, 2018 at 6:35 PM Lars Kruse <lists at sumpfralle.de> wrote: > > Hello Corey, > > > Am Tue, 28 Aug 2018 16:23:02 -0400 > schrieb Corey Boyle <coreybrett at gmail.com>: > > > See this thread for more details... > > > > https://forum.netgate.com/topic/134218/tinc-initial-setup > > > I think, the crucial misunderstanding in the above thread is the following: > > > However, the routeing table on each router doe...

Is it possible to connect networks with different masks together? For example a 10.26.0.0/16 subnet with a 192.168.117.0/24 subnet. See this thread for more details... https://forum.netgate.com/topic/134218/tinc-initial-setup

I just found that the VPN Netmask option in the pfSense tinc GUI is related to the "netmask" option in /usr/local/etc/tinc/tinc-up ifconfig $INTERFACE 192.168.117.1 netmask 255.255.0.0 What exactly is this line doing? Is it assigning the address that my lan adapter has to the tunnel interface as well? I'm interested in using tinc in production, so I'm trying to learn as much

Hello Corey, Am Tue, 28 Aug 2018 16:23:02 -0400 schrieb Corey Boyle <coreybrett at gmail.com>: > See this thread for more details... > > https://forum.netgate.com/topic/134218/tinc-initial-setup I think, the crucial misunderstanding in the above thread is the following: > However, the routeing table on each router does not reflect this information > and...

On Wed, Aug 29, 2018 at 12:46 PM, Corey Boyle <coreybrett at gmail.com> wrote: > Do you know if the "VPN Netmask" option is specific to the pfSense > implementation, or does it correspond to a tinc config item? In Tinc, I believe each host has it's own Subnet, and that each such Subnet has whatever netmask it has. I believe there...

Hello Corey, Am Wed, 29 Aug 2018 16:33:30 -0400 schrieb Corey Boyle <coreybrett at gmail.com>: > I just found that the VPN Netmask option in the pfSense tinc GUI is > related to the "netmask" option in /usr/local/etc/tinc/tinc-up > > ifconfig $INTERFACE 192.168.117.1 netmask 255.255.0.0 > > What exactly is this line doing? Is it assigning the...

Is it possible for daemonA and daemonB to communicate without having exchanged public keys? If daemonA and daemonB have exchanged keys, and daemonA and daemonC have exchanged keys, can daemonA and daemonC communicate with each other? To ask it another way, how do I prevent an unauthorized daemon from joining the VPN?

On Fri, Aug 31, 2018 at 6:17 PM, Corey Boyle <coreybrett at gmail.com> wrote: > Is it possible for daemonA and daemonB to communicate without having > exchanged public keys? If only A and B are nodes, then I believe the answer is no. > If daemonA and daemonB have exchanged keys, and daemonA and daemonC > have exchanged keys, can daemonA...

Interesting! So if I have 5 nodes; A B C D E F... I can just configure each node with A's public key (and A with theirs), and that will allow all of them to communicate directly?

On Fri, Aug 31, 2018 at 8:14 PM, Corey Boyle <coreybrett at gmail.com> wrote: > I can just configure each node with A's public key (and A with > theirs), and that will allow all of them to communicate directly? Yes. If you configure a hub with spokes, then Tinc will create a full mesh, on demand as needed. Assuming, of course, that any re...

Is tinc able to use multiple gateways for outgoing connections? Or is it restricted to the default gateway? In other words... If I have a branch office with a cable connection and a dsl connection, could it use both in an active/hot-standby fashion?

Thanks for all your help. I've been reading thru the tinc manual, but was having a hard time finding an explanation of the security/trust model. I'm interested in using tinc in a business production environment, so I just want to make sure I have it secured properly. Would spokes loose their connection we each other if the hub went offline? Also, what's the minimum required exchange

I don't believe tinc will support this level of access control. As far as I can tell, it's all or nothing with tinc. How you configure firewalls on the other hand is up to you. On Tue, Oct 2, 2018 at 4:40 PM Michael Munger <mj at hph.io> wrote: > > Problem I want to solve: > > We have 3 sites: A, B, and C. > > Network admins should have access to all three. (this