search for: coreybrett

Displaying 13 results from an estimated 13 matches for "coreybrett".

2018 Aug 29
3
Routing setup with pfSense package
...t;VPN Netmask" option is specific to the pfSense implementation, or does it correspond to a tinc config item? On Tue, Aug 28, 2018 at 6:35 PM Lars Kruse <lists at sumpfralle.de> wrote: > > Hello Corey, > > > Am Tue, 28 Aug 2018 16:23:02 -0400 > schrieb Corey Boyle <coreybrett at gmail.com>: > > > See this thread for more details... > > > > https://forum.netgate.com/topic/134218/tinc-initial-setup > > > I think, the crucial misunderstanding in the above thread is the following: > > > However, the routeing table on each router doe...
2018 Aug 28
3
Routing setup with pfSense package
Is it possible to connect networks with different masks together? For example a 10.26.0.0/16 subnet with a 192.168.117.0/24 subnet. See this thread for more details... https://forum.netgate.com/topic/134218/tinc-initial-setup
2018 Aug 29
2
Routing setup with pfSense package
I just found that the VPN Netmask option in the pfSense tinc GUI is related to the "netmask" option in /usr/local/etc/tinc/tinc-up ifconfig $INTERFACE 192.168.117.1 netmask 255.255.0.0 What exactly is this line doing? Is it assigning the address that my lan adapter has to the tunnel interface as well? I'm interested in using tinc in production, so I'm trying to learn as much
2018 Aug 28
0
Routing setup with pfSense package
Hello Corey, Am Tue, 28 Aug 2018 16:23:02 -0400 schrieb Corey Boyle <coreybrett at gmail.com>: > See this thread for more details... > > https://forum.netgate.com/topic/134218/tinc-initial-setup I think, the crucial misunderstanding in the above thread is the following: > However, the routeing table on each router does not reflect this information > and...
2018 Aug 29
0
Routing setup with pfSense package
On Wed, Aug 29, 2018 at 12:46 PM, Corey Boyle <coreybrett at gmail.com> wrote: > Do you know if the "VPN Netmask" option is specific to the pfSense > implementation, or does it correspond to a tinc config item? In Tinc, I believe each host has it's own Subnet, and that each such Subnet has whatever netmask it has. I believe there...
2018 Aug 29
0
Routing setup with pfSense package
Hello Corey, Am Wed, 29 Aug 2018 16:33:30 -0400 schrieb Corey Boyle <coreybrett at gmail.com>: > I just found that the VPN Netmask option in the pfSense tinc GUI is > related to the "netmask" option in /usr/local/etc/tinc/tinc-up > > ifconfig $INTERFACE 192.168.117.1 netmask 255.255.0.0 > > What exactly is this line doing? Is it assigning the...
2018 Sep 01
2
keeping someone out / daemon keys
Is it possible for daemonA and daemonB to communicate without having exchanged public keys? If daemonA and daemonB have exchanged keys, and daemonA and daemonC have exchanged keys, can daemonA and daemonC communicate with each other? To ask it another way, how do I prevent an unauthorized daemon from joining the VPN?
2018 Sep 01
0
keeping someone out / daemon keys
On Fri, Aug 31, 2018 at 6:17 PM, Corey Boyle <coreybrett at gmail.com> wrote: > Is it possible for daemonA and daemonB to communicate without having > exchanged public keys? If only A and B are nodes, then I believe the answer is no. > If daemonA and daemonB have exchanged keys, and daemonA and daemonC > have exchanged keys, can daemonA...
2018 Sep 01
2
keeping someone out / daemon keys
Interesting! So if I have 5 nodes; A B C D E F... I can just configure each node with A's public key (and A with theirs), and that will allow all of them to communicate directly?
2018 Sep 01
0
keeping someone out / daemon keys
On Fri, Aug 31, 2018 at 8:14 PM, Corey Boyle <coreybrett at gmail.com> wrote: > I can just configure each node with A's public key (and A with > theirs), and that will allow all of them to communicate directly? Yes. If you configure a hub with spokes, then Tinc will create a full mesh, on demand as needed. Assuming, of course, that any re...
2018 Sep 01
1
multi-wan / multi-path
Is tinc able to use multiple gateways for outgoing connections? Or is it restricted to the default gateway? In other words... If I have a branch office with a cable connection and a dsl connection, could it use both in an active/hot-standby fashion?
2018 Sep 01
1
keeping someone out / daemon keys
Thanks for all your help. I've been reading thru the tinc manual, but was having a hard time finding an explanation of the security/trust model. I'm interested in using tinc in a business production environment, so I just want to make sure I have it secured properly. Would spokes loose their connection we each other if the hub went offline? Also, what's the minimum required exchange
2018 Oct 02
0
Per host key authentication
I don't believe tinc will support this level of access control. As far as I can tell, it's all or nothing with tinc. How you configure firewalls on the other hand is up to you. On Tue, Oct 2, 2018 at 4:40 PM Michael Munger <mj at hph.io> wrote: > > Problem I want to solve: > > We have 3 sites: A, B, and C. > > Network admins should have access to all three. (this