search for: marcelvierzon

Hello Julien, Am Tue, 15 Jan 2019 16:33:26 +0100 schrieb Julien dupont <marcelvierzon at gmail.com>: > ip_forward was not enabled, now it is. a good step forward :) (you should do this permanently via /etc/sysctl.d/) > 'iptables -L -vn' yields: > [..] OK. The output tells us, that there are firewall rules. Now you should take a look at your firewall configu...

On 12/1/19 2:29 pm, Lars Kruse wrote: > Hello > > > Am Thu, 10 Jan 2019 11:58:33 +0100 > schrieb Julien dupont <marcelvierzon at gmail.com>: > >> The two tunnels are working. From a client I can ping or ssh VPN_office on >> both tunnel and LAN IPs 172.16.0.2 and 192.168.1.3. I cannot however ping >> any other computer on the LAN, I get no pong back but it is not complaining >> he has no route...

Hi, I am trying to setup a VPN between roaming users and the office. Main usage will be VNC sessions to some Linux computers sitting on the office LAN. One machine on the office LAN, VPN_office, is dedicated to run tinc. The office router is behind another router for which we have no control, so I contracted an external computer VPN_out with a public IP to act as an in between connection. All

Hi Julien, Am Mon, 14 Jan 2019 18:04:40 +0100 schrieb Julien dupont <marcelvierzon at gmail.com>: > Investigating with tcpdump withoug guidelines is beyond my skills I'm > afraid. Try this on your VPN_office host: tcpdump -npi any icmp and host 192.168.1.3 In parallel you start a ping from the other network: ping 192.168.1.1 I assume, that tcpdump will show all...

Hello Julien, Am Mon, 14 Jan 2019 22:15:47 +0100 schrieb Julien dupont <marcelvierzon at gmail.com>: > ** Test 1 ** > On VPN_office I use 'tcpdump -npi any icmp and host 192.168.1.3' > When pinging 192.168.1.1 from client 1, with no success, I see no packet > passing. Sorry - the tcpdump command should end with "192.168.1.1" instead of "192.1...

Hello Julien, Am Tue, 15 Jan 2019 09:30:23 +0100 schrieb Julien dupont <marcelvierzon at gmail.com>: > In that case I see: > IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id2135, seq1, length 64 > IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id2135, seq2, length 64 > IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id2135, seq3, length 64 > > Pack...

Hello Am Thu, 10 Jan 2019 11:58:33 +0100 schrieb Julien dupont <marcelvierzon at gmail.com>: > The two tunnels are working. From a client I can ping or ssh VPN_office on > both tunnel and LAN IPs 172.16.0.2 and 192.168.1.3. I cannot however ping > any other computer on the LAN, I get no pong back but it is not complaining > he has no route to host. wild gues...

...de makes things easier or that's not related? Le sam. 12 janv. 2019 à 05:17, Hamish Moffatt <hamish at moffatt.email> a écrit : > On 12/1/19 2:29 pm, Lars Kruse wrote: > > Hello > > > > > > Am Thu, 10 Jan 2019 11:58:33 +0100 > > schrieb Julien dupont <marcelvierzon at gmail.com>: > > > >> The two tunnels are working. From a client I can ping or ssh VPN_office > on > >> both tunnel and LAN IPs 172.16.0.2 and 192.168.1.3. I cannot however > ping > >> any other computer on the LAN, I get no pong back but it is not > c...

...edirect Host (New nexthop: 192.168.1.3) ... This is the result of the traffic redirection rule I put in the router. Le lun. 14 janv. 2019 à 19:43, Lars Kruse <lists at sumpfralle.de> a écrit : > Hi Julien, > > > Am Mon, 14 Jan 2019 18:04:40 +0100 > schrieb Julien dupont <marcelvierzon at gmail.com>: > > > Investigating with tcpdump withoug guidelines is beyond my skills I'm > > afraid. > > Try this on your VPN_office host: > tcpdump -npi any icmp and host 192.168.1.3 > In parallel you start a ping from the other network: > ping 192.168.1.1...

...a lot of help pages and howto, I did not find any that was actually telling the *full* right set of instructions. Le mar. 15 janv. 2019 à 21:09, Lars Kruse <lists at sumpfralle.de> a écrit : > Hello Julien, > > > Am Tue, 15 Jan 2019 16:33:26 +0100 > schrieb Julien dupont <marcelvierzon at gmail.com>: > > > ip_forward was not enabled, now it is. > > a good step forward :) > > (you should do this permanently via /etc/sysctl.d/) > > > > 'iptables -L -vn' yields: > > [..] > > OK. The output tells us, that there are firewall rule...

Le mar. 15 janv. 2019 à 03:13, Lars Kruse <lists at sumpfralle.de> a écrit : > Hello Julien, > > > Am Mon, 14 Jan 2019 22:15:47 +0100 > schrieb Julien dupont <marcelvierzon at gmail.com>: > > > > ** Test 1 ** > > On VPN_office I use 'tcpdump -npi any icmp and host 192.168.1.3' > > When pinging 192.168.1.1 from client 1, with no success, I see no packet > > passing. > > Sorry - the tcpdump command should end with "192...

...ination Chain OUTPUT_direct (1 references) pkts bytes target prot opt in out source destination Le mar. 15 janv. 2019 à 13:49, Lars Kruse <lists at sumpfralle.de> a écrit : > Hello Julien, > > > Am Tue, 15 Jan 2019 09:30:23 +0100 > schrieb Julien dupont <marcelvierzon at gmail.com>: > > > In that case I see: > > IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id2135, seq1, length 64 > > IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id2135, seq2, length 64 > > IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id2135, seq3, l...

Hello, Early this year I got help here to setup tinc tunnels between users and a company LAN. Now I would like to try something different for a home usage and I have a question regarding security. The setup would look like as follows: - My home LAN has a classical topology where my ISP router is doing NAT and is blocking all incoming connection. I'm planning to enable port forwarding on the