similar to: tinc from behind a NAT

Hi Guus, Am Freitag, den 25.09.2015, 09:36 +0200 schrieb Guus Sliepen: > On Fri, Sep 25, 2015 at 08:41:06AM +0200, Marcus Schopen wrote: > > > I'm running some tinc clients behind a NAT (masquerading, Cisco Router) > > connecting to a host outside on a public IP in a different network. The > > tunnels get unstable every few minutes and I see packet loss when > >

Hi, I'm running some tinc clients behind a NAT (masquerading, Cisco Router) connecting to a host outside on a public IP in a different network. The tunnels get unstable every few minutes and I see packet loss when pinging the clients on their internal tunnel IPs from the host side. Before putting the tinc clients behind the NAT they were running on public IPs too (clients and host in

Although we (the authors of tinc) have done our best to make tinc as secure as possible, an unfortunate combination of encryption and key exchange techniques has created a hole in at least all versions of tinc >= 0.3, including the current CVS version. Exploit: If somebody can intercept the meta protocol to a host that is running a tinc daemon, it is possible to decrypt the passphrase, which

Although we (the authors of tinc) have done our best to make tinc as secure as possible, an unfortunate combination of encryption and key exchange techniques has created a hole in at least all versions of tinc >= 0.3, including the current CVS version. Exploit: If somebody can intercept the meta protocol to a host that is running a tinc daemon, it is possible to decrypt the passphrase, which

Hi, I have a strange problem. At a site where there are 20+ phones, there is one phone that cannot make outbound (to PSTN) calls. Each call is dropped after 20s with "no response to our critical packet". Calls to voicemail and internal extensions work fine. I understand that everything points to a NAT problem, but I don't understand how it could be because: 1) It does not affect

I have some tinc nodes behind a nat router. Which ipaddress should i use in de host file for the tinc nodes behind a nat router. The internet ipaddress or the private ipaddress ? Perry

Hi, I'm having some trouble trying to run tinc over GNU httptunnel. On server A I have: /etc/tinc/netname/tinc-up: #!/bin/sh ifconfig $INTERFACE 10.3.0.1 netmask 255.255.0.0 /usr/bin/hts -F localhost:655 8888 /etc/tinc/netname/hosts/A: Address = foo.com Subnet = 10.3.0.0/24 TCPonly = yes /etc/tinc/netname/hosts/B: ConnectTo = A Subnet = 10.4.0.0/24 TCPonly = yes

Hello, It is 3 or 4 weeks ago since, i want to set communication with my ups a MGE NOVA 1100 AVR. I do it first with manual configuration but after no success, i prefered to install mgeups-psp package to do it directly. But since when i execute psp, the attempt finish with an "No communication with UPS" error. Same is when i type: mge-shut -u root -DDDDDDDDDD /dev/ttyS0 . I unplog

I'm trying to connect 2 machines: 1) "server": my home machine, has a public IP, firewalled with iptables 2) "client": machine at the school I work at as sysadmin, private IP, behind a ISDN router connected to the Internet through their ISP. Since there is no way I can access the school machine from the home one, I thought a vpn between the two could enable me to do

Hi, Am Samstag, den 26.09.2015, 15:45 +0200 schrieb Marcus Schopen: > Hi, > > Am Samstag, den 26.09.2015, 12:20 +0200 schrieb Marcus Schopen: > > Last Problem seems to be the local UFW Firewall on the clients whichs > > seems to block the Broadcast for LocalDiscovery = yes. Need to check the > > logs here. > > Puzzeling around with UFW firewall. What ports need

Hi there! Today I've tried a FTP connection (me with TCPOnly send file to another no TCPOnly), but the upload bandwidth was about 20 kb/s, while connecting to the other directly (I upload a file to him via FTP) the connection was about 5 times faster... what's wrong? thanks

Hi there! Today I've tried a FTP connection (me with TCPOnly send file to another no TCPOnly), but the upload bandwidth was about 20 kb/s, while connecting to the other directly (I upload a file to him via FTP) the connection was about 5 times faster... what's wrong? thanks

Hi, I upgraded some of my Tinc nodes from 1.0.8 recently and found something strange. All of a sudden, the vpn would not work as a full-mesh. Certain nodes were not contactable. I re-generated my rsa-keys, and checked my configuration. My vpn uses the following in tinc.conf, as I am routing both ipv4 and v6. === name = node1 mode = switch AddressFamily = any PMTU = 1280 PMTUDiscovery = yes

Hi, I've successfully running tinc1.0pre4 between two locations on SuSE Linux 7.1 in a special masquerading Firewall environment, so that I'm using the TCPonly keyword in the host files to get a connection. Otherwise I would get the message 'Received UDP packet on port 655 from unknown source <ipaddress in hex:port>'. After upgrading to 1.0pre5 I'm getting this message

> homeClient<br> > Network Bridge: (local Area Network and TAP-Win32) 192.168.6.107 mask 255.255.255.0 gw 192.168.6.1<br> change -> mask 255.255.0.0 > Tinc.conf<br> > Name = homeClient<br> > ConnectTo = vpnoffice<br> > Mode=switch<br> Change -> Mode=router Why everybody wants switch??? Add -> TCPonly=yes > vpnoffice: Network

On Tue, Apr 10, 2018 at 03:36:08PM +0200, Hans de Groot wrote: > hosta  <--> hostb  <-->  hostc > > Hosta and hostc are not directly connected via tinc. But both are conncted > via hostb (I called my network tincnet). This works fine I can ssh from > hosta to hostc and vice versa without any problems. > > hostc is in a whitelisted iprange at some service

Dear I am testing tinc on Windows and found some interesting behavior. I used "TCPOnly" parameter for both end because I wanted to go through NAT. However, by using TCPOnly parameter, the response of PING slowed down significantly. The PING response with UDP is about 4ms, but it bumped up to 2000ms with TCP. I am just curious whether this is caused by using TCP. Regards Masateru

Well this has had me stumped for days now. For months I've been using tinc in TCPOnly because I always received the unknown host error when using UDP. On Monday, i set the flag IndirectData = yes in my host files, and removed the TCPOnly line. Initially, everything worked great. My throughput increased from 600KB/sec to 2MB/sec between the sites. However, I also did some testing with

If the concern is more about the reliability instead of throughput, should I add TCPonly = yes in the host configuration to make the VPN runs on TCP?

Hello, response time: how is it possible to increase the response time on Tinc VPNs. When I use tinc over a fast or giga-bit network connection the ping-response time is normally about 1800 to 2000 ms. Sometimes I get ping response times at about 2.500 to 3.000 ms over a normal Ethernet Connection or a television-cable connection within the same providers-network in the same city. The ping-time