similar to: plz help . tinc configuration for NAT

hi im a newbie to networking and vpns.so plz pardon my mistakes. i installed tinc 1.0.9 and followed the tinc setup instructions as in the tinc-windows example. after i hav started the tinc service with tincd -n command the service starts and then stops abrupty giving the message " the tinc.test service on the local computer has started and then stopped.Some services stop automatically if

Hello list, we have been running tinc to connect multiple nodes without problems for quite some time now. Thanks for this great piece of software! Our configuration is as follows: Two "supernodes" A and B running the tinc daemon are publicly reachable from the internet. Node A is running Linux and has a static public IP address. Node B is running Windows with port forwarding

Hi, I installed tinc as described in the documentation and started the tincd. It runs, all config files seem ok, but when I do a netstat -an, it isn't listening nor connected (to another tincd on another host). Is there a configfile error or something else? Getting the right info wasn't easy either. The info on the homepage seems old, since the manpages say other configuration issue.

Hi, Guus I referre to the two separate tinc process/network(received same subnet), not Sunbet selection within one tinc process/network. My understanding is if different tinc process comes with exact subnet, as they are not related with each other(they have no idea regarding weights with each other), I guess the routing depends on the host's main routing table, for specific route it depends

Thank you, Parke and Guus. I have now understood and got it working. Because of my beginner belief, I assumed that the tinc vpn end points needed to be on the same network. I have now discovered that the tinc vpn IP end points addresses can be arbitrary, and different! So I have set the end points to be local to the LAN they connect, and added on each tinc server a dev route to ensure

On Fri, Sep 25, 2015 at 04:51:22PM +0200, Marcus Schopen wrote: > > Maybe the timeout for UDP NAT mappings is a bit short on your Cisco. Try > > adding PingInterval = 30 to the tinc.conf on those clients, perhaps that > > will help. > > Thanks for pushing me into the right direction. I disabled "TCPOnly = > yes" on the host and started with "PingInterval

On Sat, Aug 19, 2017 at 09:21:11AM +0800, Bright Zhao wrote: > Two tinc networks/daemons, and received same subnet from the two daemons, how tinc will choose which one is preferred? And the weight settings in each daemon for subnet will or will not be the judge? If you use weights for Subnets, then the Subnet with the lowest weight will be chosen, unless the node that owns that Subnet is

This is a follow-up on my previous post: http://www.tinc-vpn.org/pipermail/tinc/2008-September/001759.html After being able to build tinc from source on FC8, I have stumbled upon some configuration issue. My tinc daemon is configured as follows: [root at optiplex060 crc_idb1]# pwd /usr/local/etc/tinc/crc_idb1 [root at optiplex060 crc_idb1]# ls -l total 24 drwxr-xr-x 2 root root 4096 2008-09-15

I'm stuck behind a corporate NAT that I obviously have absolutely no control over. The nice thing is that the firewall rules, AFAIK, are very nice. I've had tinc running before from behind nazi firewalls with no NAT. Been fiddling with tinc for many hours, but have been SOL. The local machine is the client (has ConnectTo in the conf), and remote is the server (has Listen in the conf).

On Fri, Sep 25, 2015 at 08:41:06AM +0200, Marcus Schopen wrote: > I'm running some tinc clients behind a NAT (masquerading, Cisco Router) > connecting to a host outside on a public IP in a different network. The > tunnels get unstable every few minutes and I see packet loss when > pinging the clients on their internal tunnel IPs from the host side. > Before putting the tinc

On Thu, Apr 16, 2015 at 10:09:05PM +0200, Raimund Sacherer wrote: > At first I really like the idea of having 3 Daemons on the headquarter, one for each ISP. The firewall should forward the port 655 from each ISP's public IP Address to my internal server and to the ports 655, 656, 657 respectively [...] > My question now is, for every tinc daemon I need a tun or tap device, so how

Two tinc networks/daemons, and received same subnet from the two daemons, how tinc will choose which one is preferred? And the weight settings in each daemon for subnet will or will not be the judge?

Hi Eric, Which version are you using? I have similar issues with the newest 1.1pre10. Did you check out the ?LocalDiscovery? option? For 1.1, you also can get more information about the actual connection mode by using the ?info [node]? command. Cheers, Steffen > Am 05.12.2014 um 12:26 schrieb Eric Feliksik <feliksik at gmail.com>: > > Dear all, > > I have 3 nodes: A, B

tinc hosts listen for connections to Tor v3 onion services, and they connect to peers using Tor SocksPorts. MPTCP aggregates full-mesh connections between hosts. For Internet hosts with well-peered gigabit uplinks, this permits throughput among peers at 30-50 Mbps for multiple streams, vs ~10 Mbps at most for individual connections. https://github.com/annymous/oniontinc includes bash scripts for

Hi everybody, I am operating a tinc network with nearly 200 peers connected over the internet. Some peers are permanently connected and offer a public, fixed IP ("servers") while others are behind NAT firewalls ("clients") and connect to the former primarily. Unfortunately, sometimes (~ once a day) the traffic on the ethernet links seems to explode way beyond whats normal

Guus, Thank you for your help (a)>>You said:- First, if you are already using "ip" to assign an address..... Why should I use "ip route" instead of "route add..." Surely both write same to the Routing table? (b) My problem was, that Tinc servers could not ping remote clients, whereas clients could ping successfully across VPNWhen pinging Client to Client

Hi Guus, Am Freitag, den 25.09.2015, 17:04 +0200 schrieb Guus Sliepen: > Ok, that means by default the UDP NAT timeout on the Cisco is extremely > short. > > > I check the manual of the the Cisco NAT for any TCP/UDP > > timeout settings, but there is no way to modify anything like "keeps > > TCP/UDP connections alive". > > It wouldn't be called

Hi Guus, Am Freitag, den 25.09.2015, 17:46 +0200 schrieb Marcus Schopen: > Hmmm ... I've tried "LocalDiscovery = yes" > in /etc/tinc/mytunnel/tinc.conf already, but that didn't help. Config on > client A is: > > --------------- > Name = clienta > AddressFamily = ipv4 > Interface = tun0 > ConnectTo = host > PingInterval = 30 > LocalDiscovery =

Thanks for the answer Guus, One more thing. I can run two tinc daemons one for each group, but I sill need to communicate clients from one group to the other. Clients from group 2 (admin group) need to reach clients from group 1 (remote server group), but clients from group 1 must not be able to reach each other nor the server. If I'm not using TunnelServer and Forwarding, How can I setup

Am Freitag, den 25.09.2015, 22:45 +0200 schrieb Marcus Schopen: > Hi Guus, > > Am Freitag, den 25.09.2015, 17:46 +0200 schrieb Marcus Schopen: > > Hmmm ... I've tried "LocalDiscovery = yes" > > in /etc/tinc/mytunnel/tinc.conf already, but that didn't help. Config on > > client A is: > > > > --------------- > > Name = clienta >