Displaying 20 results from an estimated 5000 matches similar to: "Tricky VPN Configurations"
2014 Dec 09
2
Tricky VPN Configurations
On Mon, Dec 08, 2014 at 11:02:24PM -0500, md at rpzdesign.com wrote:
> The self contained example is tricky because I created 4 ip-address on
> the eth0 device (192.168.1.30/31/32/33) so I could test a 4 node VPN
> that lives entirely within a single server.
That's quite hard to do, it's far easier to run four instances of tinc
on four different ports on the same machine.
>
2014 Dec 09
0
Tricky VPN Configurations
The use cases that I outlined in the use case examples pdf file are
pushing my limits of understanding the documentation as contained in the
1.1pre9 PDF manual.
The self contained example is tricky because I created 4 ip-address on
the eth0 device (192.168.1.30/31/32/33) so I could test a 4 node VPN
that lives entirely within a single server.
But the tinc command line utility is written assuming
2016 Mar 01
2
SystemD Trigger
On Tue, Mar 01, 2016 at 04:31:13AM -0600, md at rpzdesign.com wrote:
> Where do I get information about the details of not needing a tinc-up script
> anymore? (/etc/network/interfaces)
You can just use the normal /etc/network/interfaces way of configuring
the interface, like this:
iface vpn inet manual
address 192.168.1.1
netmask 255.255.255.0
tinc-net <netname>
> Also,
2014 Dec 09
0
Tricky VPN Configurations
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Guus:
Thanks for the reply.
Did you like the PDF examples?
Do you want to help me build more examples for the web site so people
can download the PDF network diagrams and have sample config files to
match them?
What changes should I make to allow for easier setup/config/config
files of the 2 use cases?
For the production example, would it be
2016 Feb 29
2
SystemD Trigger
On Mon, Feb 29, 2016 at 07:48:45AM -0600, md at rpzdesign.com wrote:
> I want to use TIncVPN in a systemd Ubuntu environment.
>
> But I want other services to run AFTER tinc has started running and has its
> tun0 device initialized and ready.
>
> Does anybody have a suggestion on what I put into the service files so that
> they are ExecStart after Tinc has come up at boot
2015 Jan 12
1
SIMPLE TINC template example
Here is some examples of using templates for TINC configurations and
settings:
In your startup script, BEFORE starting TINC VPN, put a number of
entries to configure your VPN:
sh ./templatewriter.sh LAN LOSI101 8540 255.255.255.0 0.0.0.0 10.99.0.11
10.98.0.11 ConnectTo=LOSI102 ConnectTo= ConnectTo=
**PUT MORE ENTRIES HERE FOR MORE COMPLEX VPN setups
######Templatewriter.sh
#!/bin/bash
2014 Dec 14
2
Fwd: Re: VPN Example 2
On Fri, Dec 12, 2014 at 02:21:08AM -0500, md at rpzdesign.com wrote:
> Oops, I got it to work only after putting the WAN on port 656 so it
> did not interfere with port 655 for the LAN.
You should not need to have two tinc daemons just because you have a WAN
and a LAN interface. By default (ie, if you don't specify BindToAddress
and/or BindToInterface), tinc listens on all interfaces,
2015 Jan 12
3
TINC config files layout not human or script friendly
I would say the weakest part of the TINC design is the configuration
file layout.
There is no way to split out the essentially static configuration for
all nodes in the cluster and isolate the node specific settings to one
configuration file.
So that means I have to keep an inventory of configuration files per
node so I can edit and deliver them and keep everything straight.
The private
2014 Dec 12
2
Fwd: Re: VPN Example 2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gus & Tinc-VPN List:
It looks like I need to run 2 instances of tincd on each server.
1 instance of tincd will responsible for running a VPN over the LAN on
eth1. This means Class C addresses from 10.0.1.10 -> 10.0.1.250
Another instance of tincd will be responsible for running a VPN over
the WAN on eth0. This means Class C addresses from
2016 Feb 29
4
need help on tinc route problem
yes, I have these in C host file:
Subnet=10.10.0.0/24
Subnet=0.0.0.0/1
Subnet=128.0.0.0/1 ## not metioned, because I think is maybe works in
same as 0.0.0.0/1
B host file doesn't have 0.0.0.0/1 and 128.0.0.0/1
I only added one route to 5.6.7.8 via B, not via C
On Mon, Feb 29, 2016 at 4:40 PM, Maxim Vorontsov <6012030 at gmail.com> wrote:
> hi.
>
> Are you add only
2014 Dec 15
2
VPN Single Daemon For LAN/WAN
Gus:
I guess my primary point of confusion is that the non-vpn LAN ip
addresses are duplicated in each cluster. So within a cluster, the LAN
addresses are unique.
But when you look at 2 clusters, 2 different servers share the
10.99.0.11 address.
So that is why I created a VPN for inside the cluster on the LAN
interfaces using the private 10.0.1.xx range. THen, I created a
separate VPN on the
2001 Apr 11
1
Problems with NT logons, Samba as PDC
Hi!
We're using Samba as PDC, and recently had a strange crash on the
system (none of the NT-machines authenticated anymore). I re-created
the user database and passwords on the server (TurboLinux 2.2.14-5,
with Samba 2.0.6 & 2.1alpha for auth.) and also re-newed the profiles
making 'em local on the NT-workstations.
Sometimes when the NT-PC gets rebooted, I can't authenticate it
2004 Jun 01
1
(no subject)
>From the local machine the following command is executed:
/usr/local/bin/rsync -aHnuv serverX:/ / --exclude-from=/rsync.exclude --rsync-path=/usr/local/bin/rsync --ignore-existing > /var/tmp/rsync.stdout 2> /var/tmp/rsync.stderr
I have never used the rsync command. The above command was used by a former sysadmin to "synchronize" two servers. However when I ran the command
2017 May 03
2
Multi tenancy setup by Tinc?
Hi, Guus
The use case the shared default gateway for multi-tenant, if that the case the node who own the default gateway will have problem to route with different tenant who has overlapped address scope? Is it true when no any other tools like the namespaces?
(tenant1)\
(tenant2)——common node—— shared gw node—— Internet
(tenant3)/
But if the each tenant have it’s dedicate default gateway, but
2016 Feb 29
1
SystemD Trigger
hi.
I suggest you to look at "Automatic Dependencies" in
https://www.freedesktop.org/software/systemd/man/systemd.service.html.
I think using "After=" and "Recuires=" is more suitable.
On Mon, Feb 29, 2016 at 4:48 PM, md at rpzdesign.com <md at rpzdesign.com> wrote:
> Hello Tinc'ers:
>
> I want to use TIncVPN in a systemd Ubuntu environment.
2015 May 13
3
IPV6
As if our lives were not already complex enough, there is the recent
Wall Street Journal article about ipv4 exhaustion:
http://www.wsj.com/articles/coming-this-summer-u-s-will-run-out-of-internet-addresses-1431479401
Is the latest version TINC ready for IpV6?
Help us Obi-Wan-Sleipen, you are our only hope!
md
--
No spell checkers were harmed during the creation of this message.
2017 May 02
2
Multi tenancy setup by Tinc?
Hi, Tinc expert
For use case of multi-tenancy use case, should I use multiple netnames (/etc/tinc/tenant1, /etc/tinc/tenant2/, etc.) for the network, so that even different tenant have overlapped network address will be possible to work in the same physical host? or can not?
2018 Mar 15
3
issues connecting in other sites
Hi Team,
I admit that I am not familiar with Tinc very well, but have Tinc running at approximately 20 sites and functioning as a mesh vpn/network. I am having issues adding an additional site as it will not communicate with the rest. I have taken the firmware of one and flashed it on another router to make it duplicate and then tested it working but when I change the hostname, and IP to what we
2013 May 02
3
Simple Class A VPN Guide - Problems
Hey guys,
Stumbled upon tinc a few days ago - looks great.
I'm having trouble setting up a simple VPN between two machines that are
unfirewalled, one is a physical machine and another is a local VM.
I can connect to them via their existing LAN IPs and ping them without
issue with < 1ms.
1) I have WinA (Windows host - existing LAN IP 192.168.137.1) and LinuxB
(Linux host - existing LAN
2015 Jan 12
2
[SOLVED] Re: TINC config files layout not human or script friendly
Hello Tinc users & Guss:
I was sleeping last night and I figured out how to accomplish everything
I ranted about below with no source code changes to TINC.
The first thing to do is create TEMPLATES for tinc.conf, tinc-up, and
the NODE files.
Then during the startup script, use the linux cp command and sed to copy
the template to the correct name and sed to text replace