similar to: NAT connections STUN etc

Hi, I've an existing tinc switch mode VPN set up with a few nodes. I've now added a new node, but I want this node to route all its traffic through tinc and use one of the tinc nodes as its gateway to the rest of the internet. I've got the device on the VPN and it participates nicely, but I can't talk to the internet at large. When I tcpdump the external interface on the

Sipura does include STUN as an option. It has for quite some time. We are using it with all of our Sipuras behind NAT'd gateways and it works great! Try upgrading to the latest Sipura firmware rev. Darren Nay > -----Original Message----- > From: John Todd [mailto:jtodd@loligo.com] > Sent: Saturday, May 22, 2004 1:57 PM > To: asterisk-users@lists.digium.com > Subject:

On 13 April 2018 at 19:34, Alex Corcoles <alex at corcoles.net> wrote: > > Note that it would be easier to set up tinc nodes on your Windows > > desktop and Linux laptops, to avoid the additional complication of > > having to relay broadcast packets between your local networks and the > > tinc network. This is what I do in my setup. > > But both systems will

All, I have my * box NAT'd with all ports forwarded that are SIP related (based on Wiki). I also have nat=yes, externalip=WAN address of firewall, internalip=LAN network of *. I have my Xten soft phone on a PC which is NAT'd behind firewall with ports forwarded. I have also followed instructions on Wiki for Xten. I can authenticate fine, and sip show peers shows my extension is OK,

Hi I'm trying to implement a scheme in which the nodes will have a direct UDP tunnel to each other. First, all nodes make connection with one public node, and then make connections with each other. And I came across the following problem: Remotely located nodes can establish a direct UDP connection, but the nodes that are in the same local network can not, and all traffic goes through the

I have 20-30 GXP2000's connected to * over a T1 line. Neither end is NAT'd and there is plenty of bandwidth available over the line. The GXP's are 1.1.5.15, which is the latest. I have a problem where the phones keep dropping off of * and I get a "failed to register" message in the log of *. Sometimes they eventually connect and sometimes, I have to reboot them to

We have a handful of nodes set up. Some are NAT'd but a few have direct access to the Internet. Sample confs: HostA: Name = HostA AddressFamily = any Interface = tap0 Mode = switch Connectto = HostB GraphDumpFile = /tmp/mesh HostB: Name = HostB AddressFamily = any Interface = tap0 Mode = switch Connectto = HostA GraphDumpFile = /tmp/mesh And so on. If I use HostA as the main meta sever.

Thanks to ww and his patch on bug #104, I have successfully implemented Asterisk behind NAT without using STUN or anything crazy. It's quite straight forward. Until this gets tested enough and put into CVS, you will have to patch your chan_sip.c file to do this. I'm sure within the next few days this will get put merged into CVS if no one finds any problems. I tried this on chan_sip.c

Hi I'm new to tinc vpn and I am currently exploring a use-case we have, of creating a secure mesh over which our own services may run. This may be a basic question, I wasn't able to find a satisfying answer. What is the significance of port 655 with regards to tinc? Lets consider a 4 node setup: We have nodes: [protected] : protected behind a private network in the cloud [bastion]:

Hi, Etienne I took a look for the below host configuration parameter (IndirectData), the default is no. For the below example: A ConnectTo B, B ConnectTo C: If IndirectData = no (default), then A wouldn’t establish direct connection with C, but will be forwarded by B. If IndirectData = yes, then A will try to establish direct connection with C, even though A don’t have the statement of

Hi, I am looking networking together about 1000-2000 sites across the country. I've been looking through these mailing lists. Saw the thread from the person who had 1000+ running on Amazon, and how they essentially stripped all security out of it. Also know that the ChaosVPN uses tinc, for at least 130+ sites although I'm a bit fuzzy on the details for it. Are there any other cases of

Hi, I've followed the guide at: http://blogs.operationaldynamics.com/andrew/software/research/using-tinc-vpn and have a working tinc VPN. Here's my topology: - CentralNode has a fixed public IP address that everyone connects to - Leaf1 and Leaf2 may have different IP addresses depending on where they are, and usually those will be behind NAT (think, two laptops going around and you get

*You should repeat this for all nodes you ConnectTo, or which ConnectTo you. However, remember that you do not need to ConnectTo all nodes in the VPN; it is only necessary to create one or a few meta-connections, after the connections are made tinc will learn about all the other nodes in the VPN, and will automatically make other connections as necessary. * The above is from the docs. Assuming

Hi, Etienne In addition, is there any option or switch can turn of the automatic direct connection? For the example below, even A has the route to C and can establish UDP connection directly, but I need the traffic to go through B, how can I achieve that easily? (instead of remove something from A’s routing table, or manually block the connection between A and C) > On 1 May 2017, at 6:28 PM,

Hi, Am Samstag, den 26.09.2015, 15:45 +0200 schrieb Marcus Schopen: > Hi, > > Am Samstag, den 26.09.2015, 12:20 +0200 schrieb Marcus Schopen: > > Last Problem seems to be the local UFW Firewall on the clients whichs > > seems to block the Broadcast for LocalDiscovery = yes. Need to check the > > logs here. > > Puzzeling around with UFW firewall. What ports need

I am trying to make 1 soft SIP UA behind NAT connect to a public hard CISCO UA via a public asterisk server. The CISCO UA can hear the voice from the SIP UA but not vice versa. I do set nat to yes for the soft phone. Any help would be greatly appreciated. Below is my sip.conf [general] port = 8060 ; Port to bind to (SIP is 5060) bindaddr = 0.0.0.0 ; Address to bind to (all

Hi Guus, Unfortunately, I often notice that even with the advanced UDP hole punching mechanisms that tinc uses, I still come across cases on my network where two nodes behind NATs cannot talk to each other because one of the nodes is behind a "strict" NAT that won't use consistent source ports for UDP packets that are sent to different destination addresses. More formally, this

On Tue, Apr 10, 2018 at 03:36:08PM +0200, Hans de Groot wrote: > hosta  <--> hostb  <-->  hostc > > Hosta and hostc are not directly connected via tinc. But both are conncted > via hostb (I called my network tincnet). This works fine I can ssh from > hosta to hostc and vice versa without any problems. > > hostc is in a whitelisted iprange at some service

On 30.08.2016 17:37, Guus Sliepen wrote: > On Tue, Aug 30, 2016 at 02:38:16PM +0200, Armin Schindler wrote: > >> we use a meshed VPN with TINC to connect 7 offices. >> Some office are in other countries and use other ISPs. The connection >> between some ISPs (peering partners) are not that good. This means we >> have packet loss between those direct connections.

Hi, I am trying to register SIP clients which are behind NAT on different network. In order to achieve this goal I think I need STUN Server . I downloaded STUN Server from http://internap.dl.sourceforge.net/sourceforge/stun/stund_0.96_Aug13.tgz But I don't know how to install/configure it. And please advice me that STUN server is good idea for this scenario? Thanks in advance Wazb