Displaying 20 results from an estimated 300 matches similar to: "RESOLVED: Can't Route LAN Traffic Behind Tinc Network"
2016 Oct 05
4
Can't Route LAN Traffic Behind Tinc Network
I have a 4 Node Tinc VPN setup with 2 nodes on my LAN and the other 2
outside the LAN in the cloud. Everything has been working great for about 5
years now, until today when I decided to move one of the nodes to another
box. I basically, copied over the /etc/tinc folder to the new server and
also moved the /etc/network/interfaces file, so that the new server was an
exact mirror (more or less).
2016 Oct 06
2
Can't Route LAN Traffic Behind Tinc Network
Thanks again Keith. I disabled UFW and flushed iptables completely, but same result. Pings from the external node are reaching the internal node on the tinc0 interface but nothing happens after that. Now that I'm thinking of it, I did some masquerading in order to get OpenVPN to work on another box, I wonder if that would be applicable here?
Very Respectfully,
Kismet Agbasi
2016 Oct 06
2
Can't Route LAN Traffic Behind Tinc Network
Thanks Keith. Here's the output:
root at ubuntu2:~# iptables -vnL FORWARD
Chain FORWARD (policy ACCEPT 745 packets, 47680 bytes)
pkts bytes target prot opt in out source destination
6299 416K ufw-before-logging-forward all -- * * 0.0.0.0/0 0.0.0.0/0
6299 416K ufw-before-forward all -- * * 0.0.0.0/0
2014 Oct 27
1
Unable to Pass Traffic to Internal Subnet
Thank you guys for a great product. I have successfully setup a VPN between
a cloud server and an internal one (details below). However, I am unable to
pass traffic from the cloud to the internal machines behind the tunnel.
Internal subnet: 172.23.6.0/24
Host Public IP: 50.242.184.132
Host LAN IP: 172.23.6.148
Host VPN IP: 10.9.0.2
Cloud Server IP: 107.170.55.181
Cloud Server
2016 Oct 06
2
Can't Route LAN Traffic Behind Tinc Network
Keith,
Thanks for the reply and the pointers.
> Did you remember to activate kernel ip forwarding?
> i.e. echo 1 > /proc/sys/net/ipv4/ip_forward ?
I actually forgot to do this, but I have enabled it now in /etc/systctl.conf and can confirm now after a reboot that it's enabled. Unfortunately, still can't ping the node on the LAN.
> and when I saw that I was about to cancel
2016 Oct 05
1
Can't Route LAN Traffic Behind Tinc Network
Lars,
Thanks for that tcpdump command, very helpful. I was able to confirm that the packets are indeed reaching the INSIDE node - so I'm suspecting that my routing table might be wrong.
Very Respectfully,
Kismet Agbasi
-----Original Message-----
From: tinc [mailto:tinc-bounces at tinc-vpn.org] On Behalf Of Lars Kruse
Sent: Wednesday, October 5, 2016 4:18 PM
To: tinc at tinc-vpn.org
2016 Oct 05
0
Can't Route LAN Traffic Behind Tinc Network
Hi Kismet,
Am Wed, 5 Oct 2016 10:13:13 -0400
schrieb "Kismet Agbasi" <kagbasi at centraltruck.net>:
> At this point I'm unsure of which information to provide in order to elicit
> some assistance, however, below is the routing table of one INTERNAL and
> EXTERNAL node. I basically want to be able to reach the 172.23.6.0 network
> from any of the EXTERNAL nodes -
2016 Oct 06
0
Can't Route LAN Traffic Behind Tinc Network
On 06/10/2016 16:33, Kismet Agbasi wrote:
> Thanks Keith. Here's the output:
OK. I'd like to say that I recognize this is now off topic for the tinc
list, as it really is about basic routing and firewalls and has little
if anything to do with tinc at this point. However, it's a low volume
list, so unless anyone complains, lets thrash it out here.
> wrong interface......hmmm.
2016 Oct 06
0
Can't Route LAN Traffic Behind Tinc Network
On 06/10/2016 17:16, Kismet Agbasi wrote:
> Thanks again Keith. I disabled UFW and flushed iptables completely, but same result. Pings from the external node are reaching the internal node on the tinc0 interface but nothing happens after that. Now that I'm thinking of it, I did some masquerading in order to get OpenVPN to work on another box, I wonder if that would be applicable here?
2016 Oct 06
0
Can't Route LAN Traffic Behind Tinc Network
On 05/10/2016 16:13, Kismet Agbasi wrote:
> I have a 4 Node Tinc VPN setup with 2 nodes on my LAN and the other 2
> outside the LAN in the cloud. Everything has been working great for about 5
> years now, until today when I decided to move one of the nodes to another
> box.
Hi Kismet, Just thought I'd jump in here as I do a lot of this kind of
thing, and in case you haven't
2016 Oct 06
0
Can't Route LAN Traffic Behind Tinc Network
On 06/10/2016 15:48, Kismet Agbasi wrote:
>> Did you remember to activate kernel ip forwarding?
>> i.e. echo 1 > /proc/sys/net/ipv4/ip_forward ?
> I actually forgot to do this, but I have enabled it now in /etc/systctl.conf and can confirm now after a reboot that it's enabled. Unfortunately, still can't ping the node on the LAN.
OK , let's just do one other simple
2014 Jul 07
1
virsh: cannot start domain with channel device,
Here is what I got.
root ubuntu:/home/john# virsh start ubuntu2
error: Failed to start domain ubuntu2
error: internal error Process exited while reading console log output: char device redirected to /dev/pts/1
bind(unix:/var/lib/libvirt/qemu/ubuntu2.libguestfs): Permission denied
chardev: opening backend "socket" failed: Permission denied
root ubuntu:/home/john# ll
2006 Apr 06
1
[panic] ipw and kismet
Hello,
I almost always get a panic when running kismet on my ipw-Interface
under 6.1-PRERELEASE. This has been the case ever since ipw hit the
tree. Sometimes kismet works, sometimes it doesn't. A sure way to
trigger the panic is to switch between bss/ibss/monitor mode prior to
running kismet. Perhaps there is a bug in the re-initialization when
loading a different firmware?
Is this panic
2014 Apr 20
2
Allow access to a share for only one machine account
I have two domain controllers running ubuntu (12.04 and 13.10) both with
samba (4.1.6 and 4.1.7) installed and running (and with sssd on both
machines to retrieve uid/gid from AD). I wish to set a share on ubuntu2 in
the way so it could be accessible only from ubuntu1 (and by any user from
ubuntu1, for instance by local root).
I have found this solution though I'm not sure it solves my issue:
2010 Jul 25
1
Hello world help needed
I am trying to work my way up the learning curve through
a forest of conflicting and mostly non-working examples
and help pages spread about the internet.
I have had no trouble getting a basic vm to build
and to then start it up. But I have utterly failed
to gain access to the machine.
The only host I have available that can run it is a
remote server. I have not got the networking side
working
2018 Nov 26
0
Sasl authentication
Hello everyone,
I am trying to set up sasl authentication in virt-manager. I read in one
existing bug, that it is better to use tls for encryption and sasl for
authentication, but not use sasl for both.
I configured tls, it was fine. Then I created a user "u" on server and
modified libvirtd.conf.
I set auth_tls = "sasl" there and mech_list: scram-sha-1 in sasl2 config
for
2018 Nov 28
0
Sasl + tls setup
Hello everyone,
I am trying to set up sasl authentication in virt-manager. I read in one
existing bug, that it is better to use tls for encryption and sasl for
authentication, but not use sasl for both.
I configured tls, it was fine. Then I created a user "u" on server and
modified libvirtd.conf.
I set auth_tls = "sasl" there and mech_list: scram-sha-1 in sasl2 config
for
2018 Nov 28
0
Sasl+tls setup
Hello everyone,
I am trying to set up sasl authentication in virt-manager. I read in one
existing bug, that it is better to use tls for encryption and sasl for
authentication, but not use sasl for both.
I configured tls, it was fine. Then I created a user "u" on server and
modified libvirtd.conf.
I set auth_tls = "sasl" there and mech_list: scram-sha-1 in sasl2 config
for
2007 Dec 14
1
Monitor not working for iwi on 7.0-BETA4
After reading that someone had problems with 802.11i/WPA2, I tested my
iwi device, too. 802.11i (as client) works, but disconnects about every
five minutes briefly, which is nothing new -- I had the same issue with
6.2-RELEASE.
In contrast to 6.2-RELEASE, monitor does not work. Kismet does
not receive anything, while it does with ath or ural (even at the same
time). dmesg with debug.iwi=2 is
2011 Jun 13
15
puppet clients
I''ve gone over the documentation several times now and I can''t figure out how to ''apply'' a manifest to a client.
The client does have a signed certificate but the only thing in the /etc/puppet folder on the client is an ssl directory.
I have a manifest that works fine on the puppet ''master''
I have added the client into