similar to: Second VPN network fails to start

Hi Lars, Appreciate all your help, unfortunately the problem remains. I've marked up below: >>> Lars Kruse <lists at sumpfralle.de> 22-May-19 4:02 PM >>> Hello Robert, Am Mon, 20 May 2019 11:11:39 +0700 schrieb "Robert Horgan" <Robert at gainplus.asia>: > These are my files: > > On server 1: db2 > > /etc/tinc/nets.boot > # >

Hello Lars, Thanks for your feedback. Unfortunately I made an error in writing the network I expected to connect to. I meant 10.3.0.0/24 The one I wrote in fact was one network of the already established VPN. I have included full details of my relevant files below. Background: I am trying to set up a second VPN between two servers: gtdb and db2. Both servers are already part of separate

Hi Parke, Thanks, no I had not run those commands, but after doing so, my VPN address is not visible. See below: nsasia at db2:/etc/tinc$ sudo systemctl enable tinc at VPN1 Created symlink /etc/systemd/system/tinc.service.wants/tinc at VPN1.service → /lib/ systemd/system/tinc at .service. nsasia at db2:/etc/tinc$ systemctl start tinc at VPN1 ==== AUTHENTICATING FOR

Hi, I have a small problem and any help appreciated. Tinc 1.0.33 Ubuntu 18.04 at Digital Ocean I need VPNs between 1 database server and two servers on separate networks: VPN0 works OK DB2 10.0.0.50/24 connects to Web1 10.0.0.1 Here is my ip r result: default via x.x.x.x dev eth0 proto static 10.0.0.0/24 dev tun0 proto kernel scope link src 10.0.0.51 10.15.0.0/16 dev eth0 proto kernel scope

Hi all, I have a setup with some zones : net, loc, vpn1(ipsec) , where each zone have the following address spaces "my firewall" net : 200.200.200.0/24 loc : 192.168.1.0/24 vpn1: 10.10.50.0/23 "my firewall" there is default route to net route to vpn1 when dst = 10.10.50.0/23 "vpn1 site" there is default route to net route to my site

You know I think I've seen this once before. Got ID from db1 (10.130.39.180 port 655): 0 db1 17 Sending METAKEY to db1 It looks like it's communicating properly but there is a problem with your keys. Can you rename and regenerate your keys? On a project I'm working on when we transferred our keys to another client it put Carriage returns so there was a key mismatch. Try that and

Hi Thanks removing the first line "ip tuntap add dev $INTERFACE mode tun" seems to have helped regarding the tun error, however it is not connecting. If I stop the tinc service and then run: root at web3:~# tincd -n gainplus -d -D tincd 1.0.33 starting, debug level 1 /dev/net/tun is a Linux tun/tap device (tun mode) Listening on 10.130.69.123 port 655 Ready Trying to connect to

Hi Guus, The first example was a manual connect, the second example was debug regards Robert >>> "Robert Horgan" <robert at nsasia.co.th> 13-Jun-18 10:21 AM >>> Hi, Are you sure? What happens if you manually telnet/socket 10.130.39.180 nsasia at web3:~$ telnet 10.130.39.180 655 Trying 10.130.39.180... Connected to 10.130.39.180. Escape

Yes, I am sure but added another broader rule: nsasia at db1:~$ sudo ufw allow from any port 655 proto udp same result for debug example. regards Robert >>> Rafael Wolf <rfwolf at gmail.com> 13-Jun-18 5:32 PM >>> Telnet will only do tcp not udp which tinc works on. Are you sure udp 655 is open? On Wed, Jun 13, 2018, 3:51 AM Robert Horgan <robert

I see support in shorewall for the KAME-tools, how about strongswan ? I have setup shorewall 3.4.4 and strongswan 4.1.3, making this my vpn-gateway for the subnet behind it. # Shorewall version 3.4 - Zones File #ZONE TYPE OPTIONS IN OUT # OPTIONS OPTIONS fw firewall fil ipsec mode=tunnel mss=1400 net ipv4

Hi, Are you sure? What happens if you manually telnet/socket 10.130.39.180 nsasia at web3:~$ telnet 10.130.39.180 655 Trying 10.130.39.180... Connected to 10.130.39.180. Escape character is '^]'. 0 db1 17 Connection closed by foreign host. Stopping the service and running debug I get: nsasia at web3:~$ sudo tincd -n gainplus -d5 -D tincd 1.0.33 starting, debug level 5

Hi ! I tried tinc, i'm very happy with it ; however, i have difficulties firewalling on the vpn itself ; here is my situation and what i'm experiencing: hosta ----| vpn server hostb ----| my interface is named vpn1 i can firewall connexions starting from host a and b to the vpn server (on the vpn server) (iptables -A INPUT -i vpn1 bla bla) i can firewall connexions

Hellou I found a interesting problem with my tinc instalation: Log messages from main router. tinc.vpn1[1959]: tincd 1.0pre7 starting tinc.vpn1[1959]: /dev/tun is a Linux tun/tap device tinc.vpn1[1959]: Can't bind to 0.0.0.0 port 655/tcp: Permission denied tinc.vpn1[1959]: Unable to create any listening socket! tinc.vpn1[1959]: Unrecoverable error #cat

Hí everybody, you have a nice day. I am configuring accounting in shorewall /etc/shorewall/accounting and the traffic between eth0 (local network)1, eth2(local network2) and eth3(local network3) &lt;--&gt; eth1(ip public network), works fine. I make the accounting because y want to control the remote vpn access(pptpd) throught shorewall. Which is the way to control vpn /ip/access in

Sorry Dag, it is possible to use linux as a roadwarrior client: http://www.fw-1.de/aerasec/ng/vpn-racoon/CP-VPN1-NG-Linux-racoon-roadwarrior.html -------- Original Message -------- Subject: Re: [CentOS] Connecting CentOS to IPSEC VPN (Checkpoint FW1) Date: Mon, 21 Aug 2006 15:20:55 +0200 From: carlopmart <carlopmart at gmail.com> To: CentOS mailing list <centos at centos.org>

Hi Ivo and Guus, We are writing a book on building VPNs for Linux and a part of it describes tinc. I wanted to make sure that your opinion, as tinc authors and developers, is reflected. First, let me ask a couple of technical questions. 1. If there are two hosts, foo and bar, that are to be connected via tinc, and each host should only have _one_ IP address (i.e. nmask is /32), would the

I am trying to setup openVPN 2.0 beta11 (sever/client configuration) and shorewall. I managed to get it working with out shorewall in the mix. When I start shorewall this message appears in the logs. Oct 12 13:41:03 localhost kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:04:5a:7f:92:9f:00:b0:c2:89:68:e4:08:00 SRC=69.145.71.133 DST=216.187.138.18 LEN=42 TOS=0x00 PREC=0x00 TTL=46 ID=11 DF

Hello All , I installed tinc for windows. But it doesn't seem to work. I want to connect two computers(for testing purposes) computer1(webdev) and computer2(gis) I have installed the tap-win32 on both of them. Both computers are windows XP. Also I don't have a router. Computer1:webdev ----------------------- C:\Program Files\tinc\vpn1\tinc.conf Name = webdev ConnectTo = office

Hello Mailinglist, please excuse my bad english - but I am not a native speaker. My Network looks like this: Internet --- dyn. IP --- Firewall (shorewall) --- LAN (192.168.X.X) No I try to connect my iphone (from mobile Internet G3) over VPN (l2tp/ipsec) with the firewall. But I can´t open the necessary Port 1701. /var/log/syslog ... Dec 30 00:24:29 router kernel: [226128.293757]

Hello, I've used tinc successfully for a long time, all with Linux hosts. No problem there. Unfortunately I now have to add a Windows host to the VPN. What a fight Winblows is! Probably just my ignorance. The VPN works and tinc says that tinc-up is run (and a debugging statement proves it) but I can't get an extra route added. tinc-up.bat contains: ------------------- netsh interface