I have a problem with an ADSL wi-fi router, a Siemens Santis 50. My notebook has a wi-fi card to connect with the ADSL router. My home lan is 172.16.1.0/24. My office1 is 192.168.0/24 I can connect via telnet, icmp, smb, smtp but not from rdp (Windows Terminal Services). If i connect via modem all works fine!>From office2 (172.16.7.0) my notebook with lan cable can connect to office1with all protocols. This is a very strange thing! Can anyone help me? thanks dario Dario Rizzoli Network & System Administrator I.C.E. srl Via Impar? inf. 7a 20040 Usmate Velate (MI) Tinc: Discussion list about the tinc VPN daemon Archive: http://mail.nl.linux.org/lists/ Tinc site: http://tinc.nl.linux.org/
On Fri, Dec 19, 2003 at 01:27:18PM +0100, Dario Rizzoli wrote:> I have a problem with an ADSL wi-fi router, a Siemens Santis 50. > My notebook has a wi-fi card to connect with the ADSL router. > My home lan is 172.16.1.0/24. My office1 is 192.168.0/24 > I can connect via telnet, icmp, smb, smtp but not from rdp (Windows Terminal > Services). > If i connect via modem all works fine! > >From office2 (172.16.7.0) my notebook with lan cable can connect to office1 > with all protocols. > This is a very strange thing!If all else works properly but RDP does not, I think RDP is to blame. Ask people who use RDP. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus@sliepen.eu.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20031219/116441e0/attachment.pgp
On Fri, 19 Dec 2003, Dario Rizzoli wrote:> I have a problem with an ADSL wi-fi router, a Siemens Santis 50. > My notebook has a wi-fi card to connect with the ADSL router. > My home lan is 172.16.1.0/24. My office1 is 192.168.0/24 > I can connect via telnet, icmp, smb, smtp but not from rdp (Windows Terminal > Services). > If i connect via modem all works fine! > From office2 (172.16.7.0) my notebook with lan cable can connect to office1 > with all protocols. > This is a very strange thing! > Can anyone help me?If it helps, I rdp through tinc all the time so it is most likely not a compatibility issue between the two. Does it start to connect but then kinda hangs displaying the login scrn? It might be an mtu issue... where large packets are getting dropped. A friend is having a similar weird issue with rdp through another (non-tinc) vpn and I suspect an mtu issue for him too.. Try setting the mtu of the network interface on the windows client (either the ethernet/wifi port if tinc runs on another box or the tinc tap interface if tinc is running on your client) to something lower than 1500.. try 1300 or 1400. Tinc: Discussion list about the tinc VPN daemon Archive: http://mail.nl.linux.org/lists/ Tinc site: http://tinc.nl.linux.org/
On Fri, Dec 19, 2003 at 01:37:20PM -0700, Jason wrote:> If it helps, I rdp through tinc all the time so it is most likely not a compatibility > issue between the two. Does it start to connect but then kinda hangs > displaying the login scrn? It might be an mtu issue... where large packets > are getting dropped. A friend is having a similar weird issue with rdp > through another (non-tinc) vpn and I suspect an mtu issue for him too.. Try > setting the mtu of the network interface on the windows client (either the > ethernet/wifi port if tinc runs on another box or the tinc tap interface if > tinc is running on your client) to something lower than 1500.. try 1300 or > 1400.You could try the current CVS version, which contains code to do Path MTU Discovery. Basically, it tries to figure out the effective MTU by sending a few test packets, and after a while enforces the discovered MTU on the VPN by sending ICMP messages which tell the hosts on the VPN when to fragment their packets. To enable this, add "PMTUDiscovery yes" to the host config files. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus@sliepen.eu.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20031220/7a95348b/attachment.pgp
On Wed, Feb 04, 2004 at 09:24:25AM +0100, dario wrote:> I have tried the CVS version on both machines with the following options: > first > > PMTUDiscovery = yes > > and then > PMTU = 1000 > > (same configuration on both machines)Did you put those options in the config files in the hosts/ directory or did you put them in tincd.conf? It should be put in the former. If it was in the right place, could you send me a copy of the output when running tinc with -d5 -D? -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus@sliepen.eu.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20040204/626f6d2c/attachment.pgp
Guus Sliepen wrote:>On Wed, Feb 04, 2004 at 09:24:25AM +0100, dario wrote: > > > >>I have tried the CVS version on both machines with the following options: >>first >> >>PMTUDiscovery = yes >> >>and then >>PMTU = 1000 >> >>(same configuration on both machines) >> >> > >Did you put those options in the config files in the hosts/ directory or >did you put them in tincd.conf? It should be put in the former. If it >was in the right place, could you send me a copy of the output when >running tinc with -d5 -D? > > >It Works!!! I wrong the configuration file. Thanks a lot! Tinc: Discussion list about the tinc VPN daemon Archive: http://mail.nl.linux.org/lists/ Tinc site: http://tinc.nl.linux.org/
On Mon, Feb 09, 2004 at 08:58:21AM +0100, dario wrote:> It Works!!! > I wrong the configuration file.Did it work with only PMTUDiscovery = yes, and no explicit PMTU options? -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus@sliepen.eu.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20040209/91e99746/attachment.pgp
Guus Sliepen wrote:>On Mon, Feb 09, 2004 at 08:58:21AM +0100, dario wrote: > > > >>It Works!!! >>I wrong the configuration file. >> >> > >Did it work with only PMTUDiscovery = yes, and no explicit PMTU options? > > >I have tried only with PMTUDiscovery option. Tinc: Discussion list about the tinc VPN daemon Archive: http://mail.nl.linux.org/lists/ Tinc site: http://tinc.nl.linux.org/