Hi folks, Sorry to trouble you all - I'm having some trouble getting tincd up and running - I suspect I'm having problems with subnets. Any help would relaly be appreciated! At the moment I'm trying to get two linux boxes, both of which are running as NAT routers for their respective networks to talk. My goal is to allow staff to connect to the corporate network from their laptops using dial up. The office network is on 10.0.0.0/24 The box that's running the vpn has an internal IP of 10.0.0.3 and an external IP of 1.2.3.4 The home network uses 192.168.0.0/24 The box on it running tinc has an internal IP of 192.168.0.1 and an external IP of 5.6.7.8 I'm trying to make the vpn server have an IP of 10.0.1.1 and the client have 10.0.1.10 I think I'm making a little progress - at least on the client I'm seeing /dev/net/tun is a Linux tun/tap device Executing script tinc-up Process 2293 (tinc-up) exited with non-zero status 4 Node home (MYSELF) became reachable For network interfaces I have on the client: vpn Link encap:Ethernet HWaddr 00:FF:30:E2:C7:E8 inet addr:10.0.1.10 Bcast:10.255.255.255 Mask:255.255.255.0 and on the server: vpn Link encap:Point-to-Point Protocol inet addr:10.0.1.1 P-t-P:10.0.1.1 Mask:255.255.0.0 On the office server I have: tinc-up #!/bin/sh ifconfig $INTERFACE 10.0.1.1 netmask 255.255.0.0 route add -host 10.0.1.1 dev $INTERFACE route add -net 10.0.1.0 netmask 255.255.0.0 gw 10.0.1.1 tinc.conf Name = hqvpn Device = /dev/net/tun onnectTo = home PrivateKeyFile=/etc/tinc/rsa_key.priv hosts/hqvpn Compression = 9 Address = 1.2.3.4 Subnet = 10.0.0.0/24 public key. hosts/home Address = 5.6.7.8 Subnet = 10.0.1.10/32 public key. At home I have: tinc-up #!/bin/sh ifconfig $INTERFACE 10.0.1.10 netmask 255.255.255.0 route add -host 10.0.1.10 dev $INTERFACE route add -net 10.0.1.0 netmask 255.255.0.0 gw 10.0.1.10 tinc.conf Name = home Device = /dev/net/tun #ConnectTo = russell onnectTo = hqvpn PrivateKeyFile=/etc/tinc/vpn/rsa_key.priv hosts/hqvpn Address = 1.2.3.4 Subnet = 10.0.0.0/24 Compression=9 -----BEGIN RSA PUBLIC KEY----- hosts/home Address = 5.6.7.8 Subnet = 10.0.1.10/32 -----BEGIN RSA PUBLIC KEY----- Tinc: Discussion list about the tinc VPN daemon Archive: http://mail.nl.linux.org/lists/ Tinc site: http://tinc.nl.linux.org/
On Sun, Feb 15, 2004 at 05:41:04PM -0000, Russell Horn wrote:> I'm trying to make the vpn server have an IP of 10.0.1.1 and the client > have 10.0.1.10If that really is what you want, then:> On the office server I have: > > tinc-up > #!/bin/sh > ifconfig $INTERFACE 10.0.1.1 netmask 255.255.0.0 > route add -host 10.0.1.1 dev $INTERFACE > route add -net 10.0.1.0 netmask 255.255.0.0 gw 10.0.1.1The tinc-up script should just contain: #!/bin/sh ifconfig $INTERFACE 10.0.1.1 netmask 255.255.255.0> hosts/hqvpn > Compression = 9 > Address = 1.2.3.4 > Subnet = 10.0.0.0/24 > public key.Subnet should be 10.0.1.1/32> At home I have: > > tinc-up > #!/bin/sh > ifconfig $INTERFACE 10.0.1.10 netmask 255.255.255.0 > route add -host 10.0.1.10 dev $INTERFACE > route add -net 10.0.1.0 netmask 255.255.0.0 gw 10.0.1.10That should be: #!/bin/sh ifconfig $INTERFACE 10.0.1.10 netmask 255.255.255.0> hosts/home > Address = 5.6.7.8 > Subnet = 10.0.1.10/32 > -----BEGIN RSA PUBLIC KEY-----That one is correct. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus@sliepen.eu.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20040216/f7f1deed/attachment.pgp