Hi folks,
Sorry to trouble you all - I'm having some trouble getting tincd up and
running - I suspect I'm having problems with subnets. Any help would
relaly be appreciated!
At the moment I'm trying to get two linux boxes, both of which are
running as NAT routers for their respective networks to talk. My goal is
to allow staff to connect to the corporate network from their laptops
using dial up.
The office network is on 10.0.0.0/24 The box that's running the vpn has
an internal IP of 10.0.0.3 and an external IP of 1.2.3.4
The home network uses 192.168.0.0/24 The box on it running tinc has an
internal IP of 192.168.0.1 and an external IP of 5.6.7.8
I'm trying to make the vpn server have an IP of 10.0.1.1 and the client
have 10.0.1.10
I think I'm making a little progress - at least on the client I'm seeing
/dev/net/tun is a Linux tun/tap device
Executing script tinc-up
Process 2293 (tinc-up) exited with non-zero status 4
Node home (MYSELF) became reachable
For network interfaces I have on the client:
vpn Link encap:Ethernet HWaddr 00:FF:30:E2:C7:E8
inet addr:10.0.1.10 Bcast:10.255.255.255 Mask:255.255.255.0
and on the server:
vpn Link encap:Point-to-Point Protocol
inet addr:10.0.1.1 P-t-P:10.0.1.1 Mask:255.255.0.0
On the office server I have:
tinc-up
#!/bin/sh
ifconfig $INTERFACE 10.0.1.1 netmask 255.255.0.0
route add -host 10.0.1.1 dev $INTERFACE
route add -net 10.0.1.0 netmask 255.255.0.0 gw 10.0.1.1
tinc.conf
Name = hqvpn
Device = /dev/net/tun
onnectTo = home
PrivateKeyFile=/etc/tinc/rsa_key.priv
hosts/hqvpn
Compression = 9
Address = 1.2.3.4
Subnet = 10.0.0.0/24
public key.
hosts/home
Address = 5.6.7.8
Subnet = 10.0.1.10/32
public key.
At home I have:
tinc-up
#!/bin/sh
ifconfig $INTERFACE 10.0.1.10 netmask 255.255.255.0
route add -host 10.0.1.10 dev $INTERFACE
route add -net 10.0.1.0 netmask 255.255.0.0 gw 10.0.1.10
tinc.conf
Name = home
Device = /dev/net/tun
#ConnectTo = russell
onnectTo = hqvpn
PrivateKeyFile=/etc/tinc/vpn/rsa_key.priv
hosts/hqvpn
Address = 1.2.3.4
Subnet = 10.0.0.0/24
Compression=9
-----BEGIN RSA PUBLIC KEY-----
hosts/home
Address = 5.6.7.8
Subnet = 10.0.1.10/32
-----BEGIN RSA PUBLIC KEY-----
Tinc: Discussion list about the tinc VPN daemon
Archive: http://mail.nl.linux.org/lists/
Tinc site: http://tinc.nl.linux.org/
On Sun, Feb 15, 2004 at 05:41:04PM -0000, Russell Horn wrote:> I'm trying to make the vpn server have an IP of 10.0.1.1 and the client > have 10.0.1.10If that really is what you want, then:> On the office server I have: > > tinc-up > #!/bin/sh > ifconfig $INTERFACE 10.0.1.1 netmask 255.255.0.0 > route add -host 10.0.1.1 dev $INTERFACE > route add -net 10.0.1.0 netmask 255.255.0.0 gw 10.0.1.1The tinc-up script should just contain: #!/bin/sh ifconfig $INTERFACE 10.0.1.1 netmask 255.255.255.0> hosts/hqvpn > Compression = 9 > Address = 1.2.3.4 > Subnet = 10.0.0.0/24 > public key.Subnet should be 10.0.1.1/32> At home I have: > > tinc-up > #!/bin/sh > ifconfig $INTERFACE 10.0.1.10 netmask 255.255.255.0 > route add -host 10.0.1.10 dev $INTERFACE > route add -net 10.0.1.0 netmask 255.255.0.0 gw 10.0.1.10That should be: #!/bin/sh ifconfig $INTERFACE 10.0.1.10 netmask 255.255.255.0> hosts/home > Address = 5.6.7.8 > Subnet = 10.0.1.10/32 > -----BEGIN RSA PUBLIC KEY-----That one is correct. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus@sliepen.eu.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20040216/f7f1deed/attachment.pgp