Hi all,
i think my problem is trivial, but i don't get this thing done ...
In our office a linux-box ("gw") is connected like this:
- via eth0 to the local net (192.168.1.0/24)
- via eth1 to the DSL-router (dynamic ip)
- via ippp0 (isdn-card) 192.168.2.245 to the stand-alone pc
192.168.2.250 ("single")
"single" is a w2k box and have an isdn-card, too and is able to dial
in to "gw". Routing is ok, reaching the pc's in 192.168.1.0/24 is
working.
Now i want to have a vpn between "single" and "gw".
I don't understand, how "single" is able to dial in to
"gw" with the
new TAP-Win32 interface called "vpn".
Does it use the existing dial in (isdn)? Where do i tell tinc to use
it?
Is switch mode the better solution to connect a stand-alone pc to our
office?
I'm confused ...
So please, push me to the right direction ...
Thank you very much in advance,
Alex
On Fri, May 21, 2004 at 11:22:07AM +0200, Reil wrote:> Now i want to have a vpn between "single" and "gw". > > I don't understand, how "single" is able to dial in to "gw" with the > new TAP-Win32 interface called "vpn". > > Does it use the existing dial in (isdn)? Where do i tell tinc to use > it?On "single", you add ConnectTo = gw to tinc.conf, and you have a file hosts/gw, which contains the Address of gw you wish to connect to. That address should be 192.168.2.245. That's enough for windows to use the ISDN card.> Is switch mode the better solution to connect a stand-alone pc to our > office?No. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus@sliepen.eu.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20040521/a554ef1e/attachment.pgp
Hello Guus,> > Now i want to have a vpn between "single" and "gw". > > > > I don't understand, how "single" is able to dial in to "gw" withthe> > new TAP-Win32 interface called "vpn". > > > > Does it use the existing dial in (isdn)? Where do i tell tinc touse> > it? > > On "single", you add ConnectTo = gw to tinc.conf, and you have afile> hosts/gw, which contains the Address of gw you wish to connect to. > That address should be 192.168.2.245. That's enough for windows touse> the ISDN card.thank you very much for your reply. I made little progress, but i still don't know how to configure this connection. I think the more simple part of the configuration is done on "gw", which is a linux box. To be sure, that this side of the vpn is set up correctly, would you please be so kind and have a look at my configuration files ... /etc/tinc/vpn/tinc.conf: ================Name = gw AddressFamily = ipv4 Device = /dev/tun Hostnames = no Mode = router PrivateKeyFile=/etc/tinc/vpn/rsa_key.priv /etc/tinc/vpn/hosts/gw: ================Address = 192.168.2.245 # This is the ppp-address. Subnet = 192.168.2.0/24 # I'm not sure, if this is correct. -----BEGIN RSA PUBLIC KEY----- ... /etc/tinc/vpn/hosts/single: ==================Address = 192.168.2.250 Subnet = # I don't know, what value to add here :-( -----BEGIN RSA PUBLIC KEY----- ... /etc/tinc/vpn/tinc-up: ==============ifconfig $INTERFACE 192.168.2.245 netmask 255.255.0.0 I hope, you can help me ... Greetings, Alexander -- Gemeinde Berg Herr Reil Telefon: 08151/508-41 Fax: 08151/508-88 E-Mail: reil@gemeinde-berg.de
Hi Guus! Thank you so much. You are the man and tinc rules! Now, when i start tinc on "single" i have to give my ppp password and "single" dials in to "gw". On "gw" i can see the output of tincd and everything seems to work! Cool ... One more minor thing which confuses me: - on "single" i can see the status of the ppp connection called "isdn" and the connection with the virtual tap device "vpn". What makes me wondering is the number of packets they show. After downloading some files from a server behind "gw" the status of "isdn" shows +15.000 packets, the status of "vpn" only ca. 100. For me it seems that all traffic bypass the vpn ... Am i wrong to expect all the traffic have to pass "vpn", too? Again, thank you ... Alexander -- Gemeinde Berg Herr Reil Telefon: 08151/508-41 Fax: 08151/508-88 E-Mail: reil@gemeinde-berg.de