Hi folks. At the moment I'm using tinc to connect to linux boxes, both of which are behind NAT. This works just fine. I'd now like to connect some roaming windows users to the network so they can browse a samba share like I can already do with linux. These folk will likely have dynamic IP addresses. The server has an IP of 10.0.0.2 My client has an IP of 192.168.1.100 Here's what I have at the moment. This all makes sense when I know what the client IP will be, but I don't know what to do when I'm connecting with a Windows client that has an unknown IP address. Will this even work with my server config? Any help would be really appreciated. Russell. Server: tinc.conf Device=/dev/net/tun Name=server PrivateKeyFile=/etc/tinc/twwh/rsa_key.priv TCPOnly=yes tinc-up #!/bin/sh ifconfig $INTERFACE 10.0.0.2 netmask 255.255.255.0 route add -host 192.168.1.100 dev $INTERFACE route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.100 Client: tinc.conf ConnectTo=server Device=/dev/net/tun Name=client PrivateKeyFile=/etc/tinc/twwh/rsa_key.priv TCPOnly=yes tinc-up ifconfig $INTERFACE 192.168.1.100 netmask 255.255.255.0 route add -host 10.0.0.2 dev $INTERFACE route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.2 /hosts/server Compression=9 Subnet=10.0.0.0/24 Address=xxx.xxx.212.173 /hosts/client Compression=9 Subnet=192.168.1.0/24 Address=xxx.xxx.167.12
On Thu, Jan 13, 2005 at 04:49:08PM -0500, Russell Horn wrote:> Here's what I have at the moment. This all makes sense when I know what > the client IP will be, but I don't know what to do when I'm connecting > with a Windows client that has an unknown IP address. Will this even > work with my server config?Well:> client tinc-up: > ifconfig $INTERFACE 192.168.1.100 netmask 255.255.255.0 > route add -host 10.0.0.2 dev $INTERFACE > route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.2 > > /hosts/client > Compression=9 > Subnet=192.168.1.0/24 > Address=xxx.xxx.167.12First of all, you probably want Subnet = 192.168.1.100/32 in /hosts/client. Furthermore, if you don't know the IP address of the client on the Internet, you can just omit the Address=... statement from hosts/client. That Address is only necessary if someone would have a ConnectTo = client. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus@sliepen.eu.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20050113/3f1b9cee/attachment.pgp