Hi, Best wishes to all for this new year. Trying to connect my Laptop (HSDPA) to MainPC (DSL). Both running Windows XP. Laptop host file: Address = 41.208.50.176 Subnet = 10.0.0.2 -----BEGIN RSA PUBLIC KEY----- ... -----END RSA PUBLIC KEY----- MainPC host file: Address = 41.242.172.108 Subnet = 10.0.0.1 -----BEGIN RSA PUBLIC KEY----- ... -----END RSA PUBLIC KEY----- Tried alternate Subnet of 10.0.x.0/24 with same result. Two sides appear to be talking but I cannot perform any "network functions" across this link. Office Firewall has port 655 open for TCP and UDP. Laptop has no firewall - turned off for tests. Attached is log of the MainPC tinc debug Any ideas appreciated Kind regards Graham Smith -------------- next part -------------- A non-text attachment was scrubbed... Name: tincd.jpg Type: image/jpeg Size: 0 bytes Desc: not available Url : http://www.tinc-vpn.org/pipermail/tinc/attachments/20090106/3e44cdc1/attachment.jpg
On Tue, Jan 06, 2009 at 07:38:49PM +0200, Graham Smith wrote:> Trying to connect my Laptop (HSDPA) to MainPC (DSL). Both running Windows XP.[...]> Two sides appear to > be talking but I cannot perform any "network functions" across this link. > > Office Firewall has port 655 open for TCP and UDP. Laptop has no firewall - > turned off for tests.Try adding TCPOnly = yes to the tinc.conf files. If that fixes the problem, it is a firewall or NAT problem. Note that your DSL and/or 3G provider might do that outside of your control. If that doesn't help, check the configuration of the TAP interfaces.> Attached is log of the MainPC tinc debugThe log was a JPEG screenshot of a cmd.exe window. Next time, please try to cut&paste the text via the clipboard, or use the --logfile option to get the log written to a file. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature Url : http://www.tinc-vpn.org/pipermail/tinc/attachments/20090106/7824141e/attachment.pgp
Hi Guus, Thanks for the quick response.>Try adding TCPOnly = yes to the tinc.conf files.According to docs, TCPOnly applies to Host configs but tried adding to tinc.conf as well, no luck.> check the configuration of the TAP interfaces.Quadruple checked - I can connect tinc inside my lan, no prob.> your DSL and/or 3G provider might do that outside of your control.
On Wed, Jan 07, 2009 at 03:30:07PM +0200, Graham Smith wrote:> > The bogus data is the problem. Check if the keys are generated.. > > Yep, I guessed so. I had regenerated keys a couple of times but obviously > got it wrong so re-did keys on both ends, now we are getting a timeout on > ChallengeHm this could still be the same problem. Are you sure you removed all keys from all host config files and rsa_key.priv before generating new ones? -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature Url : http://www.tinc-vpn.org/pipermail/tinc/attachments/20090108/5ebad42b/attachment.pgp