"PrivateKeyFile" as this is default, otherwise configuration is quite<br> minimal.<br> <br> <br> =3D=3D=3D=3D=3D=3D=3D Configuration =3D=3D=3D=3D=3D=3D=3D=3D=3D<br> <br> Server Side<br> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br> # cat tinc.conf<br> Name =3D fsvpns3f30<br> Mode =3D switch<br> Device =3D /dev/net/tun<br> AddressFamily =3D ipv4<br> PingInterval =3D 30<br> PrivateKeyFile =3D /etc/tinc/fsvpn/rsa_key.priv<br> <br> # cat tinc-up<br> #!/bin/sh<br> ifconfig $INTERFACE 10.10.100.30 netmask 255.255.0.0<br> <br> # cat hosts/fsvpns3f30<br> Address =3D <a href=3D"http://xyz.dyndns.org" target=3D"_blank">xyz.dyndns.org</a><br> Port=3D655<br> Compression=3D9<br> Subnet=3D<a href=3D"http://10.10.0.0/16%0ATCPonly=3Dyes" target=3D"_blank">10.10.0.0/16<br> TCPonly=3Dyes</a><br> -----BEGIN RSA PUBLIC KEY-----<br> ...<br> -----END RSA PUBLIC KEY-----<br> <br> Client Side<br> =3D=3D=3D=3D=3D=3D=3D=3D<br> # cat tinc.conf<br> Name =3D fsvpnmf<br> Mode =3D switch<br> Device =3D /dev/net/tun<br> AddressFamily =3D ipv4<br> PingInterval =3D 30<br> ConnectTo =3D fsvpns3f30<br> PrivateKeyFile=3D/etc/tinc/fsvpn/rsa_key.priv<br> <br> # cat tinc-up<br> #!/bin/sh<br> ifconfig $INTERFACE 10.10.101.1 netmask 255.255.0.0<br> <br> # cat fsvpnmf<br> Port =3D tinc<br> Compression =3D 9<br> Subnet =3D <a href=3D"http://10.10.101.1/32%0ATCPonly=3Dyes" target=3D"_blank">10.10.101.1/32<br> TCPonly=3Dyes</a><br> ConnectTo =3D <a href=3D"http://xyz.dyndns.org" target=3D"_blank">xyz.dyndns.org</a><br> -----BEGIN RSA PUBLIC KEY-----<br> ...<br> -----END RSA PUBLIC KEY-----<br> <br> This setup works now for a while with the restriction that I can<br> directly only reach one machine on my network. I can ssh through it to<br> reach the other machines in the network, but this is not ideal (e.g.<br> if =A0I want to directly reach windows machines). That means from my<br> laptop I can only directly reach the <a href=3D"http://10.10.0.30/10.10.100/30" target=3D"_blank">10.10.0.30/10.10.100/30</a> machine.<br> It looks like a routing problem. I guess I will have to add on tinc-up<br> script on both sides but in combination with the vpn device I need<br> some guidance.<br> <br> Can you see how the configuration can be enhanced to reach the whole<br> network of machines on the home network from laptops directly ?<br> <br> Any suggestions are welcome.<br> <br> Mansour Farghaly<br> _______________________________________________<br> tinc mailing list<br> <a href=3D"mailto:tinc at tinc-vpn.org">tinc at tinc-vpn.org</a><br> <a href=3D"http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target=3D"_blank">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a><br> </blockquote></div><br> --000e0cd23ef23e5ddf047f0a7463--