Hi. I am trying to connect two offices using tinc. I have two servers running CentOS 5.5, each has two network interfaces with ETH0 being the internal network and ETH1 connected directly to the Internet (public IP). The servers do not do any NAT, we simply want to use them to link the two internal networks together via tinc. I have followed a couple HOWTO articles to configure tinc but so far I can only ping the other server (using the internal IP). When I try to ping anything on the other network I do not get any response. How can I get some useful debug information to know where the packets are being dropped? -- Telecomunicaciones Abiertas de M?xico S.A. de C.V. Carlos Ch?vez Prats Director de Tecnolog?a +52-55-91169161 ext 2001 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20101214/8bebbdb7/attachment.pgp>
Le 15/12/2010 01:27, Carlos Chavez a ?crit :> Hi. I am trying to connect two offices using tinc. I have two servers > running CentOS 5.5, each has two network interfaces with ETH0 being the > internal network and ETH1 connected directly to the Internet (public > IP). The servers do not do any NAT, we simply want to use them to link > the two internal networks together via tinc. > > I have followed a couple HOWTO articles to configure tinc but so far I > can only ping the other server (using the internal IP). When I try to > ping anything on the other network I do not get any response. How can I > get some useful debug information to know where the packets are being > dropped?Hello, Have you add the network information in the host config file ? If yes you probably have a routing issue... Do you have add a static route to the other network on both server ? Can you ping the internal network interface on the distant server ? Tinc "only" create a new interface, you have to manage the routing table yourself. Sich
> Tinc "only" create a new interface, you have to manage the routing table > yourself.And check if you have aktivated ip forwarding on your tinc servers. ALBI...
On Wed, 2010-12-15 at 07:32 +0100, sich wrote:> Le 15/12/2010 01:27, Carlos Chavez a ?crit : > > Hi. I am trying to connect two offices using tinc. I have two servers > > running CentOS 5.5, each has two network interfaces with ETH0 being the > > internal network and ETH1 connected directly to the Internet (public > > IP). The servers do not do any NAT, we simply want to use them to link > > the two internal networks together via tinc. > > > > I have followed a couple HOWTO articles to configure tinc but so far I > > can only ping the other server (using the internal IP). When I try to > > ping anything on the other network I do not get any response. How can I > > get some useful debug information to know where the packets are being > > dropped? > > Hello, > > Have you add the network information in the host config file ? > If yes you probably have a routing issue... Do you have add a static > route to the other network on both server ? > Can you ping the internal network interface on the distant server ? > > Tinc "only" create a new interface, you have to manage the routing table > yourself. >I created the routes and activated IPV4 forwarding on both servers as per the documentation. At this moment I think that the main router at each site is not properly configured to route the VPN networks and that is why I get no answer from remote machines. Unfortunately I do not control the other router so I have to wait until they can confirm routing is properly implemented. Thank you for your response. -- Telecomunicaciones Abiertas de M?xico S.A. de C.V. Carlos Ch?vez Prats Director de Tecnolog?a +52-55-91169161 ext 2001 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20101215/ea545a5d/attachment.pgp>