Hi, Here is my goal. Can I do this with tinc? I have a mobile broadband card, and my machine runs a webserver, email server, and a public vcs. But I have four problems: 1. Port 25 is blocked so I have to use an elaborate convulsion to allow me to send mails. 2. It has a dynamic IP address so I have to use dynamic DNS. 3. There's no way for me to set up reverse DNS (that I know of). 4. They try to block bittorrent traffic. I have a VPS, can I somehow route/tunnel (whattever the word is) EVERYTHING through the VPS? So I could kind of `fix' my connection to be as if as if I have a static IP address, with port 25 not blocked, and bittorrent not blocked? I'm a noob of this type of thing but I'm determined to fix my connection and I hope you can help. BTW I'm t67 on freenode.
ZioPRoTo (Saverio Proto)
2011-May-02 15:31 UTC
Can I use it to FIX my internet connection?
Yes u can. Saverio 2011/5/2 Joseph Graham <joe at t67.eu>:> Hi, > > Here is my goal. Can I do this with tinc? > > I have a mobile broadband card, and my machine runs a webserver, email > server, and a public vcs. But I have four problems: > 1. Port 25 is blocked so I have to use an elaborate convulsion to allow > me to send mails. > 2. It has a dynamic IP address so I have to use dynamic DNS. > 3. There's no way for me to set up reverse DNS (that I know of). > 4. They try to block bittorrent traffic. > > I have a VPS, can I somehow route/tunnel (whattever the word is) > EVERYTHING through the VPS? > > So I could kind of `fix' my connection to be as if as if I have a static > IP address, with port 25 not blocked, and bittorrent not blocked? > > I'm a noob of this type of thing but I'm determined to fix my connection > and I hope you can help. > > BTW I'm t67 on freenode. > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >
On Mon, May 2, 2011 at 5:31 PM, ZioPRoTo (Saverio Proto) <zioproto at gmail.com> wrote:> Yes u can.But Tinc does not have all the right scripts for each platform to do that without any pain. -- Benjamin Henrion <bhenrion at ffii.org> FFII Brussels - +32-484-566109 - +32-2-4148403 "In July 2005, after several failed attempts to legalise software patents in Europe, the patent establishment changed its strategy. Instead of explicitly seeking to sanction the patentability of software, they are now seeking to create a central European patent court, which would establish and enforce patentability rules in their favor, without any possibility of correction by competing courts or democratically elected legislators."
On Mon, May 02, 2011 at 05:33:57PM +0200, Benjamin Henrion wrote:> On Mon, May 2, 2011 at 5:31 PM, ZioPRoTo (Saverio Proto) > <zioproto at gmail.com> wrote: > > Yes u can. > > But Tinc does not have all the right scripts for each platform to do > that without any pain.Indeed, only for Linux there are example scripts on the wiki: http://tinc-vpn.org/examples/redirect-gateway/ If anyone knows how to do something similar on *BSD, MacOS/X or Windows, let me know. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20110508/30efcfb2/attachment.pgp>
For Windows you can do this through the command prompt (run as administrator in Vista & Win7). First get the current default gateway. Enter the command "route print" Look for the line where Network Destination and Netmask are 0.0.0.0. The gateway listed on that same line is the current default gateway. The first change is to set a static route to the internet IP of the remote Tinc participant, using your "normal" default gateway as your next hop using the "route ADD" command. This will enable us to change our default gateway, without breaking the necessary route to keep the VPN alive. Example: route ADD <IP address of remote Tinc participant> MASK 255.255.255.255 <IP of your normal default gateway> Example: route ADD 173.66.67.97 MASK 255.255.255.255 192.168.0.1 Now you change your default gateway to the VPN IP address of the remote Tinc participant. If for example your VPN network is 10.10.10.0/30. You may have the address 10.10.10.1 while the remote side has the address 10.10.10.2. The remote address is what we need. Changing the default gateway is done with the "route CHANGE" command. Example: route CHANGE 0.0.0.0 MASK 0.0.0.0 <VPN IP address of the remote Tinc participant> Example: route CHANGE 0.0.0.0 MASK 0.0.0.0 10.10.10.2 You will now be using the remote VPN participant as your default gateway to the internet. The last thing to be verify is that the remote participant is configured to route traffic, so be sure to enable IP routing on the remote node and configure any necessary firewalls. Scripting this would simply be adding these commands to a plain text file with the ".bat" extension. Windows will recognize it as executable by default. On Sun, May 8, 2011 at 6:51 AM, Guus Sliepen <guus at tinc-vpn.org> wrote:> On Mon, May 02, 2011 at 05:33:57PM +0200, Benjamin Henrion wrote: > >> On Mon, May 2, 2011 at 5:31 PM, ZioPRoTo (Saverio Proto) >> <zioproto at gmail.com> wrote: >> > Yes u can. >> >> But Tinc does not have all the right scripts for each platform to do >> that without any pain. > > Indeed, only for Linux there are example scripts on the wiki: > > http://tinc-vpn.org/examples/redirect-gateway/ > > If anyone knows how to do something similar on *BSD, MacOS/X or Windows, let me > know. > > -- > Met vriendelijke groet / with kind regards, > ? ? Guus Sliepen <guus at tinc-vpn.org> > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > >
On Mon, May 09, 2011 at 10:25:35AM -0400, Donald Pearson wrote:> Example: route ADD <IP address of remote Tinc participant> MASK > 255.255.255.255 <IP of your normal default gateway>[...]> Scripting this would simply be adding these commands to a plain text > file with the ".bat" extension. Windows will recognize it as > executable by default.Hm, but how would you get the IP of the normal default gateway in a .bat script? -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20120218/58a2beef/attachment.pgp>