Jelle de Jong
2016-Feb-02 10:25 UTC
dual gateway with routing issues and tinc-up and host-up scripts for windows clients?
Hello everybody, I am doing some test with TINC and Windows 7 and I am having some issues with routing. (see attachment for the client configuration) The set-up I configured uses DHCP over the TINC tunnel and the Windows guests ends up with two gateways (one from its own network and one from the TINC network). The problem is that traffic when browsing the internet should go over the TINC tunnel as well and now it is currently split. I thought I would change the TINC gateways metric to be lower then the gateway from the standard Windows client, but this does not provide a stable solution as the clients internet stops working completely from time to time. How can I execute a dynamic script under Windows when the TINC tunnel comes up? To say execute the following command: route ADD 0.0.0.0 MASK 255.255.252.0 192.168.200.1 METRIC 5 IF 24 Any advice would be much appreciated. Kind regards, Jelle de Jong irc: tuxcrafter -------------- next part -------------- #----------------------------------------------------------------------- # open command promt with admin rights cd c:\Users\IEUser\Downloads # install Windows Resource Kit Tool msiexec /i subinacl.msi # install TINC-VPN tinc-1.0.26-install.exe #----------------------------------------------------------------------- cd "c:\Program Files\tinc" mkdir powercraft01 echo ConnectTo = server01 > powercraft01\tinc.conf echo Interface = PowerCraftVPN >> powercraft01\tinc.conf echo Mode = switch >> powercraft01\tinc.conf echo Name = client02 >> powercraft01\tinc.conf mkdir powercraft01\hosts echo Address = tinc.powercraft.nl > powercraft01\hosts\server01 #----------------------------------------------------------------------- echo -----BEGIN RSA PUBLIC KEY----- >> powercraft01/hosts/server01 ... echo -----END RSA PUBLIC KEY----- >> powercraft01/hosts/server01 #----------------------------------------------------------------------- echo Compression = 9 > powercraft01/hosts/client02 echo PMTU = 1400 >> powercraft01/hosts/client02 echo PMTUDiscovery = yes >> powercraft01/hosts/client02 #----------------------------------------------------------------------- echo -----BEGIN RSA PUBLIC KEY----- >> powercraft01/hosts/client02 ... echo -----END RSA PUBLIC KEY----- >> powercraft01/hosts/client02 #----------------------------------------------------------------------- echo -----BEGIN RSA PRIVATE KEY----- >> powercraft01/rsa_key.priv ... echo -----END RSA PRIVATE KEY----- >> powercraft01/rsa_key.priv # todo: set permissions for rsa_key.priv file windows, this may not be needed #----------------------------------------------------------------------- # install tap device C:\Program Files\tinc>tap-win32\addtap.bat # change name of created interface to PowerCraftVPN wmic nic where "Caption like '%TAP-Win32 Adapter V9'" set NetConnectionID=PowerCraftVPN # set interface metric to 5 netsh interface ipv4 set interface "PowerCraftVPN" metric=5 store=persistent # windows .bat example that needs some work to rename interface using a script http://wiki.cementhorizon.com/display/CH/How+to+install+and+configure+tinc+on+Windows+7+and+Ubuntu+10.10+Linux+and+CentOS+5 #----------------------------------------------------------------------- # create the services C:\Program Files\tinc>tincd.exe -n powercraft01 tinc.powercraft01 service installed tinc.powercraft01 service started #----------------------------------------------------------------------- # set permissions to star/stop/pause/resume the tinc service for user: IEUser C:\Windows\system32>"C:\Program Files\Windows Resource Kits\Tools\subinacl.exe" /service tinc.powercraft01 /grant=IEUser=PTO # set tinc service to start manually c:\Program Files\tinc>sc config tinc.powercraft01 start= demand [SC] ChangeServiceConfig SUCCESS #----------------------------------------------------------------------- # Using the PowerCraftVPN C:\Users\IEUser>net stop tinc.powercraft01 The tinc.powercraft01 service is stopping. The tinc.powercraft01 service was stopped successfully. C:\Users\IEUser>net start tinc.powercraft01 The tinc.powercraft01 service is starting. The tinc.powercraft01 service was started successfully. #----------------------------------------------------------------------- # check route c:\Program Files\tinc>route print # check ipconfig c:\Program Files\tinc>ipconfig #-----------------------------------------------------------------------
Guus Sliepen
2016-Feb-02 10:45 UTC
dual gateway with routing issues and tinc-up and host-up scripts for windows clients?
On Tue, Feb 02, 2016 at 11:25:30AM +0100, Jelle de Jong wrote:> How can I execute a dynamic script under Windows when the TINC tunnel > comes up? To say execute the following command: route ADD 0.0.0.0 MASK > 255.255.252.0 192.168.200.1 METRIC 5 IF 24Just like under Linux, but add the extension ".bat" to the scripts, so tinc-up.bat and hosts/server01-up.bat. You can then use netsh commands in the .bat files, and use %INTERFACE% instead of $INTERFACE. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160202/417aeda3/attachment.sig>