Hi!
I'm currently using Tinc to create a VPN between a Linux server, a Windows
server, and my local laptop and desktop computers (both running Windows). I
picked an IP in the 10.123.1.x range for each server, and added something
like "Subnet = 10.123.1.1/32" to each host config file. It's
working very
well!
What I'd like to do now is expose an extra subnet to the VPN. The Linux
server has LXC containers in the 192.168.122.1/24 subnet. I'd like any hits
to 192.168.122.x to go to that particular server. I tried simply modifying
the host config to also include that subnet:
Subnet = 10.123.1.1/32
Subnet = 192.168.122.1/24
But that didn't work - Pings to 192.168.122.3 from other hosts on the VPN
just time out
When I run "route print" on the Windows machines, I don't see any
routes
for that IP range.
Do I need to do any extra config on the Linux server, or do I need to
somehow configure additional routing rules on my Windows machines?
This is how I configured Tinc in /etc/networking/interfaces on the Linux
machine:
auto tincvpn
iface tincvpn inet static
address 10.123.1.1
netmask 255.255.255.0
tinc-net vpn
tinc-debug 1
tinc-mlock yes
tinc-user nobody
tinc-pidfile /run/tinc.pid
Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20181204/c85112de/attachment.html>
I worked this out - I just had to manually add a route on the Windows machines: route add 192.168.122.0 mask 255.255.255.0 10.123.1.4 (where 10.123.1.4 is the local IP on the Tinc interface) I was hoping that Tinc would automatically configure the routing tables, but configuring it manually is fine. On Tue, Dec 4, 2018 at 11:10 PM Daniel Lo Nigro <lists at d.sb> wrote:> Hi! > > I'm currently using Tinc to create a VPN between a Linux server, a Windows > server, and my local laptop and desktop computers (both running Windows). I > picked an IP in the 10.123.1.x range for each server, and added something > like "Subnet = 10.123.1.1/32" to each host config file. It's working very > well! > > What I'd like to do now is expose an extra subnet to the VPN. The Linux > server has LXC containers in the 192.168.122.1/24 subnet. I'd like any > hits to 192.168.122.x to go to that particular server. I tried simply > modifying the host config to also include that subnet: > > Subnet = 10.123.1.1/32 > Subnet = 192.168.122.1/24 > > But that didn't work - Pings to 192.168.122.3 from other hosts on the VPN > just time out > > When I run "route print" on the Windows machines, I don't see any routes > for that IP range. > > Do I need to do any extra config on the Linux server, or do I need to > somehow configure additional routing rules on my Windows machines? > > This is how I configured Tinc in /etc/networking/interfaces on the Linux > machine: > > auto tincvpn > iface tincvpn inet static > address 10.123.1.1 > netmask 255.255.255.0 > tinc-net vpn > tinc-debug 1 > tinc-mlock yes > tinc-user nobody > tinc-pidfile /run/tinc.pid > > > Thanks! > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20181205/43a0a9dd/attachment.html>
On 6/12/18 11:45 am, Daniel Lo Nigro wrote:> I worked this out - I just had to manually add a route on the Windows > machines: > > route add 192.168.122.0 mask 255.255.255.0 10.123.1.4 > > (where 10.123.1.4 is the local IP on the Tinc interface) > I was hoping that Tinc would automatically configure the routing > tables, but configuring it manually is fine.Tinc will run its hook scripts subnet-up and subnet-down when it learns about subnets at other nodes. https://www.tinc-vpn.org/documentation/Scripts.html Unfortunately I could not find an example of these for Windows. I posted about this a couple of weeks back but did not get any response. Hamish -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20181206/8de9e6ff/attachment.html>