headers
Ivan Vilata i Balaguer | 21 May 2013 17:23
Gravatar

Unauthorized ADD_SUBNET, but known subnet

Hi all,

I'm using a tinc 1.0.19 (from Debian Squeeze) setup with some nodes
connecting to a "server" node which has "StrictSubnets = yes".  Whenever
a new node is added to the mesh, a process generates and drops its host
file in the server's host directory before the node is booted and tries
to connect.

For instance, I create a node "node_2" and a host file with the
following subnet is created:

    Subnet = fd65:fc41:c50f:2:0:0:0:0/64

When the node boots I see the following messages in tinc's log:

1369133834 tinc.confine[2550]: Connection from 10.241.0.2 port 50858
...
1369133834 tinc.confine[2550]: Connection with node_2 (10.241.0.2 port
  50858) activated
...
1369133834 tinc.confine[2550]: Got ADD_SUBNET from node_2 (10.241.0.2
  port 50858): 10 3fba6e6f node_2 fd65:fc41:c50f:2:0:0:0:0/64#10
1369133834 tinc.confine[2550]: Ignoring unauthorized ADD_SUBNET from
  node_2 (10.241.0.2 port 50858): fd65:fc41:c50f:2:0:0:0:0/64#10
...
1369133834 tinc.confine[2550]: Node node_2 (10.241.0.2 port 655) became
  reachable

The node publishes that subnet and the server knows it beforehand from
the existing node host file, but as you can see it still ignores it as
(Continue reading)

Permalink | Reply | 2 comments |
headers
Laurent Alebarde | 17 May 2013 13:19
Picon
Favicon

DTLS

Hi all,

I am looking for a secured communication between web clients and my servers. tinc looks great. I understand it uses UDP for data. But does it use DTLS (newbbie question) ?

As someone tryed to use 0MQ with it ?

Cheers,

Laurent.
<div>
    Hi all,<br><br>
      I am looking for a secured communication between web clients and
      my servers. tinc looks great. I understand it uses UDP for data.
      But does it use DTLS (newbbie question) ?<br><br>
      As someone tryed to use 0MQ with it ?<br><br>
      Cheers,<br><br>
      Laurent.<br>
  </div>
Permalink | Reply | 1 comment |
headers
Lee Essen | 15 May 2013 17:39
Picon

Routing control within one tinc network

Hi,

I have a question around whether there is any way to control tinc routing if you have multiple routes to the
same destination.

I have a three node configuration, let's call them:

home -> connects to both other nodes
vps1 -> a VPS, providing connection to the internet
vps2 -> another VPS, also providing a connection to the internet

Both vps nodes provide their own 192.168.x.0 subnet as well as 0.0.0.0/0 to allow any traffic to go that way
and out to the internet (via SNAT.)

My original plan was to have different weightings on the 0.0.0.0/0 networks so that I got a preferred vps
node, but in the event of a problem it would effectively fail over to the other one. This config all works
perfectly ... tinc is absolutely superb!

BUT ... my preferred vps node has a slight issue from a geographic standpoint that means some services don't
work as well as they should ... I'd still like it to be the primary since it has a much bigger bandwidth
allowance, but I'd like to route specific services over the other vps (obviously should this second node
fail, I'd lose those things that don't work well on the primary ... I'm ok with this.)

So basically I have a single tinc VPN with two nodes providing 0.0.0.0/0 and I'd still like a way to force
specific traffic over one or the other.

I tried using the 192.168.x.x address in the routing table, but that seems to be ignored, traffic still goes
down the primary route.

I can't find a way to do this, which means I'm going to have to resort to two different tinc networks, which
isn't as nice.

Any ideas would be really appreciated.

Regards,

Lee.
Permalink | Reply | 2 comments |
headers
Mike Bentzen | 12 May 2013 03:49
Picon

connectivity issues

Hi Guus and List,

Since the CVE-2013-1428 was announced, I followed the recommendation to 
update my windows machines to tinc1.1pre7.
I've had connectivity issues since upgrading. I've done some debugging 
but I can't figure out when or why its happening.

All machines on the network are running Windows 7 or Windows 2008R2 
Enterprise server and tinc 1.1pre7.
I've got one master node, which all machines connect to. Everything is 
running in router mode.
All machines (apart from MIKEIPHONE and MIKEIPAD are connected to the 
network and authenticated)
I've also recently changed the Forwarding variable on the master node 
to: Forwarding = off, but I cannot remember how long ago this was, and 
I'm not sure if this is what is causing the issue.
I don't want VPS01PP to route any VPN traffic, I only want it to be used 
for establishing the connection between other nodes.

Example:

When trying to connect MIKEHOMEPC to MIKEDEV02, i get a destination 
unreachable message.
VPN addresses: MIKEHOMEPC = 192.168.69.5/32, MIKEDEV02 = 192.168.69.3/32

Pinging 192.168.69.3 with 32 bytes of data:
Reply from 192.168.69.3: Destination net unreachable.
Reply from 192.168.69.3: Destination net unreachable.

Ping statistics for 192.168.69.3:
     Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Control-C
^C

MIKEDEV02 is on, and is connected to the vpn.

--:MIKEDEV02:--
I can do a tincctl top, and I can see the following:

Tinc      vpn          Nodes:    8  Sort: name        Current

Node                IN pkts   IN bytes   OUT pkts  OUT bytes
MIKEHOMEPC                0          0          0          0
MIKEIPAD                  0          0          0          0
MIKEIPHONE                0          0          0          0
MIKELAPTOP                0          0          0          0
MIKEWORKPC                0          0          0          0
MIKEDEV01                0          0          0          0
MIKEDEV02                0          0          1        208
VPS01PP                   1        208          0          0

I have been watching this top screen for about 2 minutes, and the in out 
bytes flash between this screen and all 0's.
It's constant and does not vary.

tinc.vpn> dump edges
MIKEHOMEPC to VPS01PP at x.232.112.61 port 655 options c weight 115
MIKELAPTOP to VPS01PP at x.232.112.61 port 655 options c weight 343
MIKEWORKPC to VPS01PP at x.232.112.61 port 655 options c weight 46
MIKEDEV01 to VPS01PP at x.232.112.61 port 655 options c weight 76
MIKEDEV02 to VPS01PP at x.232.112.61 port 655 options c weight 87
VPS01PP to MIKEHOMEPC at x.241.100.155 port 655 options c weight 115
VPS01PP to MIKELAPTOP at x.241.100.155 port 655 options c weight 343
VPS01PP to MIKEWORKPC at x.62.187.113 port 655 options c weight 46
VPS01PP to MIKEDEV01 at x.62.187.113 port 655 options c weight 76
VPS01PP to MIKEDEV02 at x.62.187.113 port 655 options c weight 87
tinc.rgdevvpn>

 From this screen, it seems that MIKEHOMEPC is only accessible via VPS01PP?

tinc.rgdevvpn> dump reachable nodes
MIKEHOMEPC at x.241.100.155 port 655 cipher 91 digest 64 maclength 4 
compression 0 options c status 0018 nexthop VPS01PP via MIKEHOMEPC 
distance 2 pmtu 1451 (min 0 max 1518)
MIKELAPTOP at x.241.100.155 port 655 cipher 91 digest 64 maclength 4 
compression 0 options c status 0018 nexthop VPS01PP via MIKELAPTOP 
distance 2 pmtu 1459 (min 0 max 1518)
MIKEWORKPC at x.62.187.113 port 655 cipher 91 digest 64 maclength 4 
compression 0 options c status 0018 nexthop VPS01PP via MIKEWORKPC 
distance 2 pmtu 1459 (min 0 max 1518)
MIKEDEV01 at x.62.187.113 port 655 cipher 0 digest 0 maclength 0 
compression 0 options c status 0018 nexthop VPS01PP via MIKEDEV01 
distance 2 pmtu 1518 (min 0 max 1518)
MIKEDEV02 at MYSELF port 655 cipher 0 digest 0 maclength 0 compression 0 
options 200000c status 0018 nexthop MIKEDEV02 via MIKEDEV02 distance 0 
pmtu 1518 (min 0 max 1518)
VPS01PP at x.232.112.61 port 655 cipher 91 digest 64 maclength 4 
compression 0 options c status 009a nexthop VPS01PP via VPS01PP distance 
1 pmtu 1459 (min 1459 max 1459)
tinc.rgdevvpn>

When I disconnect MIKEDEV02 from the VPN, and reconnect (restarting the 
windows service), it works as expected until I've logged off and 
finished what I was doing. Log back on, and I can't connect. I can 
probably provide some debugging output and config shortly, if the reason 
isn't obvious.

Any thoughts?

Thanks.

Mike
Permalink | Reply | 1 comment |
headers
Rene Bartsch | 11 May 2013 17:08
Picon

Changes in Makefile/dependencies between Tine 1.0.16 and 1.0.21?

Hi,

currently there is a bug report about CVE-2013-1428 in Ubuntu (https://bugs.launchpad.net/ubuntu/+source/tinc/+bug/1174763). Are there any changes in Makefile or dependencies which make it necessary to adjust a packaging system or does it suffice to adjust version numbers and source-code url?

Thanx,

Renne

<div><div dir="ltr">
<div>
<div>Hi,<br><br>
</div>currently there is a bug report about CVE-2013-1428 in Ubuntu (<a href="https://bugs.launchpad.net/ubuntu/+source/tinc/+bug/1174763">https://bugs.launchpad.net/ubuntu/+source/tinc/+bug/1174763</a>). Are there any changes in Makefile or dependencies which make it necessary to adjust a packaging system or does it suffice to adjust version numbers and source-code url?<br><br>
</div>Thanx,<br><br>Renne<br><br>
</div></div>
Permalink | Reply | 1 comment |
headers
Rene Bartsch | 11 May 2013 13:00
Picon

Environment variables in tinc.conf?

Hi,

even with only five nodes one looses track of changed configs and host files after adding/removing a node or changing the config (e.g. ConnectTo). It would be great if one can just copy a default tinc.conf to all nodes. Show-stoppers are the ConnectTo- and Name-options. ConnectTo is be replaced by Autoconnect, but one still needs to set the Name of a node. Using environment variables in tinc.conf like $HOSTNAME would simplify matters.

Is it possible to use environment variables in tinc.conf? If not, this is a feature request to enable enviroment variables in tinc.conf or add a flag "HOST" to the Name option (Name = HOST) which resolves the hostname as node name.

Thanx

Renne
<div><div dir="ltr">
<div>
<div>Hi,<br><br>even with only five nodes one looses track of changed configs and host files after adding/removing a node or changing the config (e.g. ConnectTo). It would be great if one can just copy a default tinc.conf to all nodes. Show-stoppers are the ConnectTo- and Name-options. ConnectTo is be replaced by Autoconnect, but one still needs to set the Name of a node. Using environment variables in tinc.conf like $HOSTNAME would simplify matters.<br><br>
</div>Is it possible to use environment variables in tinc.conf? If not, this is a feature request to enable enviroment variables in tinc.conf or add a flag "HOST" to the Name option (Name = HOST) which resolves the hostname as node name.<br><br>
</div>Thanx<br><br>Renne<br>
</div></div>
Permalink | Reply | 1 comment |
headers
Nick Hibma | 10 May 2013 21:46
Favicon
Gravatar

ARP resolution not done from one end

Folks,

We have a setup where each mobile node connects with 1 or more tinc instances (over different links) to a
central node. tinc is running in switch mode. The link is chosen by setting the IP address on the active
link's interface, and the central node sees this after the first packet on the link, and moves the MAC
address to a different 'ethernet port' (link). This works really well, and keeps webmal sessions alive on
a moving ship (VSat -> 3G -> VSat).

We have changed our setup and now the tunnel becomes idle for long periods of time. The problem is that the
central node expires it's ARP table entry for the node. tinc is not forwarding ARP requests over the link /
links. After doing 1 ping from the mobile node to the central node the ARP entry is there again as that end
does forward ARP requests, and things are back to normal. The roaming node seems to initiate ARP
resolution, while the central node does not.

Any points as to why the central tinc is not doing / able to do the ARP request?

tinc.conf on the central node:

Device = /dev/tap1
Name = centralnode
Mode = switch
DirectOnly = yes
TunnelServer = yes
PingInterval = 60
PingTimeout = 15
ReplayWindow = 0

BindToAddress = 192.168.50.82
BindToAddress = 192.168.50.84
BindToAddress = 192.168.50.83

tap1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=80000<LINKSTATE>
	ether 42:00:00:00:00:00
	inet 192.168.51.1 netmask 0xffffff00 broadcast 192.168.51.255
	Opened by PID 51917

tinc.conf for the first link on the mobile node:

Name = mobilenode1_1
ConnectTo = centralnode
PrivateKeyFile = /usr/local/etc/tinc/VSat/rsa_key.priv.mobilenode1_1

Device = /dev/tap1
Mode = switch

DirectOnly = Yes
TunnelServer = Yes
PingTimeout = 15
ReplayWindow = 0

tap1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=80000<LINKSTATE>
	ether 42:00:00:00:01:bf
	inet 192.168.51.191 netmask 0xffffff00 broadcast 192.168.51.255
	Opened by PID 1018
tap2: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=80000<LINKSTATE>
	ether 42:00:00:00:02:bf
	Opened by PID 1026
etc.

Regards,

Nick Hibma
AnyWi Technologies
Permalink | Reply | 5 comments |
headers
noyfound | 10 May 2013 17:49
Picon

Iptables rules and internet access problems

Hello,

I have faced some problems :

1. With iptables running i can't ping my tincvpn server but as i turn it off i can. i have added all rules mentioned in examples but no success.

2. I want to get internet access on the client which is a win 7 computer using tincVPN but i gained no success either (i can't use bridges because server is a VPS using OpenVZ)

so any advice for solving this two problems is really appreciated

Server :
OS : centos 6.4 32bit

tinc.conf :
Name = server
AddressFamily = ipv4
Interface = tun0

Client :
OS : win 7 x64

tinc.conf :
Name = client
AddressFamily = ipv4
Interface = mytinc
ConnectTo = server

Hosts files :
Server :
Address = 69.*.*.*
Subnet = 10.0.0.1/32
== pubkey ==

Client :
Subnet = 10.0.0.2/32
== pubkey ==
<div><div dir="ltr">
<span>Hello,</span><div><br></div>
<div>I have faced some problems :</div>
<div><br></div>
<div>1. With iptables running i can't ping my tincvpn server but as i turn it off i can. i have added all rules mentioned in examples but no success.</div>
<div><br></div>
<div>2. I want to get internet access on the client which is a win 7 computer using tincVPN but i gained no success either (i can't use bridges because server is a VPS using OpenVZ)</div>
<div><br></div>
<div>so any advice for solving this two problems is really appreciated</div>
<div>
<br>
</div>
<div>Server :</div>
<div>OS : centos 6.4 32bit</div>
<div>
<br>
</div>
<div>tinc.conf :</div>
<div>
<div>Name = server</div>
<div>AddressFamily = ipv4</div>
<div>Interface = tun0</div>
<div><br></div>
<div>Client :</div>
<div>OS : win 7 x64</div>
<div><br></div>
<div>tinc.conf :</div>
<div>
<div>Name = client</div>
<div>AddressFamily = ipv4</div>
<div>Interface = mytinc</div>
<div>ConnectTo = server</div>
<div><br></div>
<div>Hosts files :</div>
<div>Server :</div>
<div>
<div>Address = 69.*.*.*</div>
<div>Subnet =&nbsp;<a href="http://10.0.0.1/32" target="_blank">10.0.0.1/32</a>
</div>
<div>== pubkey ==</div>
<div><br></div>
<div>Client :</div>
<div>Subnet =&nbsp;<a href="http://10.0.0.2/32" target="_blank">10.0.0.2/32</a><br>
</div>
<div>== pubkey ==</div>
</div>
</div>
</div>
</div></div>
Permalink | Reply | 1 comment |
headers
Andrew Armstrong | 3 May 2013 01:02
Picon
Gravatar

Re: Simple Class A VPN Guide - Problems

Thanks Donald. I'm confused as to why my previous 10/8 range would not work in this case?

Surely I'm just asking tinc for a huge address range but only using two addresses, (similar to your example), yet mine does not work.

Sent from my iPhone

On 03/05/2013, at 1:49 AM, Donald Pearson <donaldwhpearson <at> gmail.com> wrote:

As an example, one of the setups I ran was 2 sites, reach with a local /24.  Tinc subnets were configured on each side with a /25 inside of the local /24.  Any devices that you would wish to participate in the VPN, you'd provision with an IP inside of the /25.  Otherwise provision it inside of the /24.  The devices themselves would still use a /24 mask but the VPN would only expose half of that range due to it's /25 configuration.

In that way for any one site, all local devices could communicate with all other local devices, and 1/2 of the IP range of the remote site through the VPN.


On Thu, May 2, 2013 at 11:04 AM, Guus Sliepen <guus-NnCthlHDAqpg9hUCZPvPmw@public.gmane.org> wrote:
On Fri, May 03, 2013 at 12:51:34AM +1000, Andrew Armstrong wrote:

> Thanks Guus, I will try this shortly. Can you elaborate on when an actual
> subnet of (say) 10.0.0.0/8 would ever be used (or things other than a /32
> address).

You typically use things other than a /32 when you have a LAN connected to a
node running tinc, and you want to make the whole LAN part of the VPN.

See for example the configuration described in the manual:

http://tinc-vpn.org/documentation/tinc_4.html#Example-configuration

--
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus <at> tinc-vpn.org>

_______________________________________________
tinc mailing list
tinc-NnCthlHDAqpg9hUCZPvPmw@public.gmane.org
http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc


_______________________________________________
tinc mailing list
tinc-NnCthlHDAqpg9hUCZPvPmw@public.gmane.org
http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
<div>
<div>Thanks Donald. I'm confused as to why my previous 10/8 range would not work in this case?</div>
<div><br></div>
<div>Surely I'm just asking tinc for a huge address range but only using two addresses, (similar to your example), yet mine does not work.</div>
<div>
<br>Sent from my iPhone</div>
<div>
<br>On 03/05/2013, at 1:49 AM, Donald Pearson &lt;<a href="mailto:donaldwhpearson@...">donaldwhpearson <at> gmail.com</a>&gt; wrote:<br><br>
</div>
<div></div>
<blockquote type="cite">
<div>
<div dir="ltr">As an example, one of the setups I ran was 2 sites, reach with a local /24. &nbsp;Tinc subnets were configured on each side with a /25 inside of the local /24. &nbsp;Any devices that you would wish to participate in the VPN, you'd provision with an IP inside of the /25. &nbsp;Otherwise provision it inside of the /24. &nbsp;The devices themselves would still use a /24 mask but the VPN would only expose half of that range due to it's /25 configuration.<div>

<br>
</div>
<div>In that way for any one site, all local devices could communicate with all other local devices, and 1/2 of the IP range of the remote site through the VPN.</div>
</div>
<div class="gmail_extra">
<br><br><div class="gmail_quote">On Thu, May 2, 2013 at 11:04 AM, Guus Sliepen <span dir="ltr">&lt;<a href="mailto:guus@..." target="_blank">guus@...</a>&gt;</span> wrote:<br><blockquote class="gmail_quote">

<div class="HOEnZb"><div class="h5">On Fri, May 03, 2013 at 12:51:34AM +1000, Andrew Armstrong wrote:<br><br>
&gt; Thanks Guus, I will try this shortly. Can you elaborate on when an actual<br>
&gt; subnet of (say) <a href="http://10.0.0.0/8" target="_blank">10.0.0.0/8</a> would ever be used (or things other than a /32<br>
&gt; address).<br><br>
</div></div>You typically use things other than a /32 when you have a LAN connected to a<br>
node running tinc, and you want to make the whole LAN part of the VPN.<br><br>
See for example the configuration described in the manual:<br><br><a href="http://tinc-vpn.org/documentation/tinc_4.html#Example-configuration" target="_blank">http://tinc-vpn.org/documentation/tinc_4.html#Example-configuration</a><br><div class="HOEnZb"><div class="h5">
<br>
--<br>
Met vriendelijke groet / with kind regards,<br>
&nbsp; &nbsp; &nbsp;Guus Sliepen &lt;<a href="mailto:guus@...">guus <at> tinc-vpn.org</a>&gt;<br>
</div></div>
<br>_______________________________________________<br>
tinc mailing list<br><a href="mailto:tinc@...">tinc@...</a><br><a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_blank">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a><br><br>
</blockquote>
</div>
<br>
</div>
</div>
</blockquote>
<blockquote type="cite"><div>
<span>_______________________________________________</span><br><span>tinc mailing list</span><br><span><a href="mailto:tinc@...">tinc@...</a></span><br><span><a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a></span><br>
</div></blockquote>
</div>
Permalink | Reply | 3 comments |
headers
Andrew Armstrong | 2 May 2013 15:10
Picon
Gravatar

Simple Class A VPN Guide - Problems

Hey guys,

Stumbled upon tinc a few days ago - looks great.

I'm having trouble setting up a simple VPN between two machines that are unfirewalled, one is a physical machine and another is a local VM.

I can connect to them via their existing LAN IPs and ping them without issue with < 1ms.

1) I have WinA (Windows host - existing LAN IP 192.168.137.1) and LinuxB (Linux host - existing LAN IP 192.168.137.150)
2) I want them to exist in a Class A address of 10.0.0.1 and 10.0.0.2
3) I have a netname of "vpn" chosen. I am using 1.0 on LinuxB and 1.1 on WinA.

WinA has this /vpn/tinc.conf:
---
Name = WinA
AddressFamily = ipv4
ConnectTo = LinuxB
PrivateKeyFile = c:\Program Files (x86)\tinc\vpn\rsa_key.priv
---

LinuxB has this /vpn/tinc.conf:
---
Name = LinuxB
AddressFamily = ipv4
PrivateKeyFile = /etc/tinc/vpn/rsa_key.priv
---

4) My hosts files on both hosts are:
/vpn/hosts/WinA:
Address = 192.168.137.1
Subnet = 10.0.0.0/8

/vpn/hosts/LinuxB:
Address = 192.168.137.150
Subnet = 10.0.0.0/8

5) My WinA host has the following network adapter settings chosen:
IP Address: 10.0.0.1
Netmask: 255.0.0.0
Default Gateway: blank

6) My LinuxB host has the following tinc-up command:
#!/bin/sh
ifconfig $INTERFACE 10.0.0.2 netmask 255.0.0.0

7) I can establish a connection (supposedly?) between the two hosts:

Pretty confused why this is not working.

Cheers,
Andrew

<div><div dir="ltr">Hey guys,<div><br></div>
<div>Stumbled upon tinc a few days ago - looks great.</div>
<div><br></div>
<div>I'm having trouble setting up a simple VPN between two machines that are unfirewalled, one is a physical machine and another is a local VM.</div>

<div><br></div>
<div>I can connect to them via their existing LAN IPs and ping them without issue with &lt; 1ms.</div>
<div><br></div>
<div>1) I have WinA (Windows host - existing LAN IP 192.168.137.1) and LinuxB (Linux host - existing LAN IP 192.168.137.150)</div>

<div>2) I want them to exist in a Class A address of 10.0.0.1 and 10.0.0.2</div>
<div>3) I have a netname of "vpn" chosen. I am using 1.0 on LinuxB and 1.1 on WinA.</div>
<div><br></div>
<div>

WinA has this /vpn/tinc.conf:</div>
<div>
<div>---</div>
<div>Name = WinA</div>
<div>AddressFamily = ipv4</div>
<div>ConnectTo = LinuxB</div>
<div>PrivateKeyFile = c:\Program Files (x86)\tinc\vpn\rsa_key.priv</div>
<div>---</div>

<div><br></div>
<div>LinuxB has this /vpn/tinc.conf:</div>
<div>---</div>
<div>Name = LinuxB</div>
<div>AddressFamily = ipv4</div>
<div>PrivateKeyFile = /etc/tinc/vpn/rsa_key.priv</div>
<div>

---</div>
<div><br></div>
<div>4) My hosts files on both hosts are:</div>
<div>/vpn/hosts/WinA:</div>
<div>Address = 192.168.137.1</div>
<div>Subnet = <a href="http://10.0.0.0/8">10.0.0.0/8</a>
</div>

<div><br></div>
<div>/vpn/hosts/LinuxB:</div>
<div>Address = 192.168.137.150</div>
<div>Subnet = <a href="http://10.0.0.0/8">10.0.0.0/8</a>
</div>
<div><br></div>
<div>5) My WinA host has the following network adapter settings chosen:</div>

<div>IP Address: 10.0.0.1</div>
<div>Netmask: 255.0.0.0</div>
<div>Default Gateway: blank<br>
</div>
<div><br></div>
<div>6) My LinuxB host has the following tinc-up command:</div>
<div>#!/bin/sh</div>

<div>ifconfig $INTERFACE 10.0.0.2 netmask 255.0.0.0</div>
<div><br></div>
<div>7) I can establish a connection (supposedly?) between the two hosts:</div>
<div>
<a href="http://pastebin.com/K8W9wnsr">http://pastebin.com/K8W9wnsr</a><br>
</div>
<div><br></div>
<div>Pretty confused why this is not working.</div>
<div><br></div>
<div>Cheers,</div>
<div>Andrew</div>
<div><br></div>
</div>
</div></div>
Permalink | Reply | 4 comments |
headers
Mike Bentzen | 27 Apr 2013 04:27
Picon

Re: Install Tinc in iPhone / iPad.

Yes, the tun module is included.

I'll recompile the latest version of tinc for iphone/ipad and make it available soon. Just on my way home at
the moment.

Please excuse my brevity. Sent from my iPhone.

On 27/04/2013, at 2:30, Ramses II <ramses.sevilla <at> gmail.com> wrote:

> Hi Mike,
> 
> 2013/4/26 Mike Bentzen <mike <at> bentzen.com.au>:
>> Hey,
>> 
>> I've successfully compiled tinc for iPad and iPhone and packaged for cydia. Unfortunately, I don't have
any web space to host the deb files for cydia. I will try to find somewhere to host them.
>> 
>> Mike
> 
> Yes, Mike, I have seen it in your blog... :-)
> 
> A question: The package installs the tun module too?
> 
> Please, send it to Guus and He will put it on the Tinc page.
> 
> 
> Best regards,
> 
> Ramsés
> 
>> Please excuse my brevity. Sent from my iPhone.
>> 
>> On 26/04/2013, at 9:10, Ramses II <ramses.sevilla <at> gmail.com> wrote:
>> 
>>> Hi everybody,
>>> 
>>> I have seen in some sites that Tinc can be downloaded and installed from Cydia, but I have tried and it not
appear in Cydia.
>>> 
>>> Knows somebody if I need add a special repo to Cydia to download and install tunemu and tinc?
>>> 
>>> Do I need download both sources and compile them?
>>> 
>>> Or do I have another way to install both packages?
>>> 
>>> 
>>> Best resgards,
>>> 
>>> Ramsés
>>> _______________________________________________
>>> tinc mailing list
>>> tinc <at> tinc-vpn.org
>>> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>> 
>> _______________________________________________
>> tinc mailing list
>> tinc <at> tinc-vpn.org
>> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
> _______________________________________________
> tinc mailing list
> tinc <at> tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc

_______________________________________________
tinc mailing list
tinc <at> tinc-vpn.org
http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
Permalink | Reply | 3 comments |

Gmane