Tinc behind firewall?
Guus Sliepen
guus at sliepen.warande.net
Thu Mar 8 12:17:46 CET 2001
On Thu, Mar 08, 2001 at 11:51:53AM +0100, Marcel Loesberg wrote:
> I'm going to build a VPN and I want to use either Tinc or FreeS/WAN.
> I've started building the VPN with FreeS/WAN and I find things are getting
> rather complicated.
> I looks like Tinc is much easier to configure but in the FAQ and in what I've
> seen of the documentation so far there is no mention of using Tinc from
> behind a firewall.
> Can it be done? Can the Tinc server be behind my corporate firewall?
> If this is possible then I should use Tinc and dump FreeS/WAN :)
Yes, it can be done. You have a number of options:
- install tinc on the firewall (easiest, most practical)
- either allow UDP packets on port 655 to go through the firewall, and install
tinc on a machine behind the firewall
- use the TcpOnly mode (available in tinc 1.0pre2), and install tinc on a
machine behind the firewall. The other tinc daemon however must be
reachable, so you can't have both behind a firewall if they do masquerading.
We hope to get TcpOnly back in pre4.
-------------------------------------------
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at sliepen.warande.net>
-------------------------------------------
See also: http://tinc.nl.linux.org/
http://www.kernelbench.org/
-------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20010308/cbef2b50/attachment.pgp
More information about the Tinc
mailing list