tinc woes (connection established, possible routing issues)
Chris Martino
cem at console.org
Mon Aug 19 23:03:26 CEST 2002
Hi Guus,
Thanks for the quick reply. I think I would like to go with option b
since the office network is primarily windows based, and I'm sure joel
would like to access the shares, etc.
With that in mind, how does one go about creating a "bridge" device on
both sides? Is this something that is mentioned in the docs?
Thanks,
Chris
On Mon, 19 Aug 2002, Guus Sliepen wrote:
> On Mon, Aug 19, 2002 at 02:03:12PM -0400, Chris Martino wrote:
>
> > I'm trying to use tinc to establish a vpn between two linux boxes. The
> > keys are shared and the connection gets established, but I can't seem to
> > ping either side. One side is strictly a server for the client to connect
> > to. It has a public IP, and the private IP subnet which it's trying to
> > "share" to the client. It's a pretty simple and straight forward setup.
> > Configurations are below...
> >
> > Server Side Client Side
> > / \ / \
> > Public IP Private Subnet Private IP
> > 168.215.110.xxx --- 63.140.157.0/24 --- 63.140.157.230 ... --- 63.140.157.231 --- Client IP
>
> Since 63.140.157.231 falls within 63.140.157.0/24, this is a slightly
> complicated setup. You have two options:
>
> a) Run a proxy arp daemon for 63.140.157.231 on the private subnet (on
> the same host as tinc runs) and add "Subnet = 63.140.157.231" to
> hosts/joel. You also need to ifconfig the tun interface properly in the
> tinc-up scripts.
>
> b) Run tinc in bridging mode by adding "Mode = bridge" to tinc.conf.
> Create bridge devices on both sides and attach the interface of the
> private net to the tun interface.
>
> The first solution is easier, but the second will allow you to browse
> the Windows network neighbourhood from joel, and will also allow you to
> run IPX applications or applications that use multicast or broadcast
> packets.
>
> --
> Met vriendelijke groet / with kind regards,
> Guus Sliepen <guus at sliepen.eu.org>
>
Tinc: Discussion list about the tinc VPN daemon
Archive: http://mail.nl.linux.org/lists/
Tinc site: http://tinc.nl.linux.org/
More information about the Tinc
mailing list