tinc vs. ipchains masquerading

Fredrik Björk Fredrik.Bjork.List at varbergenergi.se
Mon Mar 4 11:05:30 CET 2002


At 13:25 2002-03-03 -0500, you wrote:

>I am trying to duplicate the "tinc from behind a masquerading firewall"
>example from the tinc web site:
>
>   (home)       <--> (masquerading firewall) <--> (office)
>   192.168.1.21      192.168.1.1/1.2.3.4          4.3.2.1
>...
>Which is, of course, true.  One end of the vpn is behind a masquerading
>firewall, so outbound packets from my house get rewritten at the firewall.
>I haven't yet figured out a way around this problem.


One way to get around it is to upgrade to kernel 2.4 and use iptables which 
doesn't change the source port unless necessary.

I'm working on a mini-HOWTO for the exact same setup, and if you wish, I 
can mail it to you. It doesn't cover iptables in detail, but gives you an 
example of how to solve the above problem.

/Fredrik

Tinc:         Discussion list about the tinc VPN daemon
Archive:      http://mail.nl.linux.org/lists/
Tinc site:    http://tinc.nl.linux.org/




More information about the Tinc mailing list