wireless vpn + nat

Alin-Adrian Anton aanton at reversedhell.net
Wed Nov 26 21:11:04 CET 2003


Guus Sliepen wrote:

>On Mon, Nov 24, 2003 at 12:12:48PM +0200, Alin-Adrian Anton wrote:
>
>  
>
>>Ok I just did that for the windows tinc configuration files, and it's 
>>    
>>
>
>You should do it on the linux router as well.
>
>  
>
>>still the same. VPN is working, but I cannot ping internet sites. Is it 
>>possible to ping them through tinc? I tried subnet = 0.0.0.0, not working.
>>    
>>
>
>Yes it is possible. But I don't know your exact setup, so I can't tell
>you what you're doing wrong.
>
>  
>
Sorry, here are all the details.

1) On the linux router side:

root at fire:/usr/local/etc/tinc# cat tinc.conf
Name = firewall
Device = /dev/net/tun
BindToInterface = eth2
#PrivateKeyFile = /usr/local/etc/tinc/rsa_key.priv
#PublicKeyFile = /usr/local/etc/tinc/hosts/firewall

root at fire:/usr/local/etc/tinc#


root at fire:/usr/local/etc/tinc/hosts# cat firewall
Address = 10.0.1.1
Subnet = 10.0.2.0/24

-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAOhWWbczMI320iC69MOY2NEKREXBoMhovfKdwFC+9R2GJLnQ5JVkt0qi
83pKShi7fZcfz6NyhbJX+L9chvAULYoyJtBT7h6zTjWBcLAwLI6NTOpY4rgugZnp
fZ+IOnY/udKTDWsS7lMxnwt2ZuWzlD+8/SMSm1kILKeUeW/1JnbbAgMBAAE=
-----END RSA PUBLIC KEY-----
root at fire:/usr/local/etc/tinc/hosts#


root at fire:/usr/local/etc/tinc/hosts# cat home
Address = 10.0.1.2
Subnet = 10.0.2.2/32

-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAM67LIDDJpeL7ofihWEZUGSd8MZPTVRPHgKLVD0g4NR11s+ga3RQ56R8
hczXoFsaakTigkNb2lTVsWIW2ZtDl97vVyXk4fJwpYAjybQENJkIm05RSO+8TmwB
spK1LZ3jABfWRc6GjqnzgBOv2JDtFmbNM9deo9+Z+UsMfTsf6o2PAgMBAAE=
-----END RSA PUBLIC KEY-----

root at fire:/usr/local/etc/tinc/hosts#


root at fire:/usr/local/etc/tinc# cat tinc-up
#!/bin/sh

ifconfig tun0 10.0.2.1 netmask 255.255.255.0
root at fire:/usr/local/etc/tinc#




root at fire:/usr/local/etc/tinc# ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:C0:4F:AE:F9:51
          inet addr:81.196.X.X  Bcast:81.196.X.X  Mask:255.255.255.X
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:534249 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3431 errors:0 dropped:0 overruns:0 carrier:0
          collisions:18 txqueuelen:100
          RX bytes:34886465 (33.2 Mb)  TX bytes:385697 (376.6 Kb)
          Interrupt:12 Base address:0xdc40

eth1      Link encap:Ethernet  HWaddr 00:02:B3:2F:61:1E
          inet addr:10.0.0.1  Bcast:10.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3517 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3591 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:400742 (391.3 Kb)  TX bytes:2803847 (2.6 Mb)
          Interrupt:11 Base address:0x1000

eth2      Link encap:Ethernet  HWaddr 00:04:E2:7F:B5:E8
          inet addr:10.0.1.1  Bcast:10.0.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:427 errors:0 dropped:0 overruns:0 frame:0
          TX packets:114 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:65021 (63.4 Kb)  TX bytes:45736 (44.6 Kb)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

tun0      Link encap:Point-to-Point Protocol
          inet addr:10.0.2.1  P-t-P:10.0.2.1  Mask:255.255.255.0
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:201 errors:0 dropped:0 overruns:0 frame:0
          TX packets:49 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:10
          RX bytes:23447 (22.8 Kb)  TX bytes:37327 (36.4 Kb)




2) On the windows 2000 side:

in hosts/firewall:

Address = 10.0.1.1
Subnet = 10.0.2.1/24
Subnet = 10.0.1.1
----BEGIN RSA
----END



in hosts/home:

Address = 10.0.1.2
Subnet = 10.0.2.2/32
Subnet = 10.0.1.2
----BEGIN RSA
----END

tinc.conf:
Name = home
ConnectTo = firewall
Interface = VPN

    Ok, i hope this information is complete, and that it will enable you 
to help me. I thank you again, and I appologise for the delay.

    Best Regards,
Alin-Adrian Anton.

Tinc:         Discussion list about the tinc VPN daemon
Archive:      http://mail.nl.linux.org/lists/
Tinc site:    http://tinc.nl.linux.org/




More information about the Tinc mailing list