Simple Dial In Setup

Guus Sliepen guus at tinc-vpn.org
Mon Nov 16 15:23:22 CET 2009


On Mon, Nov 16, 2009 at 09:02:33AM +0100, Matthias Redl wrote:

> From what I've read so far I believe that the VPN must always have a
> different IP Subnet than the private LAN itself, and therefor use
> routing.

That is not true. The only problem is when you want clients use IP addresses
from the private LAN in router mode, that is difficult to set up.

>  Is that correct? But I would actually prefer to assign IPs from
> our current LAN to the VPN Clients.
> 
> Our current ip setup: 
> Local servers and printers: 192.168.139.1 - 192.168.139.99
> Local DHCP range for workstations: 192.168.139.100 - 192.168.139.200
> 
> My wish would be to assign IPs starting with 192.168.139.201 to VPN
> users (either manually or better also via DHCP / tinc). From what I have
> read maybe the switch setup might fit, but I'm currently a bit lost.
> 
> Is that possible? If yes, is one of the sample setups adequate for me?.

Yes, that is possible. Indeed, you want to use switch mode, and on the server
bridge the VPN interface to the private LAN interface. This is described in
http://tinc-vpn.org/examples/bridging/. On the client side you can then use
DHCP to get an IP address from the DHCP server on the private LAN. You do have
to make sure that the default gateway provided by the DHCP server on the VPN
does not get a higher priority than that of the LAN the clients are on.

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20091116/29327aa2/attachment.pgp>


More information about the tinc mailing list