Routing through vpn

Loïc Grenié loic.grenie at gmail.com
Sun Oct 11 14:26:04 CEST 2009


2009/10/11 Guus Sliepen <guus at tinc-vpn.org>:
> On Sun, Oct 11, 2009 at 01:13:23PM +0200, Loïc Grenié wrote:
>
>>      I've an up and running tinc vpn between my laptop and my office computer
>>   (on which I've root access if needs be). From where I'm sitting right now, UDP
>>   packets are dropped. TcpOnly has solved the problem for the tinc part and
>>   I can still connect to my office. I'd like to access some important
>>   <cough>irc</cough> UDP-only services. Do I have a possibility to route
>>   those UDP packets through tinc ?
>
> TCPOnly does not affect packets inside the VPN, it only affects how tinc
> tunnels those packets. So you don't need to do anything extra to route UDP
> packets through tinc, that will always work.
>
> IRC itself runs over TCP by the way.

    Indeed this is not IRC but google-chat, sip and friends.

>> I've tried to add SubNet = <destination host>
>>   in the /etc/tinc/vpn/hosts/office-computer file
>>   and run a
>> route add -host <destination host> dev vpn
>>   on the laptop, but it does not seem to work.
>
> This looks correct, at least tinc will route packets for <destination host>
> correctly. But can packets from <destination host> be routed back to your
> laptop? If you want to use the office computer to bypass firewalls in front of
> your laptop, and to be able to connect to some Internet host unrestricted, you
> probably need to set up masquerading on the office computer.

     Of course you are correct. I'll try it.

     Thanks a lot,

            Loïc


More information about the tinc mailing list