Cannot Ping after successful connection?
Michael Munger
michael at highpoweredhelp.com
Tue Mar 11 22:12:47 CET 2014
Great catch on the Mint202 bit (of course it was a great catch. You wrote this software!).
Here's the cat. It doesn't have any directives other than the RSA key, which may be a problem. But, I have tried it with the Name=Mint202 and Subnet= directives with the same results. However, I have always put the subnet in as the IP range, which you have advised against. I am going to change the subnet to a single IP as you suggested, and I'll advise on my progress.
For historical reference, here's what Mint202 had when I sent my configs a few minutes ago.
root at web-services:/etc/tinc/webservices/hosts# cat Mint202
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAzkkYpNIWSrm1kNXQ9PXYZR4SALGUtDY/iKHVGF2oqvsoKhl5hENi
iNw9QqUtKUSDuJxP8w2AbeHBYaqr9kVyw3c/2Vzp1oGIxpbtMRcSEDJUcgJlpNeJ
8iEvjEPUiliLNrfnpu7dEk8gT6Fu+b9PR1n/5JnLueny3i0p8+qbA5/z4KUqVQCH
nQqcDQ+8DY2Otrljae6YwEMgtShtUNA6nkUfJ61Y/2UITL6RQP7rAXbn3kJYozm/
gjJPQhW0oUlTSFwM2qziGIj68KrUXBj6V3VjInuVdAgFii6B2aXI+qUst705B/Bw
+BZIsQxiKNruU+gi/+aQx2mtP2YPiTYk1QIDAQAB
-----END RSA PUBLIC KEY-----
Thanks again for an awesome package.
-Michael
________________________________________
From: tinc [tinc-bounces at tinc-vpn.org] on behalf of Guus Sliepen [guus at tinc-vpn.org]
Sent: Tuesday, March 11, 2014 4:31 PM
To: tinc at tinc-vpn.org
Subject: Re: Cannot Ping after successful connection?
On Tue, Mar 11, 2014 at 08:21:42PM +0000, Michael Munger wrote:
> I apologize for the TLDR-style email, but I wanted to demonstrate that I have done a lot of work (11 hours and at least 8 tutorials including the tinc docs) before asking for help.
No problem, you clearly explained your intentions, the setup and the
configuration files, that really helps.
> My basic problem is this: tinc appears to properly connect and authenticate
> the client to the server, but I cannot ping or access resources.
[...]
> root at web-services:/etc/tinc/webservices/hosts# cat webservices
> Compression=9
> Subnet=192.168.98.0/24
> Address=173.165.161.166
>
> root at web-services:/etc/tinc/webservices# cat tinc-up
> #!/bin/bash ifconfig $INTERFACE 192.168.98.1 NETMASK 255.255.255.0
[...]
> root at michael-desktop:/etc/tinc/webservices/hosts#cat webservices
> Compression=9
> Subnet=192.168.98.0/24
> Address=173.165.161.166
I assume you meant to cat Mint202 here, but I suspect that you have
Subnet=192.168.98.0/24 in hosts/Mint202 as well.
The Subnet statements should not contain the address range of the whole VPN,
but rather that part of the range that belongs to each individual node. So, you
should have Subnet=192.168.98.1 in hosts/webservices, and Subnet=192.168.98.2
in hosts/Mint202.
Other than that, your configuration looks fine, and you should not have to
change anything else.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
More information about the tinc
mailing list