tinc behind CISCO ASA 5506

Guus Sliepen guus at tinc-vpn.org
Sun Jan 15 14:57:20 CET 2017


On Thu, Jan 12, 2017 at 09:27:45PM -0500, Ramesh wrote:

> I have the following setup
> 
> Home - Main Tinc server with public IP running on PfSense
> work - tinc client running behind a CISCO ASA firewall with public IP running on Windows 10
> offsite - tinc client running on tomato router behind a double NAT
> 
> Home & offsite connect & i can see all PCs & devices & connect to them
> easily, on either side
> 
> work to Home or offsite connects (see log below) but i'm unable to connect
> or ping any of the PCs or devices on either side.

The main issue is how packets are routed. What I'm missing is your
tinc-up scripts and for the Windows node, how the VPN interface is
configured.

> work host
> Subnet = 192.168.1.66/32
[...]
> home config on host
> Subnet = 192.168.11.0/24

It looks like you have different subnets at work and home. You have to
configure your home server to send packets for 192.168.1.66/32 to the
VPN interface, and your work computer to send packets for
192.168.11.0/24 to its VPN interface.

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20170115/006de189/attachment.sig>


More information about the tinc mailing list