Problem connecting two home networks (Windows/Linux)

lx.mayer at chello.at lx.mayer at chello.at
Sun Mar 11 13:01:33 CET 2018


Hi all,

 

After having read most of the available documentation I still have got
problems interconnecting two networks in router mode:

 

My configuration consists of two private home networks that I want to
connect:

Vienna 192.168.0.0/24  - Internet gateway 192.168.0.1

Berlin 192.168.1.0/24  - Internet gateway 192.168.1.1

 

VPN Devices are configured as 192.168.3.1 (Vienna) and 192.168.3.2 (Berlin)
mask 255.255.0.0

 

Tinc (1.1pre 15) is running on 192.168.0.2 (Windows) and on 192.168.1.4
(Debian, Raspberry)

IP forwarding is activated on the Windows PC (HKEY_LOCAL_MACHINE\ System\
CurrentControlSet\ Services\ Tcpip\ Parameters) and the Raspberry
(net.ipv4.ip_forward = 1).

Port forwarding for port 54321 is enabled on both routers.

 

Configuration files:

 

NodeVienna:

tinc.conf:

--

Name = NodeVienna

ConnectTo = NodeBerlin

Interface = vpn-dev

AddressFamily = ipv4

PrivateKeyFile=C:\Program Files\tinc\MyTincVPN\rsa_key.priv

Mode = router

--

IP config for the TAP-device (Version Windows 9.21.2) vpn-dev:

Static IP: 192.168.3.1 / Subnet mask 255.255.0.0

Firewall exception in place for tinc.exe 

--

NodeBerlin:

Tinc.conf

--

Device=/dev/net/tun

Interface=MyTincVPN-dev

Mode=router

Name=NodeBerlin

AddressFamily=ipv4

PrivateKeyFile=/etc/tinc/MyTincVPN/rsa_key.priv

ConnectTo=NodeVienna

--

tinc-up:

--

#!/bin/sh

ifconfig $INTERFACE 192.168.3.2 netmask 255.255.0.0

--

Host files:

 

Node Vienna:

--

Address=213.x.y.z 

Port=54321

Subnet=192.168.0.0/24

Compression=9

-----BEGIN RSA PUBLIC KEY-----

[removed]

-----END RSA PUBLIC KEY-----

--

NodeBerlin:

--

Address=xxxxx.ddns.net

Port=54321

Subnet=192.168.1.0/24

Compression=9

-----BEGIN RSA PUBLIC KEY-----

[removed]

-----END RSA PUBLIC KEY-----

---------------

Current issue: 

According to the logs (level 5) both nodes are connected, there is a lot of
traffic between them (and looks good): 

On both machines (192.168.0.2 & 192.168.1.4) it is possible to ping the
local VPN IP (192.168.3.1 and 192.168.3.2). A ping to the other VPN results
in a timeout.

 

On 192.168.0.2 a ping to 192.168.3.1 works, a ping to192.168.3.2 generates a
time out.

On 192.168.1.4 a ping to 192.168.3.2 works, a ping to192.168.3.2 results in
destination net nor reachable.

 

Below I attached the routing tables. 

 

It seems to be a routing issue (I found no config example with the same
layout).

 

Thanks in advance for any comment/help.

Alexander 

 

 

IPv4-Routing Tables for 192.168.0.2

===========================================================================

Aktive Routen:

     Dest mask Gateway    Interface metrik

          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.2     25

        127.0.0.0        255.0.0.0   Auf Verbindung         127.0.0.1    331

        127.0.0.1  255.255.255.255   Auf Verbindung         127.0.0.1    331

  127.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    331

      192.168.0.0      255.255.0.0   Auf Verbindung       192.168.3.1    291

      192.168.0.0    255.255.255.0   Auf Verbindung       192.168.0.2    281

      192.168.0.2  255.255.255.255   Auf Verbindung       192.168.0.2    281

    192.168.0.255  255.255.255.255   Auf Verbindung       192.168.0.2    281

      192.168.3.1  255.255.255.255   Auf Verbindung       192.168.3.1    291

  192.168.255.255  255.255.255.255   Auf Verbindung       192.168.3.1    291

        224.0.0.0        240.0.0.0   Auf Verbindung         127.0.0.1    331

        224.0.0.0        240.0.0.0   Auf Verbindung       192.168.3.1    291

        224.0.0.0        240.0.0.0   Auf Verbindung       192.168.0.2    281

  255.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    331

  255.255.255.255  255.255.255.255   Auf Verbindung       192.168.3.1    291

  255.255.255.255  255.255.255.255   Auf Verbindung       192.168.0.2    281

===========================================================================

--

 

 

Routing table for 192.168.1.4

Kernel-IP-Routentabelle

Ziel            Router          Genmask         Flags Metric Ref    Use
Iface

default         192.168.1.1     0.0.0.0         UG    303    0        0
wlan0

192.168.0.0     0.0.0.0         255.255.0.0     U     0      0        0
MyTincVPN-dev

192.168.1.0     0.0.0.0         255.255.255.0   U     303    0        0
wlan0

===

 

 

 

 

 

 

 

 

 



---
Diese E-Mail wurde von Avast Antivirus-Software auf Viren geprüft.
https://www.avast.com/antivirus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20180311/bb423695/attachment.html>


More information about the tinc mailing list