No reason comes to mind for me right now, as to why your traffic would not get past the LAN interface. I think that Guus certainly has a good point, your traffic from the client may very well be getting to the server and beyond, but those devices don't know how to send that traffic back.<br>
<br>Is there any way for you to sniff packet at your server's internet gateway for example, and see if you can see those ICMP packets from your client coming down the wire? <br><br><div class="gmail_quote">On Tue, Nov 17, 2009 at 5:23 PM, Robert Spraggs <span dir="ltr"><<a href="mailto:rspraggs@aegissystems.com">rspraggs@aegissystems.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div bgcolor="#ffffff" text="#000000">
Thanks for the help. I am getting closer. I decided to simplify my
testing and put the server on an XP box and enabled the IP Routing. I
can now ping from the client to the LAN interface (192.168.2.115) on
the server, but it is not allowing me to ping anything further than
that.<br>
<br>
Any suggestions?<br><font color="#888888">
<br>
Robert</font><div><div></div><div class="h5"><br>
<br>
Donald Pearson wrote:
<blockquote type="cite">True, but it's one piece of the puzzle.<br>
<br>
Now I would use <a href="http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/pathping.mspx?mfr=true" target="_blank">pathping</a>
with the -i switch sourcing your TAP adapter, and see what happens when
you try to get out. <br>
<br>
<div class="gmail_quote">On Tue, Nov 17, 2009 at 2:24 PM, Robert
Spraggs <span dir="ltr"><<a href="mailto:rspraggs@aegissystems.com" target="_blank">rspraggs@aegissystems.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div bgcolor="#ffffff" text="#000000">It was not enabled. I enabled
it, but I guess I am going to have to
figure out how to get the TAP to route through the LAN interface. The
server is a Windows 2003 box, so it's likely going to be much more
complicated than a simple registry switch.<br>
<br>
Thanks for the help<br>
<br>
Robert<br>
<br>
Donald Pearson wrote:
<blockquote type="cite">
<div>
<div> Did you enable IP routing on your server?<br>
<br>
If you see my ipconfig/all below, you'll see that IP routing is not
enabled on my computer, therefore if it will not act as a gateway or a
router to other networks.<br>
<br>
Microsoft Windows [Version 6.1.7100]<br>
Copyright (c) 2009 Microsoft Corporation. All rights reserved.<br>
<br>
C:\Users\Donald>ipconfig /all<br>
<br>
Windows IP Configuration<br>
<br>
Host Name . . . . . . . . . . . . : Cosmos<br>
Primary Dns Suffix . . . . . . . :<br>
Node Type . . . . . . . . . . . . : Hybrid<br>
IP Routing Enabled. . . . . . . . : No<br>
WINS Proxy Enabled. . . . . . . . : No<br>
<br>
Ethernet adapter Local Area Connection:<br>
<br>
Connection-specific DNS Suffix . :<br>
<br>
<div class="gmail_quote">On Tue, Nov 17, 2009 at 1:13 PM, Robert
Spraggs <span dir="ltr"><<a href="mailto:rspraggs@aegissystems.com" target="_blank">rspraggs@aegissystems.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hello
All,<br>
<br>
I took a break from trying to get Tinc working and have come back to it<br>
now with the release of 1.0.11. I have 2 Windows computers connected<br>
behind firewalls and everything seems to be correct, except I cannot<br>
seem to get any data past the server TAP interface. I can ping the<br>
Server TAP interface from the client, but no data will move through the<br>
TAP interface to the Internet. I have put my information below in hopes<br>
that someone can help find the answer. I know it has to be something<br>
simple, but I can't figure it out.<br>
<br>
Thanks for the help.<br>
<br>
Client:<br>
Firewall Internet Interface: 96.50.224.239<br>
Firewall LAN Interface: 192.168.1.2<br>
LAN: 192.168.1.108 netmask 255.255.255.0 gw 192.168.1.2<br>
TAP: 10.2.1.12 netmask 255.255.0.0<br>
<br>
Address=96.50.224.239<br>
Subnet=<a href="http://10.2.1.12/32" target="_blank">10.2.1.12/32</a><br>
<br>
Routing table:<br>
===========================================================================<br>
Interface List<br>
0x1 ........................... MS TCP Loopback interface<br>
0x2 ...00 ff d3 00 a9 49 ...... TAP-Win32 Adapter V9<br>
0x3 ...00 13 20 ab 73 df ...... Intel(R) PRO/100 VE Network Connection -<br>
Packet Scheduler Miniport<br>
===========================================================================<br>
===========================================================================<br>
Active Routes:<br>
Network Destination Netmask Gateway Interface
Metric<br>
0.0.0.0 0.0.0.0 10.2.54.1 10.2.1.12 3<br>
0.0.0.0 0.0.0.0 192.168.1.2 192.168.1.108
10<br>
10.2.0.0 255.255.0.0 10.2.1.12 10.2.1.12 3<br>
10.2.1.12 255.255.255.255 127.0.0.1 127.0.0.1 3<br>
10.255.255.255 255.255.255.255 10.2.1.12 10.2.1.12 3<br>
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1<br>
192.168.1.0 255.255.255.0 192.168.1.108 192.168.1.108
10<br>
192.168.1.108 255.255.255.255 127.0.0.1 127.0.0.1
10<br>
192.168.1.255 255.255.255.255 192.168.1.108 192.168.1.108
10<br>
224.0.0.0 240.0.0.0 10.2.1.12 10.2.1.12 3<br>
224.0.0.0 240.0.0.0 192.168.1.108 192.168.1.108
10<br>
255.255.255.255 255.255.255.255 10.2.1.12 10.2.1.12
1<br>
255.255.255.255 255.255.255.255 192.168.1.108 192.168.1.108
1<br>
Default Gateway: 10.2.54.1<br>
===========================================================================<br>
Persistent Routes:<br>
None<br>
<br>
Server:<br>
Firewall Internet Interface: 96.50.224.241<br>
Firewall LAN Interface: 192.168.2.2<br>
LAN: 192.168.2.115 netmask 255.255.255.0 gw 192.168.2.2<br>
TAP: 10.2.54.1 netmask 255.255.0.0<br>
<br>
Address=96.50.224.241<br>
Subnet=<a href="http://10.2.54.1/32" target="_blank">10.2.54.1/32</a><br>
Subnet=<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
<br>
<br>
<br>
IPv4 Route Table<br>
===========================================================================<br>
Interface List<br>
0x1 ........................... MS TCP Loopback interface<br>
0x70003 ...00 1d 09 a0 c2 03 ...... Intel(R) 82562V-2 10/100 Network<br>
Connection<br>
0x70004 ...00 ff 9c d2 29 e7 ...... TAP-Win32 Adapter V9<br>
===========================================================================<br>
===========================================================================<br>
Active Routes:<br>
Network Destination Netmask Gateway Interface
Metric<br>
0.0.0.0 0.0.0.0 192.168.2.2 192.168.2.115
30<br>
0.0.0.0 0.0.0.0 192.168.2.115 10.2.54.1
30<br>
10.2.0.0 255.255.0.0 10.2.54.1 10.2.54.1
30<br>
10.2.54.1 255.255.255.255 127.0.0.1 127.0.0.1
30<br>
10.255.255.255 255.255.255.255 10.2.54.1 10.2.54.1
30<br>
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
1<br>
192.168.2.0 255.255.255.0 192.168.2.115 192.168.2.115
30<br>
192.168.2.115 255.255.255.255 127.0.0.1 127.0.0.1
30<br>
192.168.2.255 255.255.255.255 192.168.2.115 192.168.2.115
30<br>
224.0.0.0 240.0.0.0 10.2.54.1 10.2.54.1
30<br>
224.0.0.0 240.0.0.0 192.168.2.115 192.168.2.115
30<br>
255.255.255.255 255.255.255.255 10.2.54.1 10.2.54.1
1<br>
255.255.255.255 255.255.255.255 192.168.2.115 192.168.2.115
1<br>
Default Gateway: 192.168.2.2<br>
===========================================================================<br>
Persistent Routes:<br>
None<br>
<br>
_______________________________________________<br>
tinc mailing list<br>
<a href="mailto:tinc@tinc-vpn.org" target="_blank">tinc@tinc-vpn.org</a><br>
<a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_blank">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a><br>
</blockquote>
</div>
<br>
</div>
</div>
<pre><hr width="90%" size="4"><div>
_______________________________________________
tinc mailing list
<a href="mailto:tinc@tinc-vpn.org" target="_blank">tinc@tinc-vpn.org</a>
<a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_blank">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a>
</div></pre>
<pre><hr width="90%" size="4">
No virus found in this incoming message.
Checked by AVG - <a href="http://www.avg.com" target="_blank">www.avg.com</a>
Version: 8.5.425 / Virus Database: 270.14.69/2508 - Release Date: 11/17/09 07:40:00
</pre>
</blockquote>
</div>
<br>
_______________________________________________<br>
tinc mailing list<br>
<a href="mailto:tinc@tinc-vpn.org" target="_blank">tinc@tinc-vpn.org</a><br>
<a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_blank">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a><br>
<br>
</blockquote>
</div>
<br>
<pre><hr width="90%" size="4">
_______________________________________________
tinc mailing list
<a href="mailto:tinc@tinc-vpn.org" target="_blank">tinc@tinc-vpn.org</a>
<a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_blank">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a>
</pre>
<pre><hr width="90%" size="4">
No virus found in this incoming message.
Checked by AVG - <a href="http://www.avg.com" target="_blank">www.avg.com</a>
Version: 8.5.425 / Virus Database: 270.14.69/2508 - Release Date: 11/17/09 07:40:00
</pre>
</blockquote>
</div></div></div>
<br>_______________________________________________<br>
tinc mailing list<br>
<a href="mailto:tinc@tinc-vpn.org">tinc@tinc-vpn.org</a><br>
<a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_blank">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a><br>
<br></blockquote></div><br>