I'm doing exactly what I think you're trying to do.<br><br>You are using switched mode, so you can remove the Subnet statements.� Otherwise, if you mean to have your VPN routed instead of switched, you need to remove the mode=switch statements.<br>
<br>I recommend keeping switch mode, and removing the un-necessary Subnet statements.<br><br>Now, you need to bridge your tun interface with your physical interface at home.� This will open the rest of your home network to your VPN provided all hosts use the same network and netmask.<br>
<br>You say you are using Ubuntu, so you can do "apt-get install bridge utils"<br><br>You will need your tinc-up script to be something like this;<br><br>#!/bin/sh<br>modprobe tun<br>ifconfig vpn 0.0.0.0<br>ifconfig vpn up<br>
ifconfig eth0 0.0.0.0<br>ifconfig eth0 up<br><br>brctl addbr bridge<br>brctl addif bridge vpn<br>brctl addif bridge eth0<br>ifconfig bridge 10.10.0.30 netmask 255.255.255.0<br>route add default gw 10.10.0.254 bridge<br>ifconfig bridge up<br>
<br>Here's my tinc.conf.� it's *very* simple.<br><br>donald@DonaldTincVM:/etc/tinc/vpn$ cat tinc.conf<br>Name = Donald<br>ConnectTo = Pat<br>Device = /dev/net/tun<br>Mode = switch<br>PrivateKeyFile = /etc/tinc/vpn/rsa_key.priv<br>
<br><br>And here's my host files.<br><br>donald@DonaldTincVM:/etc/tinc/vpn/hosts$ cat Donald<br>Address = xxxx<br>Port = 8002<br>IndirectData = Yes<br>Compression = 0<br>PMTUDiscovery = Yes<br>RSA stuff.<br><br>donald@DonaldTincVM:/etc/tinc/vpn/hosts$ cat Pat<br>
Address = <a href="http://nixon.endoftheinternet.org">nixon.endoftheinternet.org</a><br>Port = 8003<br>IndirectData = Yes<br>Compression = 0<br>PMTUDiscovery = Yes<br>RSA stuff.<br><br><div class="gmail_quote">On Sun, Feb 7, 2010 at 5:26 PM, M.Farghaly <span dir="ltr"><<a href="mailto:m@farghaly.com">m@farghaly.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hi there,<br>
<br>
I am using tinc since some monthes. I think the basic idea of<br>
extending vpn to a mesh of systems via tun/tap is great. And I think<br>
it is one of the useable developments compared to the much more<br>
complex vpn solutions I had used in the past. Great work.<br>
<br>
Setting up tinc I have fought with the configuration (and with the<br>
concepts) for a while as I have found no example that covers my<br>
special setup until I reached this fairly minimal config below.<br>
<br>
The setup is as follows:<br>
Home network is 10.10.0.x/24, Ubuntu Unix Server has internal IP<br>
10.10.0.30, Gateway is 10.10.0.254<br>
I have a dynamic ip on this network and a masquerading firewall router.<br>
<br>
I am accessing home network via Ubuntu linux laptop via UMTS which<br>
means dynamic IP-Address, normally also in the 10.x.y.z Range (can<br>
this be a problem ?).<br>
<br>