<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p
{mso-style-priority:99;
margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body lang="EN-US" link="blue" vlink="#954F72">
<div class="WordSection1">
<p>Thanks. I played with it some more, and finally got it working. I am willing to write up a detailed how-to, including screen shots, if you guys are interested. Just tell me in what format you want the write-up.<o:p></o:p></p>
<p> <o:p></o:p></p>
<p>Cheers,<o:p></o:p></p>
<p><o:p> </o:p></p>
<p><o:p> </o:p></p>
<div style="mso-element:para-border-div;border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p style="border:none;padding:0in"><br>
<b>From: </b>Daniel J. Grinkevich<br>
<b>Sent: </b>Wednesday, July 22, 2015 7:26 AM<br>
<b>To: </b>tinc@tinc-vpn.org<br>
<b>Subject: </b>RE: Please help debug Windows setup</p>
</div>
<p class="MsoNormal"><span style="font-family:"Times New Roman",serif"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman",serif"><o:p> </o:p></span></p>
<p>Your port forward needs to point to the ip address of the ethernet interface not the tap interface. Also, the subnet you are using for the VPN are public addresses. You should use different subnet. Look up private address space.
<span style="font-size:12.0pt"><o:p></o:p></span></p>
<p>Dan</p>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New Roman",serif">On Jul 21, 2015 7:40 PM, "Adam Macielinski" <<a href="mailto:adam@macielinski.net">adam@macielinski.net</a>> wrote:<o:p></o:p></span></p>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<div>
<p>Hi - Thanks to Sven-Haegar and Donald, but still having issues setting up with Windows. Machine1 can't ping the VPN address of machine2.<span style="font-size:12.0pt;font-family:"Times New Roman",serif"><o:p></o:p></span></p>
<p> </p>
<p>Regular IPv4 address for both machines in 192.168.1.xxx range.</p>
<p> </p>
<p>Router:</p>
<p>Forwarding port 655 to 101.102.103.1, UDP and TCP</p>
<p>Forwarding port 656 to 101.102.103.2, UDP and TCP</p>
<p> </p>
<p>Tinc.conf on machine user1 just three lines:</p>
<p> </p>
<p>Name = vpnuser1</p>
<p>ConnectTo = vpnuser2</p>
<p>Interface = TincVPN</p>
<p> </p>
<p>TAP adapter (TAP-Windows Adapter V9) named TincVPN, and configured to 101.102.103.1 / 255.255.0.0</p>
<p> </p>
<p>Tinc.conf on machine user2 just three lines:</p>
<p> </p>
<p>Name = vpnuser2</p>
<p>ConnectTo = vpnuser1</p>
<p>Interface = TincVPN</p>
<p> </p>
<p>TAP adapter (TAP-Windows Adapter V9) named TincVPN, and configured to 101.102.103.2 / 255.255.0.0</p>
<p> </p>
<p>Hosts folder on both machines contains two files:</p>
<p> </p>
<p>vpnuser1</p>
<p>Address = <a href="http://xyz.ddns.net" target="_BLANK">xyz.ddns.net</a></p>
<p>Port = 655</p>
<p>Subnet = <a href="http://101.102.103.1/32" target="_BLANK">101.102.103.1/32</a></p>
<p>--RSA KEY--</p>
<p> </p>
<p>vpnuser2</p>
<p>Address = <a href="http://xyz.ddns.net" target="_BLANK">xyz.ddns.net</a></p>
<p>Port = 656</p>
<p>Subnet = <a href="http://101.102.103.2/32" target="_BLANK">101.102.103.2/32</a></p>
<p>--RSA KEY--</p>
<p> </p>
<p>I've confirmed that <a href="http://xyz.ddns.net" target="_BLANK">xyz.ddns.net</a> has the correct IP address (matches the WAN address of the router), and is set up as "DNS Host (A)". Tinc service on both machines is running. RSA keys generated on each
of machines user1 and user2. Local Windows firewalls allow incoming UDP and TCP traffic on all ports and IP addresses.</p>
<p> </p>
<p>Any idea on how can I debug this thing? Seems so close, but so far away. Appreciate all thoughts.</p>
<p> </p>
<p>Cheers,</p>
<p>Adam</p>
<p> </p>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p><br>
<b>From: </b>Sven-Haegar Koch<br>
<b>Sent: </b>Tuesday, July 14, 2015 5:14 AM<br>
<b>To: </b><a href="mailto:tinc@tinc-vpn.org">tinc@tinc-vpn.org</a><br>
<b>Subject: </b>Re: Please help debug Windows setup</p>
</div>
<p class="MsoNormal"><span style="font-family:"Times New Roman",serif"> </span></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman",serif"> </span></p>
<p class="MsoNormal">BindToAddress = 192.168.1.45 655</p>
<p class="MsoNormal">Subnet = 192.168.1.45</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">You should use different IP ranges for inside the VPN and outside of it
</p>
<p class="MsoNormal">- otherwise your OS does not now how to reach the destination IP
</p>
<p class="MsoNormal">correctly.</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">So for example change the Subnet statements to 192.168.2.x</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Greetings</p>
<p class="MsoNormal">Haegar</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">On Mon, 13 Jul 2015, Donald Pearson wrote:</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">> Make sure your router supports nat reflection and has it enabled.</p>
<p class="MsoNormal">> </p>
<p class="MsoNormal">> On Mon, Jul 13, 2015 at 5:44 PM, Adam Macielinski <<a href="mailto:adam@macielinski.net">adam@macielinski.net</a>> wrote:</p>
<p class="MsoNormal">> > Hi,</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Thanks to John Wice for helping me with an earlier question. My two PCs</p>
<p class="MsoNormal">> > behind the same router are still having problems connecting. Would</p>
<p class="MsoNormal">> > appreciate thoughts on what I’m doing wrong…</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Router:</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Port 655 forwarded to 192.168.1.45, both TCP and UDP</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Port 656 forwarded to 192.168.1.51, both TCP and UDP</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Machine #1.</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > ==========</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Local IP address on LAN = 192.168.1.45</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Windows Firewall allows all incoming TCP and UDP traffic for the</p>
<p class="MsoNormal">> > Tinc.TincVPN service.</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Tinc.conf:</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Name = Adam</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > ConnectTo = Erika</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Interface = TincVPN</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > BindToAddress = 192.168.1.45 655</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Hosts/Adam:</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Address = <a href="http://XYZ.ddns.org" target="_BLANK">
XYZ.ddns.org</a> [WAN IP address, of router]</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Port = 655</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Subnet = 192.168.1.45</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Hosts/Erika:</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > As below</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Machine #2.</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > ==========</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Local IP address on LAN = 192.168.1.51</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Windows Firewall allows all incoming TCP and UDP traffic for the</p>
<p class="MsoNormal">> > Tinc.TincVPN service.</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Tinc.conf:</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Name = Erika</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > ConnectTo = Adam</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Interface = TincVPN</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > BindToAddress = 192.168.1.51 656</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Hosts/Erika:</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Address = <a href="http://XYZ.ddns.org" target="_BLANK">
XYZ.ddns.org</a> [WAN IP address, of router, same as above]</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Port = 656</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Subnet = 192.168.1.51</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Hosts/Adam:</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > As above</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Cheers,</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > Adam</p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> > _______________________________________________</p>
<p class="MsoNormal">> > tinc mailing list</p>
<p class="MsoNormal">> > <a href="mailto:tinc@tinc-vpn.org">tinc@tinc-vpn.org</a></p>
<p class="MsoNormal">> > <a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_BLANK">
http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a></p>
<p class="MsoNormal">> ></p>
<p class="MsoNormal">> _______________________________________________</p>
<p class="MsoNormal">> tinc mailing list</p>
<p class="MsoNormal">> <a href="mailto:tinc@tinc-vpn.org">tinc@tinc-vpn.org</a></p>
<p class="MsoNormal">> <a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_BLANK">
http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a></p>
<p class="MsoNormal">> </p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">c'ya</p>
<p class="MsoNormal">sven-haegar</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">-- </p>
<p class="MsoNormal">Three may keep a secret, if two of them are dead.</p>
<p class="MsoNormal">- Ben F.</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal"> </p>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal" style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:12.0pt;margin-left:4.8pt">
<span style="font-size:12.0pt;font-family:"Times New Roman",serif"><br>
_______________________________________________<br>
tinc mailing list<br>
<a href="mailto:tinc@tinc-vpn.org">tinc@tinc-vpn.org</a><br>
<a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_BLANK">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a><o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>