<html><head></head><body><div class="ydpffa70b28yahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><div></div>
<div>Hello Drake,<br>I am doing the same... Spanish TV to my UK home, and UK TV to my Spanish home, using Kodi and TVHeadend!!</div><div>It works really well, but find that I need powerful PCs running Kodi/PVR-HTS to prevent buffering.<br>The Tinc VPN does not filter ports - all ports are available at each end. Since you're likely to be behind NAT this is safe.<br>The port numbers 9981 and 9982 are only needed in the PVR-HTS Addon within Kodi, assuming you're starting TVHeadend with the defaults.<br>It took me many hours of reading the Tinc docs and examples many times to get the configuration!!<br>And Micheal's comments were a good summery.<br>John</div><div><br></div></div><div id="ydp9e160a62yahoo_quoted_0459217473" class="ydp9e160a62yahoo_quoted"><div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;"><div> 1. Re: Please help with configuration (Drake Drake)<br> 2. Re: Please help with configuration (Michael Munger)<br><div id="ydp9e160a62ymsg93792" class="ydp9e160a62ymsg0164513883"><div id="ydp9e160a62yiv4772422204"><div dir="ltr"><div>Thanks Michael, I will proceed like this. </div><div>I think I didn't have UDP 655 forwarded on the remote server, will do that (had it at my client's router).</div><div>If tinc connects, will both server and client see each other, for example I will be able to access all webui's running on SERVER from CLIENT side? </div><div>For example, SERVER is running webui of Tvheadend on <a href="http://192.168.0.4:9981" rel="nofollow" target="_blank">192.168.0.4:9981</a> How can I access that from CLIENT? Do I need to use iptables or routing?</div><div>Thanks,</div><div>drake</div><br><div class="ydp9e160a62yiv4772422204gmail_quote"><div dir="ltr" class="ydp9e160a62yiv4772422204gmail_attr">On Thu, Feb 7, 2019 at 6:26 PM Michael Munger <<a href="mailto:mj@hph.io" rel="nofollow" target="_blank">mj@hph.io</a>> wrote:<br></div><blockquote class="ydp9e160a62yiv4772422204gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex;">
<div>
<p>Local IPs of the client are irrelevant.</p>
<p>The client should be configured to look for the host by domain
name (/etc/tinc/yournetwork/hosts/EXAMPLESERVER should have the
dDNS name in the Address directive) and the tinc.conf file should
have that as the host to connect to for the network. (ConnectTo=EXAMPLESERVER)<br>
</p>
<p>Then, you need port forwarding in your router to forward TCP/UDP
655 from the WAN address to the router to the LAN address of the
server. The server should be a static IP on that network <i>or </i>it
should have a DHCP reservation so it doesn't move and break NAT
port forwarding.</p>
<p>When tinc starts, it will check tinc.conf for the ConnectTo
directive. In your case, it will be ConnectTo=EXAMPLESERVER. Then,
it looks in the hosts/ directory for the EXAMPLESERVER file, and
reads the Address= directive to see where that server is. Since
you're using ddns, it will do a DNS lookup for that domain name,
and find your current IP address (hopefully) and try to connect on
udp/655. When those packets reach your router, they should get
forwarded to the server, which will authenticate the connection.
If the server can authenticate the client, it will keep the
connection, and if not, it will drop it. <br>
</p>
<div>Make sure that your host files are properly exchanged on both
sides so that both sides can authenticate the other side using the
public / private key pair. (Private keys are never exchanged. Only
public ones as kept in the hosts/ directory).</div></div><div><br></div></blockquote></div></div></div></div></div>
</div>
</div></body></html>