Dear list, I'm currently trying to simulate a VPN in a very simple configuration at home. My normal home-net 192.168.0.0/24 serves as "the internet". Three test machines are used, two of them connected to "the internet":
odin , external IP 192.168.0.100/24 on eth0 thor , external IP 192.168.0.101/24 on eth0 My VPN uses address space 10.0.0.0/8 in the following way: odin IP 10.0.0.1/24 thor IP 10.16.1.1/24 on eth1 wpa1-1 IP 10.16.1.250/24 on eth1 directly connected to thor Configuration on odin: tinc.conf: AddressFamily = ipv4 Name = walhalla Device = /dev/net/tun ProcessPriority = high tinc-up (perms 755): #!/bin/sh # internal (network card) interface of this subnet # ifconfig eth1 10.0.0.1 netmask 255.255.255.0 # 10.0.0.1 is odins address in the VPN # 255.0.0.0 is the netmask of the ENTIRE VPN ifconfig $INTERFACE 10.0.0.1 netmask 255.0.0.0 Configuration on thor: tinc.conf: AddressFamily = ipv4 ConnectTo = walhalla Name = wpa1 Device = /dev/net/tun ProcessPriority = high tinc-up (perms 755): #!/bin/sh # internal (network card) interface of this subnet # ifconfig eth1 10.16.1.1 netmask 255.255.255.0 # 10.16.1.1 is thors address of wpa1 in the VPN # 255.0.0.0 is the netmask of the ENTIRE VPN ifconfig $INTERFACE 10.16.1.1 netmask 255.0.0.0 host files (same on both odin and thor): hosts/walhalla: Address = 192.168.0.100 Subnet = 10.0.0.0/24 Compression = 1 -----BEGIN RSA PUBLIC KEY----- ..... -----END RSA PUBLIC KEY----- hosts/wpa1: Subnet = 10.16.1.0/24 Compression = 1 -----BEGIN RSA PUBLIC KEY----- ..... -----END RSA PUBLIC KEY----- There is no tinc installed or configured on wpa1-1. Sorry, I don't have ifconfigs and routes handy right now. They look fine as far as I can tell. If you need them let me know, I can post them tomorrow. When I start tincd on odin and thor the tunnel works fine. I can ping thor from odin and vice versa. I can also ping wpa1-1 from thor and vice versa. Pinging from odin to wpa1-1 doesn't work, neither does it from wpa1-1 to odin. What's wrong? Which magic spell did I forget? Thanks for your help Ulli _______________________________________________ tinc mailing list tinc@tinc-vpn.org http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc