Hello,

I've got an AWS cloud and a local network. I'd like to setup an access from
private EC2 instances to local network tinc server. There are two public
EC2 instances with tinc server installed, other (private) EC2 nodes do not
have tinc.

http://imgur.com/tq84crc

VPC subnet: 172.22/16
VPN subnet: 21.0.0/24

Source EC2 instance ip: 172.22.0.100
Tinc 1 ip: 172.22.0.101, 21.0.0.1
Tinc 2 ip: 172.22.0.102, 21.0.0.2

Local network tinc (tinc 3): 21.0.0.11

I need to have an access from 172.22.0.100 to 21.0.0.11.

I've setup a VPC route table to route all requests to 21.0.0/24 to tinc 1
and had configured tinc nodes to use masquerading. It works perfectly when
a traffic flows like this:

source -> tinc1 -> tinc3 -> tinc1 -> source

But if tinc3 replies to a different node there is a problem since there's
no masquerading record for that request

source -> tinc1 -> tinc3 -> tinc2 -> xx

One of the possible ways to resolve this issue would be to install tinc to
every private EC2 node. Could you please suggest other ways to implement it?

Regards,
Stan
ᐧ

ᐧ
_______________________________________________
tinc mailing list
tinc@tinc-vpn.org
https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc

Reply via email to