Thanks Guus I have one more question.
- We see several log messages that we dont currently understand - Can you comment on what they mean and if they are concerning? I've obfuscated IP's and node names so please ignore those. Our tinc daemon command is: tincd -n <vpn name> -- Received short packet -- Got REQ_KEY from node003 while we already started a SPTPS session! -- Invalid packet seqno: 7951 != 1 from node003 (22.22.22.22 port 655) -- Failed to verify SIG record from node003 (22.22.22.22 port 655) -- message repeated 3 times: [ Received short packet] -- Metadata socket read error for node004 (33.33.33.33 port 655): Connection reset by peer -- Failed to decrypt and verify packet from node005 (44.44.44.44 port 655) -nirmal On Tue, Aug 22, 2017 at 11:08 PM, Guus Sliepen <g...@tinc-vpn.org> wrote: > On Tue, Aug 22, 2017 at 03:19:18PM -0700, Nirmal Thacker wrote: > > > - How do we patch 1.1pre14 with this fix? Or will there be a 1.1pre15 to > > upgrade to? > > There will be an 1.1pre15, but if you want you can apply the following > commit: > > https://tinc-vpn.org/git/browse?p=tinc;a=commitdiff;h= > 92fdabc439bdb5e16f64a4bf2ed1deda54f7c544 > > > - What is the workaround until we patch with this fix? Using a > combination > > of AutoConnect and ConnectTo? > > Yes. > > > - When we use ConnectTo, is it mandatory to have a cert file in the > hosts/* > > dir with an IP to ConnectTo ? > > Yes. Tinc always needs the public key of a peer and an Address in order > to be able to connect to it. > > -- > Met vriendelijke groet / with kind regards, > Guus Sliepen <g...@tinc-vpn.org> > > _______________________________________________ > tinc mailing list > tinc@tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > >
_______________________________________________ tinc mailing list tinc@tinc-vpn.org https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
