[Ninux-Wireless] VPN con tinc
Massimiliano CARNEMOLLA
massimiliano a null.net
Gio 6 Mar 2014 13:40:51 CET
Ciao,
ho creato una VPN tra 2 sistemi Windows e funziona (entrambi si pingano).
Cercando di fare la stessa cosa su OpenWRT si stabilisce la connessione
(verificato con netstat) ma i 2 dispositivi non si pingano.
Di seguito lo scenario e la configurazione.
PC voda
XP 64 bit
LAN 192.168.0.X
VPN 10.96.0.10
Connessione Internet1
HOSTS
VODA
Subnet = 10.96.0.0/16
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEApy7dUE60kvD51FRL66sP2op/w+TywGfKSieUscE5RdePbuDHE6Fl
hsyzV4I992OEO/Hy6bjYRgs1olBPtcsGDvgDBpxHuyO7d1YgmYHEBtIFYr8DZcGl
eoMbS0mX5RVJGkJ5tEdckhdWvvSnTBqlsY2Vsnpbqzq1T7mKYiDCDTUQdiBGguq1
Ywtqpi47LDrRDWHNYh7Wbu+e7EQGDNs3uy4tpDMaiVrhU0iapgRUHQk6ywtQlipl
bwlmK8wT03ttuBHmZpk3qN9vK4KQdWjPkYJATnmdO8cIVj2A4IGfbztM+7RnJ0kC
aqXyIVBdpA9K2QYjgndnIavr4Z/bw2/YuwIDAQAB
-----END RSA PUBLIC KEY-----
Nodo OpenWRT (GASPARRI)
LAN 192.168.1.1
RADIO 10.96.0.1
Connessione Internet2
tinc.conf
name=GASPARRI
HOSTS
GASPARRI
Address = massimiliano.hopto.org
Subnet = 10.96.0.0/16
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAre+nZd8G6IgfFemZJY3M1XCbfX4eNbWq8yiqTOBmTVEDfNcpeEuz
rAgULdeAt7EpMjB0u6NUatbtVra1y9+vy3bfQ6y4rnq7bGr00B58kBp6ny9R9p8S
rPx3wuS7h9v5M/w2ct963HrAiNBD7U1WnafhOniccBB8TSY+Dp3+ReYCZ8EQOwTF
C2topUvL2to78EMGFrzj0HD73sayXROn2xzcgZMPSP2/w7eljQKDwevBi0m+tEkB
E8AonaWOPwNlQzgHEEHQGtwrS7frR0CWud5m4lGZMZ555uyKXZO3oHEXm+TmdnAu
kgv3bHAvdCym/RLMOjS+ze8fycnGEpV8pwIDAQAB
-----END RSA PUBLIC KEY-----
tinc-up
#!/bin/sh
ifconfig $INTERFACE 10.96.0.1 netmask 255.255.0.0
iptables --append input_wan --protocol tcp --dport 655 --jump ACCEPT
iptables --append input_wan --protocol udp --dport 655 --jump ACCEPT
iptables --append forwarding_rule -i vpn -o br-lan -s 10.96.0.0/16 -d
192.168.1.0/24
iptables -A forwarding_rule -o vpn -j ACCEPT
iptables -A forwarding_rule -i vpn -j ACCEPT
Firewall
tinc
Any TCP+UDP
From any host in lan
To any host, port 655 in wan
Accept forward
Interfaccia VPN
VPN
Ad-Hoc "GROTTASANTA"
Uptime: 14h 16m 35s
MAC-Address: 00:15:6D:7C:F0:E1
RX: 35.44 MB (477446 Pkts.)
TX: 934.90 MB (816854 Pkts.)
IPv4: 10.96.0.1/16
IPv6: 2001:4C00:893B:8888:0:0:0:2/64
Lancio tincd --bypass-security -n vpn
---
This email is free from viruses and malware because avast! Antivirus protection is active.
http://www.avast.com
Maggiori informazioni sulla lista
Wireless