[Ninux-Wireless] VPN con tinc
Saverio Proto
zioproto a gmail.com
Gio 6 Mar 2014 17:18:26 CET
disabilita il firewall di openwrt
/etc/init.d/firewall stop
Saverio
2014-03-06 13:40 GMT+01:00 Massimiliano CARNEMOLLA <massimiliano a null.net>:
> Ciao,
>
> ho creato una VPN tra 2 sistemi Windows e funziona (entrambi si pingano).
>
>
> Cercando di fare la stessa cosa su OpenWRT si stabilisce la connessione
> (verificato con netstat) ma i 2 dispositivi non si pingano.
>
> Di seguito lo scenario e la configurazione.
>
> PC voda
> XP 64 bit
>
> LAN 192.168.0.X
> VPN 10.96.0.10
> Connessione Internet1
>
> HOSTS
>
> VODA
>
> Subnet = 10.96.0.0/16
> -----BEGIN RSA PUBLIC KEY-----
> MIIBCgKCAQEApy7dUE60kvD51FRL66sP2op/w+TywGfKSieUscE5RdePbuDHE6Fl
> hsyzV4I992OEO/Hy6bjYRgs1olBPtcsGDvgDBpxHuyO7d1YgmYHEBtIFYr8DZcGl
> eoMbS0mX5RVJGkJ5tEdckhdWvvSnTBqlsY2Vsnpbqzq1T7mKYiDCDTUQdiBGguq1
> Ywtqpi47LDrRDWHNYh7Wbu+e7EQGDNs3uy4tpDMaiVrhU0iapgRUHQk6ywtQlipl
> bwlmK8wT03ttuBHmZpk3qN9vK4KQdWjPkYJATnmdO8cIVj2A4IGfbztM+7RnJ0kC
> aqXyIVBdpA9K2QYjgndnIavr4Z/bw2/YuwIDAQAB
> -----END RSA PUBLIC KEY-----
>
>
>
>
>
> Nodo OpenWRT (GASPARRI)
> LAN 192.168.1.1
> RADIO 10.96.0.1
> Connessione Internet2
>
> tinc.conf
>
> name=GASPARRI
>
>
> HOSTS
>
> GASPARRI
>
> Address = massimiliano.hopto.org
> Subnet = 10.96.0.0/16
>
>
> -----BEGIN RSA PUBLIC KEY-----
> MIIBCgKCAQEAre+nZd8G6IgfFemZJY3M1XCbfX4eNbWq8yiqTOBmTVEDfNcpeEuz
> rAgULdeAt7EpMjB0u6NUatbtVra1y9+vy3bfQ6y4rnq7bGr00B58kBp6ny9R9p8S
> rPx3wuS7h9v5M/w2ct963HrAiNBD7U1WnafhOniccBB8TSY+Dp3+ReYCZ8EQOwTF
> C2topUvL2to78EMGFrzj0HD73sayXROn2xzcgZMPSP2/w7eljQKDwevBi0m+tEkB
> E8AonaWOPwNlQzgHEEHQGtwrS7frR0CWud5m4lGZMZ555uyKXZO3oHEXm+TmdnAu
> kgv3bHAvdCym/RLMOjS+ze8fycnGEpV8pwIDAQAB
> -----END RSA PUBLIC KEY-----
>
>
> tinc-up
>
>
> #!/bin/sh
> ifconfig $INTERFACE 10.96.0.1 netmask 255.255.0.0
> iptables --append input_wan --protocol tcp --dport 655 --jump ACCEPT
> iptables --append input_wan --protocol udp --dport 655 --jump ACCEPT
> iptables --append forwarding_rule -i vpn -o br-lan -s 10.96.0.0/16 -d
> 192.168.1.0/24
> iptables -A forwarding_rule -o vpn -j ACCEPT
> iptables -A forwarding_rule -i vpn -j ACCEPT
>
>
> Firewall
>
> tinc
>
> Any TCP+UDP
> From any host in lan
> To any host, port 655 in wan
>
> Accept forward
>
>
>
>
> Interfaccia VPN
>
> VPN
>
> Ad-Hoc "GROTTASANTA"
> Uptime: 14h 16m 35s
> MAC-Address: 00:15:6D:7C:F0:E1
> RX: 35.44 MB (477446 Pkts.)
> TX: 934.90 MB (816854 Pkts.)
> IPv4: 10.96.0.1/16
> IPv6: 2001:4C00:893B:8888:0:0:0:2/64
>
>
> Lancio tincd --bypass-security -n vpn
>
>
>
>
>
>
>
>
>
>
>
> ---
> This email is free from viruses and malware because avast! Antivirus
> protection is active.
> http://www.avast.com
>
> _______________________________________________
> Wireless mailing list
> Wireless a ml.ninux.org
> http://ml.ninux.org/mailman/listinfo/wireless
Maggiori informazioni sulla lista
Wireless