Difference between revisions of "Tinc"

From Tmplab
(==)
(All Nodes Configuration Directory Structure)
 
(16 intermediate revisions by the same user not shown)
Line 1: Line 1:
= Yet Another Help For Basic tinc-vpn setup =
+
= Plan =
  
== Configuration Directory Structure ==
+
* here is the most basic setup
 +
* we assume the virtual network is 192.168.22.x.
 +
* Change it to whatever you like as private IPs.
 +
 
 +
= Linux style Basic tinc-vpn setup =
 +
 
 +
== All Nodes Configuration Directory Structure ==
  
 
  /etc/tinc/
 
  /etc/tinc/
Line 9: Line 15:
 
                       tinc-up
 
                       tinc-up
 
                       tinc-down
 
                       tinc-down
 +
                      rsa_key.priv
 
                       hosts/
 
                       hosts/
                             Client1
+
                             client1
                             Client2
+
                             client2
                             TincServer
+
                             ...
 +
                            tincserver
  
 
== nets.boot ==
 
== nets.boot ==
Line 18: Line 26:
 
  networkname
 
  networkname
  
== tinc.conf ==
+
== tinc.conf for client1 ==
  
  Name=Client1
+
  Name=client1
 
  Device=/dev/net/tun
 
  Device=/dev/net/tun
  ConnectTo=TincServer
+
  ConnectTo=tincserver
 
  AddressFamily = ipv4
 
  AddressFamily = ipv4
  
== tinc-up ==
+
== tinc-up for client1 ==
  
 
  #!/bin/bash
 
  #!/bin/bash
  ifconfig $INTERFACE 192.168.22.20 netmask 255.255.255.0
+
  ifconfig $INTERFACE 192.168.22.1 netmask 255.255.255.0
  
== tinc-down ==
+
== tinc-down for client1 ==
  
 
  #!/bin/bash
 
  #!/bin/bash
 
  ifconfig $INTERFACE down
 
  ifconfig $INTERFACE down
 +
 +
== Keygeneration ==
 +
 +
* to be run for each client
 +
tincd -n networkname -K4096
 +
* private key goes to /etc/tinc/networkname
 +
* public key goes to /etc/tinc/networkname/hosts
 +
* add the first two lines as shown below according to client or server function
 +
 +
== hosts/client1 ==
 +
 +
Name=client1
 +
Subnet=192.168.22.1
 +
-----BEGIN RSA PUBLIC KEY-----
 +
....
 +
-----END RSA PUBLIC KEY-----
 +
 +
== hosts/client2 ==
 +
 +
Name=client2
 +
Subnet=192.168.22.2
 +
-----BEGIN RSA PUBLIC KEY-----
 +
....
 +
-----END RSA PUBLIC KEY-----
 +
 +
== hosts/tincserver ==
 +
 +
Subnet=192.168.22.254
 +
Address=SERVERPUBLICIP

Latest revision as of 10:19, 25 May 2016

Plan

  • here is the most basic setup
  • we assume the virtual network is 192.168.22.x.
  • Change it to whatever you like as private IPs.

Linux style Basic tinc-vpn setup

All Nodes Configuration Directory Structure

/etc/tinc/
          nets.boot
          networkname/
                      tinc.conf
                      tinc-up
                      tinc-down
                      rsa_key.priv
                      hosts/
                            client1
                            client2
                            ...
                            tincserver

nets.boot

networkname

tinc.conf for client1

Name=client1
Device=/dev/net/tun
ConnectTo=tincserver
AddressFamily = ipv4

tinc-up for client1

#!/bin/bash
ifconfig $INTERFACE 192.168.22.1 netmask 255.255.255.0

tinc-down for client1

#!/bin/bash
ifconfig $INTERFACE down

Keygeneration

  • to be run for each client
tincd -n networkname -K4096
  • private key goes to /etc/tinc/networkname
  • public key goes to /etc/tinc/networkname/hosts
  • add the first two lines as shown below according to client or server function

hosts/client1

Name=client1
Subnet=192.168.22.1
-----BEGIN RSA PUBLIC KEY-----
....
-----END RSA PUBLIC KEY-----

hosts/client2

Name=client2
Subnet=192.168.22.2
-----BEGIN RSA PUBLIC KEY-----
....
-----END RSA PUBLIC KEY-----

hosts/tincserver

Subnet=192.168.22.254
Address=SERVERPUBLICIP