Changes

Jump to navigation Jump to search

VPN (view source)

Revision as of 03:49, 29 August 2021

1,179 bytes added ,  2 years ago
Added FreeBSD configuration notes to TINC setup
Line 771: Line 771:  
     └── NoMoreSecrets
 
     └── NoMoreSecrets
 
         ├── hosts
 
         ├── hosts
         │   ├── server1
+
         │  ├── server1
         │   ├── server2
+
         │  ├── server2
         │   └── server3
+
         │  └── server3
 
         ├── rsa_key.priv
 
         ├── rsa_key.priv
 
         ├── tinc.conf
 
         ├── tinc.conf
Line 779: Line 779:  
         └── tinc-up
 
         └── tinc-up
 
</pre>
 
</pre>
 +
 +
==== FreeBSD Note ====
 +
FreeBSD will use the '''/usr/local/etc/tinc''' directory structure instead of the Linux '''/etc/tinc''' as shown above.  Adjust the paths below accordingly.  Additionally, the '''tinc-up''' and '''tinc-down''' files will differ. See the section below the '''Server 3''' example for notes on these differences.
    
====Individual node setup and configuration====
 
====Individual node setup and configuration====
Line 875: Line 878:  
     ip addr del 10.0.0.3/32 dev $INTERFACE
 
     ip addr del 10.0.0.3/32 dev $INTERFACE
 
     ip link set $INTERFACE down
 
     ip link set $INTERFACE down
 +
 +
====== FreeBSD Note ======
 +
The '''tinc-up''' and '''tinc-down''' files will differ from those listed above as follows:
 +
 +
* /usr/local/etc/tinc/NoMoreSecrets/tinc-up:
 +
    #!/bin/sh
 +
    ifconfig "$INTERFACE" up
 +
    ifconfig "$INTERFACE" inet 10.0.0.3 netmask 255.255.255.255
 +
    route add -net 10.0.0.0 10.0.0.3
 +
 +
Note:  Substitute '''route add -host <remote tinc ip> <local tinc ip>''' in place of the last line above for a two node setup
 +
 +
* /usr/local/etc/tinc/NoMoreSecrets/tinc-down:
 +
    #!/bin/sh
 +
    ifconfig "$INTERFACE" destroy
 +
    exit
    
=====Create keypair=====
 
=====Create keypair=====
Line 900: Line 919:     
=====Start tinc=====
 
=====Start tinc=====
 +
'''Linux:'''
 
* On all servers enable and start tinc
 
* On all servers enable and start tinc
 
     systemctl enable tinc@NoMoreSecrets
 
     systemctl enable tinc@NoMoreSecrets
 
     systemctl start tinc@NoMoreSecrets
 
     systemctl start tinc@NoMoreSecrets
 +
 +
'''FreeBSD:'''
 +
 +
You will need to ensure that tincd is properly configured on '''/etc/rc.conf''' before you attempt to start it:
 +
*Add the following to your /etc/rc.conf:
 +
  #tinc
 +
  tincd_enable="YES"
 +
  tincd_cfg="NoMoreSecrets"
 +
  tincd_flags="-d 2 -L"
 +
*Start tinc with:
 +
  service tincd start
    
Once tinc is up and running on all three servers you should be able to communicate over the 10.0.0.0/24 network.  
 
Once tinc is up and running on all three servers you should be able to communicate over the 10.0.0.0/24 network.  
Retrieved from "http://wiki.pttlink.org/wiki/Special:MobileDiff/2760"

Navigation menu