sunmast
New Around Here
First time post...
Hello, does any one know how to trust the TINC interface created by the TINC VPN? Here is my setup:
Computer1 <--TINC VPN (TAP mode)--> Router1 (running latest Asuswrt-Merlin)
Computer1 can talk to Router1 on the VPN network and vise versa, but it can't talk to any other computers in the network of Router1. Routing rules are setup correctly on both Computer1 and Router1.
Tcpdump shows the Router does see all incoming requests from Computer1, but I believe all of them are just dropped. Tcpdump on the destination computer doesn't see any traffic.
I've tried to trust the interface manually (on Router1):
iptables -A INPUT -i tinc -j ACCEPT
ip6tables -A INPUT -i tinc -j ACCEPT
iptables -A OUTPUT -o tinc -j ACCEPT
ip6tables -A OUTPUT -o tinc -j ACCEPT
iptables -A FORWARD -o tinc -j ACCEPT
ip6tables -A FORWARD -o tinc -j ACCEPT
iptables -A FORWARD -i tinc -j ACCEPT
ip6tables -A FORWARD -i tinc -j ACCEPT
It doesn't help. I think somehow the Router1 just doesn't want to forward any traffic from the tinc interface to the br0 interface which connects to the LAN.
Interestingly, br0 -> tinc forwarding is working fine. Computers in the network of Router1 can just ping Computer1.
BTW, OVPN works in a similar setup. It looks like the router is treating OVPN tap interfaces differently.
Thanks in advance!
Hello, does any one know how to trust the TINC interface created by the TINC VPN? Here is my setup:
Computer1 <--TINC VPN (TAP mode)--> Router1 (running latest Asuswrt-Merlin)
Computer1 can talk to Router1 on the VPN network and vise versa, but it can't talk to any other computers in the network of Router1. Routing rules are setup correctly on both Computer1 and Router1.
Tcpdump shows the Router does see all incoming requests from Computer1, but I believe all of them are just dropped. Tcpdump on the destination computer doesn't see any traffic.
I've tried to trust the interface manually (on Router1):
iptables -A INPUT -i tinc -j ACCEPT
ip6tables -A INPUT -i tinc -j ACCEPT
iptables -A OUTPUT -o tinc -j ACCEPT
ip6tables -A OUTPUT -o tinc -j ACCEPT
iptables -A FORWARD -o tinc -j ACCEPT
ip6tables -A FORWARD -o tinc -j ACCEPT
iptables -A FORWARD -i tinc -j ACCEPT
ip6tables -A FORWARD -i tinc -j ACCEPT
It doesn't help. I think somehow the Router1 just doesn't want to forward any traffic from the tinc interface to the br0 interface which connects to the LAN.
Interestingly, br0 -> tinc forwarding is working fine. Computers in the network of Router1 can just ping Computer1.
BTW, OVPN works in a similar setup. It looks like the router is treating OVPN tap interfaces differently.
Thanks in advance!
Last edited: