==== TincVPN Setup ==== You need at least 2 Server with Debian or Ubuntu for this Howto. **Server 1 & 2** apt-get install tinc && mkdir /etc/tinc/myVPN Add myVPN into /etc/tinc/nets.boot below ## This file contains all names of the networks to be started on system startup. Lets create tinc.conf cd /etc/tinc/myVPN **Server 1** Add into /etc/tinc/myVPN/tinc.conf Name = Server1 AddressFamily = ipv4 Interface = tun0 #ConnectTo = Server1 ConnectTo = Server2 **Server 2** Add into /etc/tinc/myVPN/tinc.conf Name = Server2 AddressFamily = ipv4 Interface = tun0 ConnectTo = Server1 #ConnectTo = Server2 **Server 1 & 2** mkdir /etc/tinc/myVPN/hosts && cd /etc/tinc/myVPN/hosts **Server 1** Add into /etc/tinc/myVPN/hosts/Server1 Address = Server1_publicIP #Port = 665 Subnet = 10.0.0.1/32 **Server 2** Add into /etc/tinc/myVPN/hosts/Server2 Address = Server2_publicIP #Port = 665 Subnet = 10.0.0.2/32 **Server 1 & 2** tincd -n myVPN -K4096 Enter... Enter... This generates/attaches the public and private key pair Public Key: /etc/myVPN/hosts/Server1/2 \\ Private Key: /etc/myVPN/rsa_key.priv **Server 1** Add into /etc/tinc/myVPN/tinc-up #!/bin/sh ifconfig $INTERFACE 10.0.0.1 netmask 255.255.255.0 **Server 2** Add into /etc/tinc/myVPN/tinc-up #!/bin/sh ifconfig $INTERFACE 10.0.0.2 netmask 255.255.255.0 **Server 1 & 2** Add into /etc/tinc/myVPN/tinc-down #!/bin/sh ifconfig $INTERFACE down We need to make the scripts executable chmod 755 /etc/tinc/myVPN/tinc-* **Server 1** We need to copy the Public keys now, you can use tons of methods for that\\ For Server 1 we need to copy /etc/tinc/myVPN/hosts/Server1 to Server2, /etc/tinc/myVPN/hosts/Server1 **Server 2**\\ For Server 2 we need to copy /etc/tinc/myVPN/hosts/Server2 to Server1, /etc/tinc/myVPN/hosts/Server2 **Finish**\\ Since Tinc is in nets.boot you can just reboot your boxes or sudo service tinc start. \\ For Debian 10 you can use: systemctl enable tinc@myVPN systemctl start tinc@myVPN If you have issues, you can debug if tinc is able to open a connection to the other server with sudo tincd -n myVPN -D -d3 **You need to enable TUN/TAP for OVZ**