User Tools

Site Tools


tinctunnel

This is an old revision of the document!


Tinc Tunnel

You should already have a Tinc tunnel running between these 2 machines: TincVPN Setup
To ensure that data is getting forwarded to the gateway and back
Run this on the client

echo '100 TUNNEL' >> /etc/iproute2/rt_tables
ip rule add from 10.0.0.0/24 table TUNNEL
ip route add default via 10.0.0.1 table TUNNEL

Forward traffic to specific IP (Server)

iptables -t nat -A POSTROUTING -s 10.0.0.0/24 ! -o tun+ -j SNAT --to-source xxx.xxx.xxx.xxx
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward    

Forward traffic via default gateway (Server)

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

Test it

curl http://www.cpanel.net/showip.cgi --interface 10.0.0.2

Sources:
https://unix.stackexchange.com/questions/283801/iptables-forward-traffic-to-vpn-tunnel-if-open
https://wiki.buyvm.net/doku.php/gre_tunnel

tinctunnel.1594898189.txt.gz · Last modified: 2021/11/25 22:43 (external edit)

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki