User Tools

Site Tools


TincVPN Setup

You need at least 2 Server with Debian or Ubuntu for this Howto.

Server 1 & 2

apt-get install tinc && mkdir /etc/tinc/myVPN



into /etc/tinc/nets.boot below

## This file contains all names of the networks to be started on system startup.

Lets create tinc.conf

cd /etc/tinc/myVPN

Server 1 Add into /etc/tinc/myVPN/tinc.conf

Name = Server1
AddressFamily = ipv4
Interface = tun0
#ConnectTo = Server1
ConnectTo = Server2	

Server 2 Add into /etc/tinc/myVPN/tinc.conf

Name = Server2
AddressFamily = ipv4
Interface = tun0
ConnectTo = Server1
#ConnectTo = Server2	

Server 1 & 2

mkdir /etc/tinc/myVPN/hosts && cd /etc/tinc/myVPN/hosts

Server 1 Add into /etc/tinc/myVPN/hosts/Server1

Address = Server1_publicIP
#Port = 665
Subnet =

Server 2 Add into /etc/tinc/myVPN/hosts/Server2

Address = Server2_publicIP
#Port = 665
Subnet =

Server 1 & 2

tincd -n myVPN -K4096

Enter… Enter…

This generates/attaches the public and private key pair

Public Key: /etc/myVPN/hosts/Server1/2
Private Key: /etc/myVPN/rsa_key.priv

Server 1 Add into /etc/tinc/myVPN/tinc-up

ifconfig $INTERFACE netmask	

Server 2 Add into /etc/tinc/myVPN/tinc-up

ifconfig $INTERFACE netmask	

Server 1 & 2 Add into /etc/tinc/myVPN/tinc-down

ifconfig $INTERFACE down

We need to make the scripts executable

chmod 755 /etc/tinc/myVPN/tinc-*

Server 1 We need to copy the Public keys now, you can use tons of methods for that
For Server 1 we need to copy /etc/tinc/myVPN/hosts/Server1 to Server2, /etc/tinc/myVPN/hosts/Server1

Server 2
For Server 2 we need to copy /etc/tinc/myVPN/hosts/Server2 to Server1, /etc/tinc/myVPN/hosts/Server2

Since Tinc is in nets.boot you can just reboot your boxes or sudo service tinc start.

For Debian 10 you can use:

systemctl enable tinc@myVPN
systemctl start tinc@myVPN

If you have issues, you can debug if tinc is able to open a connection to the other server with

sudo tincd -n myVPN -D -d3

You need to enable TUN/TAP for OVZ

tincvpn_setup.txt · Last modified: 2020/07/17 03:07 by neoon