Creare una VPN con Tinc

Da Mikipedia.
  • Installare tinc
# aptitude install tinc


  • Creare una cartella per la vpn
# mkdir -p /etc/tinc/vpn/hosts


cat > /etc/tinc/vpn/tinc.conf <<EOF
Name = server1
AddressFamily = ipv4
Device = /dev/net/tun
Mode = switch
ConnectTo = 
EOF


cat > /etc/tinc/vpn/hosts/server1 <<EOF
Address = 123.4.5.6
Port = 655
Compression = 0
EOF


cat > /etc/tinc/vpn/hosts/server1 <<EOF
Address = 123.4.5.6
Port = 655
Compression = 0
EOF



tincd -n vpn -K4096



cat > /etc/tinc/vpn/tinc-up <<EOF
#!/bin/bash

# Attach the 'vpn' interface to vmbr1
/sbin/ifconfig vpn up
/sbin/brctl addif vmbr1 vpn

# Set a multicast route over vmbr1
/sbin/route add -net 224.0.0.0 netmask 240.0.0.0 dev vmbr1

# To allow VMs on a private IP to access the Internet (via vmbr0):
/sbin/iptables -t nat -A POSTROUTING -o vmbr0 -j MASQUERADE

# To allow IP forwarding:
echo 1 > /proc/sys/net/ipv4/ip_forward

# To limit the chance of Corosync Totem re-transmission issues:
echo 0 > /sys/devices/virtual/net/vmbr1/bridge/multicast_snooping
EOF


cat > /etc/tinc/vpn/tinc-down <<EOF
#!/bin/bash
/sbin/route del -net 224.0.0.0 netmask 240.0.0.0 dev vmbr1
/sbin/brctl delif vmbr1 vpn
/sbin/ifconfig vpn down
echo 0 > /proc/sys/net/ipv4/ip_forward
EOF

chmod +x /etc/tinc/vpn/tinc-up
chmod +x /etc/tinc/vpn/tinc-down




echo "vpn" >> /etc/tinc/nets.boot


ATTENZIONE! SU PROXMOX5 (DEBIAN STRATCH) NON USARE

# service tinc start


ATTENZIONE! SE NON VIENE ABILITATA CON systemctl L'INTERFACCIA NON SALE :(

ABILITARE il servizio per systemd USANDO

# systemctl enable tinc@vpn.service
# systemctl start tinc@vpn.service