{"id":375,"date":"2017-08-29T15:22:11","date_gmt":"2017-08-29T07:22:11","guid":{"rendered":"https:\/\/blog.jsjs.org\/?p=375"},"modified":"2017-08-29T15:22:11","modified_gmt":"2017-08-29T07:22:11","slug":"how-to-install-and-configure-tinc-vpn-on-linux","status":"publish","type":"post","link":"https:\/\/blog.jsjs.org\/?p=375","title":{"rendered":"How to install and configure tinc VPN on Linux"},"content":{"rendered":"
\n

How to install and configure tinc VPN on Linux<\/a><\/h1>\n<\/header>\n
Last updated on\u00a0Dan Nanni<\/a><\/span><\/span><\/span> 3 Comments<\/a><\/span><\/div>\n
\n

Tinc<\/a>\u00a0is an open-source VPN software with a number of powerful features not found in other VPN solutions. \u00a0For example, tinc allows peers behind NAT to communicate with one another via VPN directly, not through a third party. \u00a0Other features include full IPv6 support and path MTU discovery.<\/p>\n

In this\u00a0tinc example<\/b>, I will show you how to set up a VPN connection between two hosts via tinc. Let’s call these hosts “alice” and “bob” respectively. Note that these are just symbolic names used by tinc, not necessarily hostnames. In this example, I assume that host “bob” will initiate a VPN connection to host “alice”.<\/p>\n

First, install tinc on both hosts:<\/p>\n

For\u00a0CentOS system<\/b>, first\u00a0set up RPMforge repository<\/a>. Then, do the following.<\/p>\n

$ sudo yum install tinc -y<\/div>\n

For\u00a0Debian\/Ubuntu system<\/b>:<\/p>\n

$ sudo apt-get install tinc<\/div>\n

Now, let’s go ahead and configure tinc VPN on both hosts as follows.<\/p>\n

On host “alice”, do the following.<\/p>\n

$ sudo mkdir -p \/etc\/tinc\/myvpn\/hosts<\/div>\n

Then create a tinc configuration file called tinc.conf, and host configuration file(s) as follows.<\/p>\n

$ sudo vi \/etc\/tinc\/myvpn\/tinc.conf<\/div>\n
Name = alice\nAddressFamily = ipv4\nInterface = tun0\n<\/pre>\n
In the above example, the directory “myvpn” under \/etc\/tinc is the name of the VPN network to be established between alice and bob. VPN name can be any alphanumeric name without containing “-“. In\u00a0tinc.conf example<\/b>, “Name” field indicates the name of tinc-running local host, which doesn’t have to be actual hostname. You can choose any generic name.<\/p>\n
Next, create host configuration files which contain host-specific information.<\/p>\n
$ sudo vi \/etc\/tinc\/myvpn\/hosts\/alice<\/div>\n
Address = 1.2.3.4\nSubnet = 10.0.0.1\/32\n<\/pre>\n
The name of host configuration file (e.g., alice) should be the same as the one you defined in tinc.conf. The “Address” field indicates a globally routable public IP address associated with alice. This field is required for at least one host in a given VPN network so that other hosts can initiate VPN connections to it. In this example, alice will serve as the bootstrapping server, and so has a public IP address (e.g., 1.2.3.4). The “Subnet” field indicates the VPN IP address to be assigned to alice.<\/p>\n