7,494
edits
Changes
Template:Networking rutos manual vpn (view source)
Revision as of 12:13, 5 September 2023
, 12:13, 5 September 2023no edit summary
<td>integer [0..65535]; default: <b>none</b></td>
<td>integer [0..65535]; default: <b>none</b></td>
<td>Specify time amount in seconds between Keep Alive messages. By default this option is <b>0</b> which means it is disabled. Recommended value for a device behind NAT is 25.</td>
<td>Specify time amount in seconds between Keep Alive messages. By default this option is <b>0</b> which means it is disabled. Recommended value for a device behind NAT is 25.</td>
</tr>
</table>
==Tinc==
'''Tinc''' is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet. Tinc is Free Software and licensed under the [https://www.gnu.org/licenses/old-licenses/gpl-2.0.html|GNU General Public License] version 2 or later. Because the VPN appears to the IP level network code as a normal network device, there is no need to adapt any existing software. This allows VPN sites to share information with each other over the Internet without exposing any information to others.
Tinc works by adding an instance which acts as Router/Switch/Hub mode. To create one enter its name and click the <b>Add</b> button. This should add a new Tinc instance and open a configuration window
[[File:Networking_rutx_vpn_tinc.png|border|class=tlt-border]]
===General Instance Settings===
----
This section contains General settings of created Tinc Instance. Here you can find its Public and
Private keys, specify Subnet and Host to Connect to for communication.
[[File:Networking_rutx_vpn_tinc_instance_general.png|border|class=tlt-border]]
<table class="nd-mantable">
<tr>
<th>Field</th>
<th>Value</th>
<th>Description</th>
</tr>
<tr>
<td>Enable</td>
<td>off | on; default: <b>off</b></td>
<td>Turns Tinc Instance on or off.</td>
</tr>
<tr>
<td>Subnet</td>
<td>ip; default: <b>none</b></td>
<td>The subnet which this tinc daemon will serve. Multiple subnet lines can be specified for each Daemon.</td>
</tr>
<tr>
<td>Private Key</td>
<td>.key file; default: <b>none</b></td>
<td>Generated RSA private key.</td>
</tr>
<tr>
<td>Public Key</td>
<td>.key file; default: <b>none</b></td>
<td>Generated RSA public key.</td>
</tr>
<tr>
<td>Host to Connect to</td>
<td>Not specified | Host name; default: <b>Not specified</b></td>
<td>Specifies which other tinc daemon to connect to on startup. Multiple variables may be specified, in which case outgoing connections to each specified tinc daemon are made.</td>
</tr>
</table>
====Advanced Settings====
----
Advanced Settings section.
[[File:Networking_rutos_vpn_tinc_instance_advanced.png|border|class=tlt-border]]
<table class="nd-mantable">
<tr>
<th>Field</th>
<th>Value</th>
<th>Description</th>
</tr>
<tr>
<td>Address Family</td>
<td>Any | IPv4 | IPPv6; default: <b>Any</b></td>
<td>This option affects the address family of listening and outgoing sockets.</td>
</tr>
<tr>
<td>Bind To Address</td>
<td>ip; default: <b>none</b></td>
<td>Addresses for Tinc VPN to use for listening sockets.</td>
</tr>
<tr>
<td>Bind To Interface</td>
<td>Any | LAN | WAN | WAN6 | Mobile; default: <b>Any</b></td>
<td>Interface to listen for incoming connections.</td>
</tr>
<tr>
<td>Key Expire</td>
<td>integer; default: <b>3600</b></td>
<td>This option controls the time the encryption keys used to encrypt the data are Valid.</td>
</tr>
<tr>
<td>Mode</td>
<td>Router | Switch | Hub; default: <b>Router</b></td>
<td>This option selects the way packets are routed to other daemons.</td>
</tr>
<tr>
<td>Ping Interval</td>
<td>integer; default: <b>60</b></td>
<td>The number of seconds of inactivity that tinc will wait before sending a probe to the other end.</td>
</tr>
<tr>
<td>Ping Timeout</td>
<td>integer; default: <b>5</b></td>
<td>The number of seconds to wait for a response to pings or to allow meta connections to block. If the other end doesn't respond within this time, the connection is terminated, and the others will be notified of this.</td>
</tr>
</table>
===Hosts===
----
The Hosts section is used to add your VPN hosts.
To create one enter its name and click the <b>Add</b> button.
To configure it click the <b>Edit</b> [[File:Networking_rutx_manual_edit_button_v1.png]] button.
[[File:Networking_rutx_vpn_tinc_instance_hosts.png|border|class=tlt-border]]
====General Tinc Host Settings====
----
In the General section of Hosts instance you can configure basic information about the host.
[[File:Networking_rutos_vpn_tinc_instance_hosts_general.png|border|class=tlt-border]]
<table class="nd-mantable">
<tr>
<th>Field</th>
<th>Value</th>
<th>Description</th>
</tr>
<tr>
<td>Enable</td>
<td>off | on; default: <b>off</b></td>
<td>Turn this tinc host on/off.</td>
</tr>
<tr>
<td>Description</td>
<td>string; default: <b>none</b></td>
<td>Optional. Description of host.</td>
</tr>
<tr>
<td>Address</td>
<td>ip; default: <b>none</b></td>
<td>It must resolve to the external IP address where the host can be reached, not the one that is internal to the VPN.</td>
</tr>
<tr>
<td>Subnet</td>
<td>ip; default: <b>none</b></td>
<td>The subnet which this tinc daemon will serve. Multiple subnet lines can be specified for each Daemon.</td>
</tr>
<tr>
<td>Public Key</td>
<td>.key file; default: <b>none</b></td>
<td>Generated RSA public key.</td>
</tr>
</tr>
</table>
</table>
[[Category:{{{name}}} Services section]]
[[Category:{{{name}}} Services section]]
