FreshTomato Wiki

User Tools

Site Tools

Trace:
vpn-tinc

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
vpn-tinc [2023/05/26 18:46] – [Hosts Tab] -clarity, condense hogwildvpn-tinc [2023/09/10 20:04] (current) rs232
Line 1: Line 1:
-====== Tinc Daemon ======+====== Tinc ======
  
 Tinc is a newer VPN technology that allows you to create partial/full mesh VPN connections without having to define every endpoint, as you'd have to with other VPN protocols. A minimum amount of configuration is still needed for each site. However, it's the quickest way to develop a mesh VPN between network sites. Tinc is a newer VPN technology that allows you to create partial/full mesh VPN connections without having to define every endpoint, as you'd have to with other VPN protocols. A minimum amount of configuration is still needed for each site. However, it's the quickest way to develop a mesh VPN between network sites.
Line 46: Line 46:
  \\  \\
  
-**ConnectTo:**  This flag can be set "On" or left blank. This tells the local Tinc daemon to attempt a direct connection to another host (not including relayed connection ).+**ConnectTo:**  This flag can be set "On" or left blank. This tells the local Tinc daemon to try connecting directly to another host (without using relay).
  
 **Name:**  As on the Config tab, this is the unique Tinc identifier defined in the Host Name field. **Name:**  As on the Config tab, this is the unique Tinc identifier defined in the Host Name field.
  
-**Address:  **This is used only when direct communication is possible and defines the IP address or (fully qualified domain name) where the host can be found. Direct communication means without relay.+**Address:  **This is used only when direct communication is possible. It defines the IP address (or FQDN) where the host can be found. This means without relay.
  
-**Port:  **An empty value configures the default setting (TCP/UDP, port 655). You might need to tune this for network devices that don't have root/Administrator privileges (not applicable to FreshTomato).+**Port:  **If left blank, this configures the default setting (TCP/UDP, port 655). You might need to tune this for network devices without root/Administrator privileges (but not FreshTomato).
  
-**Compression:**  In some cases, compression may increase VPN speeds. The default of "0" (disabled) can be adjusted as high as "11". All nodes must be configured with the same setting. Since most VPN traffic is already compressed at the application layer, think carefully about whether you need this enabled. Enabling compression will add extra workload to the CPU, and may not increase speed/throughput.+**Compression:**  In some cases, compression may increase VPN speeds. The default of "0" (disabled) can be adjusted as high as "11". All nodes must be configured with the same setting. Since most VPN traffic is already compressed at the application layer, think carefully whether you need this enabled. Enabling compression adds extra workload to the CPU, and may not increase throughput.
  
-**Subnet:**  This defines the primary subnet reachable via the host being defined.+**Subnet:**  This defines the primary subnet reachable via the host being defined. It's published to the tinc peers so they know which peer hosts the subnet.
  
-**Ed25519 Public Key:**  This is where you enter your Ed25519 encryption Public Key.+**Ed25519 Public Key:**  Here is where you enter your Ed25519 encryption Public Key.
  
 **RSA Public Key: * ** If you're using RSA encryption, you must define each host's public key here. RSA is optional in Tinc versions 1.0 and later. **RSA Public Key: * ** If you're using RSA encryption, you must define each host's public key here. RSA is optional in Tinc versions 1.0 and later.
  
-You must provide minimal information for every host defined before you can click OK and proceed to the next row. Clicking OK **does not** save settings. After you've defined all hosts, and clicked "OK" for each, you must click "Save" at the bottom. Only then will all host settings be saved.+You must provide minimal information for every host defined before you can click OK and go to the next row. Clicking OK **does not** save settings. Only after you've defined all hosts, clicked "OK" for each, and clicked "Save" at the bottom. will all host settings be saved.
  
 **Custom:**  In this field, you can define custom settings for each host. **Custom:**  In this field, you can define custom settings for each host.
Line 68: Line 68:
 For example, if a host communicates with with another subnet, you could add: For example, if a host communicates with with another subnet, you could add:
  
-//Subnet = 10.10.8.0/24// .+//  Subnet = 10.10.8.0/24// .
  
 You must ensure these settings are consistent with the host IP/subnet + config-page "netmask" setting. You must ensure these settings are consistent with the host IP/subnet + config-page "netmask" setting.
vpn-tinc.1685123185.txt.gz · Last modified: 2023/05/26 18:46 by hogwild

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki