TINC interface missing in GUI
-
I just installed the tinc package to setup a tinc mesh vpn with my colleagues. But I can´t find the tinc interface in the GUI.
The tinc service is up and running and from CLI I can see the "tun0" interface[2.2.5-RELEASE][admin@pfSense.mydomain.lan]/root: ifconfig tun0 tun0: flags=8043 <up,broadcast,running,multicast>metric 0 mtu 1500 options=80000 <linkstate>inet XX.XX.XX.XX netmask 0xffff0000 broadcast XX.XX.XX.XX inet6 fe80::2289:88ff:fe1d:88a8%tun0 prefixlen 64 scopeid 0x8 nd6 options=23 <performnud,accept_rtadv,auto_linklocal>Opened by PID 20374</performnud,accept_rtadv,auto_linklocal></linkstate></up,broadcast,running,multicast>
The tinc mesh vpn is stablished because I can ping any host on the net from the CLI, but I can´t assign an interface and Firewall rules from the GUI.
My pfsense box details:
Version: 2.2.5-RELEASE (amd64) CPU Type: Intel(R) Celeron(R) CPU G1610T @ 2.30GHz Current: 286 MHz, Max: 2294 MHz 2 CPUs: 2 package(s) x 1 core(s) Tinc Version: 1.2.5
Any idea how to solve this issue?
Thanks in advance
Best regards -
Eh… There's 'tinc" interface tab in Firewall - Rules.
-
Thanks for your reply doktornotor
Eh… There's 'tinc" interface tab in Firewall - Rules.
Yes, I have a tab called "tinc" in Firewall - Rules and I have the correct rule to pass the traffic. And also de outbound NAT configured.
But I can´t send packets through the tinc vpn.Some screenshots of my configuration:
Thanks in advance
Best Regards -
Testing with ping will not work, because TCP/UDP is not "allow all". Ping uses ICMP. Not really sure what are you trying to assign where and why (again, the rules go to the tinc tab) - but the tinc interfaces would be under the "Interface Groups" tab.
-
Testing with ping will not work, because TCP/UDP is not "allow all". Ping uses ICMP. Not really sure what are you trying to assign where and why (again, the rules go to the tinc tab) - but the tinc interfaces would be under the "Interface Groups" tab.
This is my "Interface Group" tab
I make a new Firewall rule allowing ICMP traffic with no luck.
From the pfsense CLI I can ping any host on the tinc net.
Many thanks for your help and your kick replies.
Regards -
If I remove the 'tun' interface in /etc/inc/util.inc I can see the "tinc" interface
After this I can see a new interface
-
And again, why would you do such things? This is NOT needed, nor desired. Use the firewall logs do find out what (if anything) is blocked by the firewall and by which rule.
-
Because with the default settings the tinc network doesn´t work
-
As hinted above, make use of the firewall logs.