Tinc VPN 1.1pre14 on Windows
with windows client (repeat client step to add more clients)

Firewall open firewall port 655 on your router

Install Tinc VPN

Download & Install Tinc 1.1pre14

Configure master node (master)

Ctrl + R then C:\Program Files\tinc & Enter
Click on File > Open Command Prompt as Administrator

  • tinc -n vpn init master
  • tinc -n vpn add subnet 20.0.0.1
  • tinc -n vpn add address=public.domain-or-ip

setup ethernet interface

  • cd tap-win64
  • addtap.bat
  • cd ..
  • netsh interface ipv4 show interfaces locate the one thats disconnected probably Ethernet 2
  • netsh interface set interface name = "Ethernet 2" newname = "tinc"
  • netsh interface ip set address "tinc" static 20.0.0.1 255.255.255.0
  • netsh interface ipv4 show config now you should have a tinc interface with ip/subnet

Configure client node (client1)

if you want to add more clients, change name and ip

Download & Install Tinc 1.1pre14

Ctrl + R then C:\Program Files\tinc & Enter
Click on File > Open Command Prompt as Administrator

  • tinc -n vpn init client1
  • tinc -n vpn add connectto master
  • tinc -n vpn add subnet 20.0.0.2

setup ethernet interface

  • cd tap-win64
  • addtap.bat
  • cd ..
  • netsh interface ipv4 show interfaces locate the one thats disconnected probably Ethernet 2
  • netsh interface set interface name = "Ethernet 2" newname = "tinc"
  • netsh interface ip set address "tinc" static 20.0.0.2 255.255.255.0

copy the files/keys

  • on client1 machine, copy the vpn/hosts/client1 file to yourvpn/hosts folder on your master machine
  • on master machine, copy the vpn/hosts/master file to your vpn/hosts folder on your client1 machine

test it with

Router

  • tincd -n vpn -D -d3
  • ping 20.0.0.2 (after both is up!)
  • issues, disable your firewall, open port 655..

Client1

  • tincd -n vpn -D -d3
  • ping 20.0.0.1 (after both is up!)
  • issues, disable your firewall, open port 655..

Run as daemon (on both router and client)

Router:
tincd -n vpn

Client
tincd -n vpn

Tips

  • ping 20.0.0.1 from client1
  • ping 20.0.0.2 from master
  • try opening windows share \\20.0.0.1 from client1
  • try opening windows share \\20.0.0.2 from master
  • try remote desktop, ftp, etc to check if it works

a new installment in the quick & easy series!

Tinc VPN 1.1 on ASUSWRT-Merlin
with windows client (repeat client step to add more clients)

setup tinc and open firewall (on router)

  • echo #!/bin/sh >> /jffs/scripts/init-start
  • echo modprobe tun >> /jffs/scripts/init-start
  • echo /jffs/sbin/tincd -n vpn >> /jffs/scripts/init-start
  • echo iptables -I INPUT -p tcp --destination-port 655 -j ACCEPT >> /jffs/scripts/firewall-start
  • chmod a+rx /jffs/scripts/*

Go to Administration - System in Router Admin Page
and set Enable JFFS custom scripts and configs to Yes

Load tun module temporarily

modprobe tun

Install Tinc VPN

  • wget http://files.lancethepants.com/Binaries/tinc/arm/tinc%201.1pre11/tinc -O /jffs/sbin/tinc
  • wget http://files.lancethepants.com/Binaries/tinc/arm/tinc%201.1pre11/tincd -O /jffs/sbin/tincd
  • chmod +x /jffs/sbin/tinc*

Configure router node

  • mkdir -p /jffs/etc/tinc/
  • /jffs/sbin/tinc -n vpn init router
  • /jffs/sbin/tinc -n vpn add subnet 20.0.0.1
  • /jffs/sbin/tinc -n vpn add address=myrouter.domain.ninja-or-ip

the below might have broken in newer asuswrt-merlin, atleast one of them should work

  • echo 'ip addr add 20.0.0.1/24 dev $INTERFACE' > /jffs/etc/tinc/vpn/tinc-up
  • echo 'ip link set $INTERFACE up' >> /jffs/etc/tinc/vpn/tinc-up

in case the above fails try
* echo ifconfig $INTERFACE 20.0.0.1 netmask 255.255.255.0 > /jffs/etc/tinc/vpn/tinc-up

Configure client node (on windows computer)

if you want to add more clients, change name and ip

Download & Install Tinc

Navigate to C:\Program Files (x86)\tinc
Click on File > Open Command Prompt > As Administrator

  • tinc -n vpn init client1
  • tinc -n vpn add connectto router
  • tinc -n vpn add subnet 20.0.0.2

setup ethernet interface

  • cd tap-win64
  • addtap.bat
  • cd ..

go to Control Panel\Network and Internet\Network Connections
(note the name of the tap adapter)

  • netsh interface set interface name = "insert name of tap adapter" newname = "tinc"
  • netsh interface ip set address "tinc" static 20.0.0.2 255.255.255.0

Exchange Keys to the kingdom

Repeat this step on all your clients

Install winscp on client1
(right click shortcut and run as administrator)

login with these settings

File Protocol: SCP
Hostname: 192.168.1.1
login with ssh user/password

Open Syncronize with CTRL + S
Local: C:\Program Files (x86)\tinc\vpn\hosts\
Remote: //jffs/etc/tinc/vpn/hosts
Direction/Target to Both
Click OK and OK

test it with

Router

  • /jffs/sbin/tincd -n vpn -D -d3

Client1

  • tincd -n vpn -D -d3

Run as daemon (on both router and client)

Router:

  • /jffs/sbin/tincd -n vpn

Client

  • “C:\Program Files (x86)\tinc\tincd -n vpn”

thanks to lancethepants for binaries, tinc for vpn
asus for awesome hardware and merlin for his firmware

Easily deploy an SSD cloud server on @DigitalOcean in 55 seconds. Sign up using my link and receive $10 in credit
Proudly published with Ghost | Theme based on Draugur | Header Image by GUWEIZ@DeviantArt
Creative Commons Licence