Skip to content
This repository has been archived by the owner on Sep 10, 2022. It is now read-only.
/ tinc-opnsense Public archive

Enables you to install tinc on opnsense with your own configuration

10 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

EugenMayer/tinc-opnsense

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

52 Commits
.idea
.idea
 
 
Mk
Mk
 
 
Scripts
Scripts
 
 
Templates
Templates
 
 
dist
dist
 
 
security/tinccustom
security/tinccustom
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

WAT

Eventhough there is a opnsense tinc plugin already, its hard to keep the GUI offering all the options tinc actual offers. Be it a infinit amount of subnets, specific modes (switch/hub/routed) or anything else specific to your setup.

So as an alternative this plugins offers you all daemon / startup / interface integration and also some starting point for the configuration while letting you doing whatever you want with your configuration.

BUT NO GUI!!

Rather you edit the files using ssh, pick your favorite tincd howto / setup or even existing setup on copy it over here. Utilize the full power of tinc

Installation

The version might change, adjust it if fetch fails

fetch https://raw.githubusercontent.com/EugenMayer/tinc-opnsense/master/dist/os-tincdcustom-latest.txz
pkg install os-tincdcustom-latest.txz

1. your network

  1. copy the /usr/local/etc/tinc/example folder to /usr/local/etc/tinc/yournetwork
  2. enter yournetwork into /usr/local/etc/tinc/nets.boot to let this network be started on boot
  3. create keypairs by runng tincd -n <yournetwork> -K

2. your network configuration and tun device

  1. Edit /usr/local/etc/tinc/yournetwork/tinc.conf set the server you want to connect to and how this server is to be named

  2. Edit /usr/local/etc/tinc/yournetwork/tinc-up and adjust the network/netbitmask

3. finally the host configuration

  1. enter the /usr/local/etc/tinc/yournetwork/hosts folder and rename the files according to what you have chosen for youservername and theotherservername - they must match!

  2. enter the public key of the "this server" you find under /usr/local/etc/tinc/yournetwork/ into the according thisservername file and adjust the subnet this server offers (or subnets)

  3. enter the public key of the "other server" into the according theotherservername file and adjust the subnet the other server offers (or subnets)

4. OPNsense Interface/Gateway/Route/FW configuration

Please see this answer for a brief description

Service mangement

to restart the service to

configctl tincdcustom restart

More then that you have those obvious commands

configctl tincdcustom stop
configctl tincdcustom start
configctl tincdcustom reload

Uninstallation

When you uninstall the plugins, everything you created in /usr/local/etc/tinc will kept in place, so you can reinstall it at any time

Build it yourself / Development

Connect on your opnsense box

mkdir -p /usr/devel && cd /usr/devel 
git clone https://github.com/EugenMayer/tinc-opnsense
cd tinc-opnsense/security/tinccustom
make package
pkg install work/pkg/os-tincdcustom-*

Credits

Of course credits to the initial author opnsense tinc, some of the things in here base on his work straight. Thank you!

About

Enables you to install tinc on opnsense with your own configuration

Topics

freebsd vpn opnsense tinc

Resources

Readme
Activity

Stars

10 stars

Watchers

5 watching

Forks

4 forks
Report repository

Releases

4 tags

Packages

No packages published

Languages