{"id":2890,"date":"2025-04-22T16:24:58","date_gmt":"2022-05-03T21:33:34","guid":{"rendered":""},"modified":"2025-02-02T00:46:19","modified_gmt":"2025-02-01T23:46:19","slug":"how-to-set-up-peer-to-peer-vpn-with-tinc-on-ubuntu-22-04","status":"publish","type":"post","link":"https:\/\/netcloud24.com\/knowledgebase\/how-to-set-up-peer-to-peer-vpn-with-tinc-on-ubuntu-22-04\/","title":{"rendered":"How to Set Up Peer-to-Peer VPN with Tinc on Ubuntu 22.04"},"content":{"rendered":"

\u00a0<\/p>\n<\/p>\n

\n

\u00a0<\/h1>\n<\/header>\n
\n

Tinc is an open-source, peer-to-peer VPN software that makes it easy to create a virtual private network with multiple nodes. It offers a secure, encrypted, and decentralized way to connect systems across different locations. In this guide, we will walk through the steps to set up a peer-to-peer VPN using Tinc on Ubuntu 22.04. Whether you\u2019re hosting the VPN on local servers or using a , this guide will help you establish a secure connection.<\/p>\n

\n

Step 1: Update Your System<\/h2>\n

Before installing Tinc, make sure your Ubuntu 22.04 system is updated. Run the following commands to update and upgrade your system:<\/p>\n

sudo apt update && sudo apt upgrade<\/code><\/pre>\n
This ensures that you are using the latest software packages. Keeping your system updated is important, whether you’re using a local server or a UK Windows VPS<\/a>.<\/p>\n<\/section>\n
\n
Step 2: Install Tinc<\/h2>\n
Tinc is available in the Ubuntu repositories, so you can easily install it using the following command:<\/p>\n
sudo apt install tinc<\/code><\/pre>\n
Once the installation is complete, you can proceed to configure the VPN. Tinc is highly customizable and can be set up to work in a mesh or peer-to-peer network. Whether you’re hosting locally or on a Windows VPSVirtual Private Server hosting<\/a> platform, this process is the same.<\/p>\n<\/section>\n
\n
Step 3: Configure Tinc VPN<\/h2>\n
Tinc uses a directory-based configuration system. You need to create a network configuration directory for your VPN. For example, let\u2019s call the VPN network “mynetwork”:<\/p>\n
\r\nsudo mkdir -p \/etc\/tinc\/mynetwork\/hosts\r\n            <\/code><\/pre>\n
Next, create the main configuration file for the network:<\/p>\n
\r\nsudo nano \/etc\/tinc\/mynetwork\/tinc.conf\r\n            <\/code><\/pre>\n
Add the following configuration to the file:<\/p>\n
\r\nName = node1\r\nAddressFamily = ipv4\r\nInterface = tun0\r\n            <\/code><\/pre>\n
Replace node1<\/code> with the name of the node you are configuring. Save the file and exit.<\/p>\n<\/section>\n
\n
Step 4: Generate VPN Keys<\/h2>\n
Each node in the Tinc VPN requires a unique key pair. Generate a new key pair for this node by running:<\/p>\n
\r\nsudo tincd -n mynetwork -K4096\r\n            <\/code><\/pre>\n
This command will create a public and private key for the node. The public key is stored in the \/etc\/tinc\/mynetwork\/hosts\/node1<\/code> file, while the private key is stored in \/etc\/tinc\/mynetwork\/rsa_key.priv<\/code>.<\/p>\n<\/section>\n
\n
Step 5: Configure VPN Peers<\/h2>\n
To connect multiple nodes, you need to share the public key of each node with the others. Add the public key information for each node into the corresponding \/etc\/tinc\/mynetwork\/hosts<\/code> directory on each server.<\/p>\n
For example, if you have a second node (node2), copy its public key from node2<\/code> to node1<\/code>\u2019s host file directory and vice versa. This process applies whether you’re using Ubuntu or hosting on VPS Windows VPS Servers<\/a>.<\/p>\n<\/section>\n
\n
Step 6: Create Tinc Up and Down Scripts<\/h2>\n
Tinc requires scripts to bring the network interface up and down. Create the “tinc-up” script to define the VPN interface:<\/p>\n
\r\nsudo nano \/etc\/tinc\/mynetwork\/tinc-up\r\n            <\/code><\/pre>\n
Add the following content:<\/p>\n
\r\n#!\/bin\/sh\r\nifconfig $INTERFACE 10.0.0.1 netmask 255.255.255.0\r\n            <\/code><\/pre>\n
Replace 10.0.0.1<\/code> with the IP address for this node. Create the “tinc-down” script to bring the interface down:<\/p>\n
\r\nsudo nano \/etc\/tinc\/mynetwork\/tinc-down\r\n            <\/code><\/pre>\n
Add the following content:<\/p>\n
\r\n#!\/bin\/sh\r\nifconfig $INTERFACE down\r\n            <\/code><\/pre>\n
Make both scripts executable:<\/p>\n
\r\nsudo chmod +x \/etc\/tinc\/mynetwork\/tinc-up\r\nsudo chmod +x \/etc\/tinc\/mynetwork\/tinc-down\r\n            <\/code><\/pre>\n<\/section>\n
\n
Step 7: Start and Enable Tinc<\/h2>\n
You can now start the Tinc service on each node. Run the following command to start Tinc for your network:<\/p>\n
\r\nsudo tincd -n mynetwork\r\n            <\/code><\/pre>\n
To ensure that Tinc starts automatically on boot, enable the service:<\/p>\n
\r\nsudo systemctl enable tinc@mynetwork\r\n            <\/code><\/pre>\n
This setup will allow the VPN to connect automatically when the system starts, ensuring secure connectivity, whether you’re using a local server or a Windows VPS hosting UK<\/a>.<\/p>\n<\/section>\n
\n
Step 8: Testing the VPN<\/h2>\n
Once all nodes are configured and Tinc is running, you can test the connectivity between nodes. Try pinging another node’s VPN IP address:<\/p>\n
ping 10.0.0.2<\/code><\/pre>\n
Replace 10.0.0.2<\/code> with the IP address of another node. If the ping is successful, the VPN is working as expected.<\/p>\n<\/section>\n