Install tinc package:
pkg_add tinc
Choose name for your private network. I named it work.
Create directory for storing virtual networks configuration
test -d /etc/tinc/work/hosts || mkdir -p /etc/tinc/work/hosts
And put tinc config into it:
cat > /etc/tinc/work/tinc.conf << EOF
Name = client1
ConnectTo = server
Device = /dev/tap0
EOF
Generate private/public key pair:
tincd -n work -K
It will show the message like this:
Generating 2048 bits keys:
..........................................................+++++ p
......+++++ q
Done.
Please enter a file to save private RSA key to [/etc/tinc/work/rsa_key.priv]:<Press Enter>
Please enter a file to save public RSA key to [/etc/tinc/work/hosts/client1]:<Press Enter>
Copy host configuration file from your VPN server and put it to /etc/tinc/work/hosts/server. It should look like this one:
Address = vpn.svyrydiuk.eu
Subnet = 10.0.0.0/24
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAvpQDmw2xTwmBq65hBkoEIGjtfRfLGPDj1+Y0PbLLZQ/GZSdevcii
....
....
EyoSBS6xle/uvuoRDa57Pj366EZVzTm1a0dFLZmtQVOgxOPmpQ4jVTUCAwEAAQ==
-----END RSA PUBLIC KEY-----
Do the same with host configuration file you have on your client host. Copy it to VPN server
Also create tinc-up and tinc-down scripts on client in /etc/tinc/work:
#!/bin/sh
# /etc/tinc/work/tinc-up
ifconfig $INTERFACE 10.0.0.100 netmask 255.255.255.0
#!/bin/sh
# /etc/tinc/work/tinc-down
ifconfig $INTERFACE down
chmod +x tinc-[ud]*
rcctl enable tincd
rcctl set tincd flags "-U _tinc --chroot --net=work"
rcctl start tincd
In case of errors run:
tincd –no-detach –config=/etc/tinc/work -d 3 –net work