Step 1: Update Your System

Before installing Tinc, make sure your Ubuntu 22.04 system is updated. Run the following commands to update and upgrade your system:

sudo apt update && sudo apt upgrade

This ensures that you are using the latest software packages. Keeping your system updated is important, whether you're using a local server or a UK Windows VPS.

Step 2: Install Tinc

Tinc is available in the Ubuntu repositories, so you can easily install it using the following command:

sudo apt install tinc

Once the installation is complete, you can proceed to configure the VPN. Tinc is highly customizable and can be set up to work in a mesh or peer-to-peer network. Whether you're hosting locally or on a Windows Virtual Private Server hosting platform, this process is the same.

Step 3: Configure Tinc VPN

Tinc uses a directory-based configuration system. You need to create a network configuration directory for your VPN. For example, let’s call the VPN network "mynetwork":

sudo mkdir -p /etc/tinc/mynetwork/hosts
            

Next, create the main configuration file for the network:

sudo nano /etc/tinc/mynetwork/tinc.conf
            

Add the following configuration to the file:

Name = node1
AddressFamily = ipv4
Interface = tun0
            

Replace node1 with the name of the node you are configuring. Save the file and exit.

Step 4: Generate VPN Keys

Each node in the Tinc VPN requires a unique key pair. Generate a new key pair for this node by running:

sudo tincd -n mynetwork -K4096
            

This command will create a public and private key for the node. The public key is stored in the /etc/tinc/mynetwork/hosts/node1 file, while the private key is stored in /etc/tinc/mynetwork/rsa_key.priv.

Step 5: Configure VPN Peers

To connect multiple nodes, you need to share the public key of each node with the others. Add the public key information for each node into the corresponding /etc/tinc/mynetwork/hosts directory on each server.

For example, if you have a second node (node2), copy its public key from node2 to node1’s host file directory and vice versa. This process applies whether you're using Ubuntu or hosting on VPS Windows Servers.

Step 6: Create Tinc Up and Down Scripts

Tinc requires scripts to bring the network interface up and down. Create the "tinc-up" script to define the VPN interface:

sudo nano /etc/tinc/mynetwork/tinc-up
            

Add the following content:

#!/bin/sh
ifconfig $INTERFACE 10.0.0.1 netmask 255.255.255.0
            

Replace 10.0.0.1 with the IP address for this node. Create the "tinc-down" script to bring the interface down:

sudo nano /etc/tinc/mynetwork/tinc-down
            

Add the following content:

#!/bin/sh
ifconfig $INTERFACE down
            

Make both scripts executable:

sudo chmod +x /etc/tinc/mynetwork/tinc-up
sudo chmod +x /etc/tinc/mynetwork/tinc-down
            

Step 7: Start and Enable Tinc

You can now start the Tinc service on each node. Run the following command to start Tinc for your network:

sudo tincd -n mynetwork
            

To ensure that Tinc starts automatically on boot, enable the service:

sudo systemctl enable tinc@mynetwork
            

This setup will allow the VPN to connect automatically when the system starts, ensuring secure connectivity, whether you're using a local server or a Windows VPS hosting UK.

Step 8: Testing the VPN

Once all nodes are configured and Tinc is running, you can test the connectivity between nodes. Try pinging another node's VPN IP address:

ping 10.0.0.2

Replace 10.0.0.2 with the IP address of another node. If the ping is successful, the VPN is working as expected.