569
edits
Changes
no edit summary
<span style="color: red;">The information in this page is updated in accordance with the <span style="color: #0054A6;"><b>RUTXXX_R_00_07_02</b></span> firmware version.</span>
<b>ZeroTier One</b> is an open source software which can establish Peer to Peer VPN (P2PVPN) connection between various devices running various operating systems. It also provides network management possibilities such as routing and creating firewall rules.
<b>ZeroTier One</b> is an open source software which can establish Peer to Peer VPN (P2PVPN) connection between various devices running various operating systems. It also provides network management possibilities such as routing and creating firewall rules.
==Introduction==
==Introduction==
This article contains step-by-step instructions on how to set up and manage a Zerotier network using Teltonika-Networks devices alongs with other equipment.
This article contains step-by-step instructions on how to set up and manage a Zerotier network using Teltonika-Networks devices alongs with other equipment.
==Setting up a ZeroTier network==
== Setting up a ZeroTier network==
<ul>
<ul>
The next step is configuring members (aka nodes) for our ZeroTier network.
The next step is configuring members (aka nodes) for our ZeroTier network.
==Node configuration==
==Node configuration ==
Zerotier <b>nodes</b> or <b>members</b> are clients that can connect to a ZeroTier network. This section provides information on how to configure ZeroTier nodes on different types of machines.
Zerotier <b>nodes</b> or <b>members</b> are clients that can connect to a ZeroTier network. This section provides information on how to configure ZeroTier nodes on different types of machines.
Take note that if 'Private' access control type is selected, the nodes will only come online after they authorized by you from the ZeroTier Central dashboard. To learn how to authorize nodes, read the [[#Node_authorization|node authorization]] section of this article.
Take note that if 'Private' access control type is selected, the nodes will only come online after they authorized by you from the ZeroTier Central dashboard. To learn how to authorize nodes, read the [[#Node_authorization|node authorization]] section of this article.
===Teltonika-Networks device===
=== Teltonika-Networks device===
----
----
<ul>
<ul>
</ul>
</ul>
===Android/Apple iOS device===
=== Android/Apple iOS device===
----
----
<ul>
<ul>
[[File:Zerotier_configuration_access_scheme.png]]
[[File:Zerotier_configuration_access_scheme.png]]
===ZeroTier routing===
=== ZeroTier routing===
----
----
<ul>
<ul>
<li>Go ZeroTier Central and find the <b>'Managed Routes'</b> box in the 'Advanced' section.</li>
<li>Go ZeroTier Central and find the <b><nowiki/>'Managed Routes'</b> box in the 'Advanced' section.</li>
<li>Add the following route.
<li>Add the following route.
<ol>
<ol>
</ul>
</ul>
===Port forwarding===
=== Port forwarding===
----
----
<ul>
<ul>
</ul>
</ul>
==Bridge Cinfiguration==
==Bridge Configuration ==
ZeroTier bridge configuration will allow 2 (or more) LAN's in the same Zerotier network to be interconnected. For this example we will use two RUTX routers. Both of these routers should already have ZeroTier package installed and be connected to the ZeroTier Portal.
ZeroTier bridge configuration will allow two (or more) LAN's in the same ZeroTier network to be interconnected. For this example, we will use two RUTX routers. Both of these routers should already have the ZeroTier package installed and be connected to the ZeroTier Portal.
===First router===
===First router===
----
----
*Navigate to '''''Services → VPN → ZeroTier''''' and access the ZeroTier Instance created previously to edit it for the bridging of LAN’s.
[[File:Zerotier Interfacev2.png|border|class=tlt-border|1050x1050px]]
*From the '''''Bridge to''''' dropdown menu, select '''''LAN'''''. This option bridges The ZeroTier interface with the device's LAN interface, which extends the network and allows for Layer 2 communication via ZeroTier. Bridges operate at the data link layer and facilitate seamless communication between devices on different LAN segments
*Navigate to Network → Interfaces → LAN → Physical settings → Interface and add the ZeroTier interface name we found out in the previous step.
*Save & Apply settings
*Save & Apply settings
===Second Router===
===Second Router===
----
----
*Navigate to Network → Interfaces → LAN → Physical settings → Interface and add the ZeroTier interface name we found out in the previous step.
*Navigate to '''''Services → VPN → Zerotier''''' → and access the ZeroTier instance, configuring it the same way as the first router.
*Navigate to Network → Interfaces → LAN → General settings and change the IPv4 address to an IP that is in the same subnet as the first router (We will use 192.168.1.2 for this example)
* Navigate to '''''Network → LAN → General settings''''' and change the '''IPv4 address''' to an IP that is in the same subnet as the first router (We will use 192.168.1.2 for this example)
*Navigate to Network → Interfaces → LAN → DHCP Server and Disable DHCP server option
*Navigate to '''''Network → Interfaces → LAN → DHCP Server''''' and Disable '''DHCP server''' option
*Save & Apply settings
*Save & Apply settings
[[File:Zerotier configuration rut 2 configuration v1.png|border|class=tlt-border]]
[[File:Zerotier configuration rut 2 configuration v1.png|class=tlt-border]]
===ZeroTier Portal===
=== ZeroTier Portal===
----
----
*Open your ZeroTier Portal (https://my.zerotier.com/) and navigate to your ZeroTier Network.
*Open your ZeroTier Portal (https://my.zerotier.com/) and navigate to your ZeroTier Network.
*Scroll down to Members and enable "Allow Ethernet Bridging" option on both devices
*Scroll down to Members and enable '''"Allow Ethernet Bridging"''' option on both devices
[[File:Zerotier configuration portal configuration v1.png|798x798px]]
[[File:ZeroTier Portal Bridging v1.3.png|500×200]][[File:ZeroTier Portal Bridging v1.2.png|500x200]]
*Make sure to turn off '''Auto-Assign from Range''' in the '''advanced section'''. Since this is a Layer 2 bridge configuration, there is no need for IP addresses on the ZeroTier Interfaces and managed IPs. With Layer 2 bridging, devices communicate directly using their local MAC addresses, eliminating the necessity for IP address management.
*'''NOTE: Make sure to remove any Managed IPs that might have stayed when the Auto-assigned feature was turned on (by default, ZeroTier keeps it on).'''
*In the '''Advanced section → Managed Routes,''' add the LAN network route (in this case, 192.168.1.0/24), which ensures communication within the bridge. This allows devices in the ZeroTier network to communicate with devices on the LAN.
[[File:Managed Routes.png||500×200]]
*To ensure convenience and avoid any IP or routing conflicts, it is recommended to remove any other automatically assigned routes in ZeroTier. By doing so, you can prevent routing issues and ensure smoother communication within the LAN bridge network of 192.168.1.0/24 over the ZeroTier Network.
If everything was done correctly, you should be able to ping devices connected to separate routers. Let us test this by pinging a laptop connected to the second router (192.168.1.163) from a laptop connected to the first router (192.168.1.220):
If everything was done correctly, you should be able to ping devices connected to separate routers. Let us test this by pinging a laptop connected to the second router (192.168.1.163) from a laptop connected to the first router (192.168.1.220):
[[File:Zerotier configuration testing v1.png]]
[[File:Zerotier configuration testing v1.png]]
'''Note:''' If you wish to add more routers to the bridged network, you should configure them according to the second router configuration.
[[Category:VPN]]