ZeroTier One VPN configuration RutOS: Difference between revisions

From Teltonika Networks Wiki
No edit summary
No edit summary
Line 12: Line 12:
     <li>Two RUTxxx routers</li>
     <li>Two RUTxxx routers</li>
     <li>An end device to configure the routers (PC, Laptop, Tablet, Smartphone)</li>
     <li>An end device to configure the routers (PC, Laptop, Tablet, Smartphone)</li>
</ul[[Category:Configuration Examples]]>
</ul>


==Configuration==
==Configuration==

Revision as of 14:15, 2 August 2023

Main Page > General Information > Configuration Examples > VPN > ZeroTier One VPN configuration RutOS

ZeroTier One is an open source software product that establishes Peer to Peer VPN (P2PVPN) connection between laptops, desktops, phones, embedded devices, cloud resources, and apps.

Introduction

This article contains step-by-step instructions on how to set up a Zerotier VPN connection using RUTxxx routers.

Prerequisites

You will need:

  • Two RUTxxx routers
  • An end device to configure the routers (PC, Laptop, Tablet, Smartphone)

Configuration

  1. Go to www.zerotier.com and register an account. After the registration you will be able to create a network in the networks tab:

  2. Your newly created network should look somewhat similar to this:


    You will need to remember your Network ID and assign IP addresses that will not conflict with your current networks on your devices. You also need to decide your access control which will decide if you want to control who has access to your network (Private Network) or just allow everyone in (Public Network).

  3. Find out the public IP addresses of your routers. You can do this by visiting a website like whatsmyip.org or by using the curl ifconfig.co command via CLI or SSH.

  4. Navigate to the Services → VPN → Zerotier page. Enable Zerotier, add new network instance, enable it, specify your network ID, and save:

    The first time Zerotier is enabled it creates a unique address for you which can take a bit of time.

  5. After a minute or two your router's Zerotier address should become visible on the network options. Note: For peace of mind, you can name the connection:

  6. If you have the network set to be Private, you will need to authenticate it as well to allow access to this network. You can do that from the Services → CLI page. Login (user: root; password: router's admin password) and type ifconfig. It should give you a "zt" interface with the same IP. If you see these options, it means you are connected to the Zerotier network and will be capable to reach other devices also connected there.

  7. Since both routers are configured, we can clearly see that routers have different physical IPs and for this example, we will make Router 2 with 12.12.12.12 IP (Managed IP:172.28.93.10) who will be our VPN client get the 31.31.31.31 IP (Managed IP:172.28.249.49 ) from the other Router 1 who will be our VPN server:

  8. For this we first will need to take the VPN servers (Router1) managed IP and input it into our Managed Routes on our Zerotier network so that all connected devices which want to use the VPN service will know where our VPN server is and save the configuration:

  9. And now we can confirm client (Router 2) obtaining the server IP address on a console or the CLI on the Service tab with the “curl ifconfig.co” command.
    Before:
    root@Teltonika-RUT950:~# curl ifconfig.co
    12.12.12.12
    

    After:

    root@Teltonika-RUT950:~# curl ifconfig.co
    31.31.31.31