ZeroTier One VPN configuration RutOS: Difference between revisions
PauliusRug (talk | contribs) No edit summary |
No edit summary |
||
Line 14: | Line 14: | ||
</ul> | </ul> | ||
== | ==Setting up a ZeroTier network== | ||
< | <ul> | ||
<li>Go to | <li>Go to https://my.zerotier.com/login and log in or create an account if you haven't already.</li> | ||
[[File: | <li>Open the 'Networks' tab and click the 'Create a Network' button.<br>[[File:RutOS_ZeroTier_7.8_1_network.png|border|class=tlt-border|1000px]]</li> | ||
<li>Click the newly created network to begin configuration.<br>[[File:RutOS_ZeroTier_7.8_2.png|border|class=tlt-border|1000px]]</li> | |||
<li>Before configuring anything else, you may want to set up some basic settings. | |||
<ol> | |||
<li>Copy the Network ID; you will need it later for ZeroTier node configuration.</li> | |||
<li>Optionally, set up a name and description for your network for easier management.</li> | |||
<li>Select 'Private' access control type; <u>unless</u> you want nodes to connect freely, without authorization.</li> | |||
</ol>[[File:RutOS_ZeroTier_7.8_3.png|border|class=tlt-border]] | |||
</li> | |||
<li>Scroll down to find the 'IPv4 Auto-Assign' section. Select one of the provided private IP ranges for your network or click 'Advanced' and set up the range manually. For this example we'll be using the <b>10.147.17.*</b> selection which means our network will be using the <b>10.147.17.0/24</b> IP range.<br>[[File:Networking_rutxxx_configuration_zerotier_network_settings_v1.jpg|border|class=tlt-border]]</li> | |||
</ul> | |||
The last step concludes the ZeroTier network configuration. However, you may want to modify to the settings based on your specific requirements, but this particular network will function without any additional settings. | |||
The next step is configuring members (aka nodes) for our ZeroTier network. | |||
==RUT1 and RUT2 configuration== | |||
The configuration for both of the routers are the same. | |||
---- | ---- | ||
<li> | <ul> | ||
<li>Log in to your device's WebUI, and navigate to the Services → Package Manager page.</li> | |||
<li>Find the ZeroTier package in the list and install it.</li> | |||
<li> | <li>Navigate to the Services → VPN → ZeroTier page and create a new ZeroTier configuration. | ||
<ol> | |||
<li>Enter a custom name for the configuration.</li> | |||
<li>Click 'Add'.</li> | |||
</ol>[[File:RutOS_ZeroTier_7.8_5.png|border|class=tlt-border|1000px]] | |||
</li> | |||
<li> | <li>Complete the configuration. | ||
<ol> | |||
<li>Turn the instance on.</li> | |||
<li>Add custom instance name.</li> | |||
<li>Click 'Add'.</li> | |||
</ol>[[File:RutOS_ZeroTier_7.8_6fix.png|border|class=tlt-border|1000px]] | |||
</li> | |||
<li>Complete the configuration. | |||
<ol> | |||
<li>Enable '''instance''' on.</li> | |||
<li>Paste the ZeroTier Network ID into the '''Network ID''' field.</li> | |||
<li>Enable '''Allow managed IP'''.</li> | |||
</ol>[[File:RutOS_ZeroTier_7.8_9.png|border|class=tlt-border|1000px]] | |||
</li> | |||
<li>Since both routers are configured, we can clearly see that routers have different physical IPs and for this example, we will make Router 2 with 12.12.12.12 IP (Managed IP:172.28.93.10) who will be our VPN client get the 31.31.31.31 IP (Managed IP:172.28.249.49 ) from the other Router 1 | |||
who will be our VPN server:<br> | who will be our VPN server:<br> | ||
[[File:Networking rutxxx zerotier client and server v1.jpg|border|class=tlt-border|1000px]]</li> | [[File:Networking rutxxx zerotier client and server v1.jpg|border|class=tlt-border|1000px]]</li> | ||
---- | ---- | ||
<li>For this we first will need to take the VPN servers (Router1) managed IP and input it into our Managed Routes on our Zerotier network so that all connected devices which want to use the VPN service will know where our VPN server is and save the configuration:<br>[[File:Networking rutxxx configuration zerotier route v2.jpg|border|class=tlt-border|1000px]] | <li>For this we first will need to take the VPN servers (Router1) managed IP and input it into our Managed Routes on our Zerotier network so that all connected devices which want to use the VPN service will know where our VPN server is and save the configuration:<br>[[File:Networking rutxxx configuration zerotier route v2.jpg|border|class=tlt-border|1000px]] | ||
==Testing the configuration== | |||
<li>And now we can confirm client (Router 2) obtaining the server IP address on a console or the CLI on the Service tab with the “curl ifconfig.co” command.<br> | <li>And now we can confirm client (Router 2) obtaining the server IP address on a console or the CLI on the Service tab with the “curl ifconfig.co” command.<br> | ||
Before: | Before: | ||
<pre>root@Teltonika- | <pre>root@Teltonika-RUTX50:~# curl icanhazip.com | ||
12.12.12.12 | 12.12.12.12 | ||
</pre> | </pre> | ||
After: | After: | ||
<pre>root@Teltonika- | <pre>root@Teltonika-RUTX50:~# curl icanhazip.com | ||
31.31.31.31 | 31.31.31.31 | ||
</pre> | </pre> | ||
</li> | </li> | ||
[[Category:VPN]] | [[Category:VPN]] |
Revision as of 13:01, 8 August 2024
Main Page > General Information > Configuration Examples > VPN > ZeroTier One VPN configuration RutOSZeroTier One is an open source software product that establishes Peer to Peer VPN (P2PVPN) connection between laptops, desktops, phones, embedded devices, cloud resources, and apps.
Introduction
This article contains step-by-step instructions on how to set up a Zerotier VPN connection using RUTxxx routers.
Prerequisites
You will need:
- Two RUTxxx routers
- An end device to configure the routers (PC, Laptop, Tablet, Smartphone)
Setting up a ZeroTier network
- Go to https://my.zerotier.com/login and log in or create an account if you haven't already.
- Open the 'Networks' tab and click the 'Create a Network' button.
- Click the newly created network to begin configuration.
- Before configuring anything else, you may want to set up some basic settings.
- Copy the Network ID; you will need it later for ZeroTier node configuration.
- Optionally, set up a name and description for your network for easier management.
- Select 'Private' access control type; unless you want nodes to connect freely, without authorization.
- Scroll down to find the 'IPv4 Auto-Assign' section. Select one of the provided private IP ranges for your network or click 'Advanced' and set up the range manually. For this example we'll be using the 10.147.17.* selection which means our network will be using the 10.147.17.0/24 IP range.
The last step concludes the ZeroTier network configuration. However, you may want to modify to the settings based on your specific requirements, but this particular network will function without any additional settings.
The next step is configuring members (aka nodes) for our ZeroTier network.
RUT1 and RUT2 configuration
The configuration for both of the routers are the same.
- Log in to your device's WebUI, and navigate to the Services → Package Manager page.
- Find the ZeroTier package in the list and install it.
- Navigate to the Services → VPN → ZeroTier page and create a new ZeroTier configuration.
- Enter a custom name for the configuration.
- Click 'Add'.
- Complete the configuration.
- Turn the instance on.
- Add custom instance name.
- Click 'Add'.
- Complete the configuration.
- Enable instance on.
- Paste the ZeroTier Network ID into the Network ID field.
- Enable Allow managed IP.
- Since both routers are configured, we can clearly see that routers have different physical IPs and for this example, we will make Router 2 with 12.12.12.12 IP (Managed IP:172.28.93.10) who will be our VPN client get the 31.31.31.31 IP (Managed IP:172.28.249.49 ) from the other Router 1
who will be our VPN server:
- For this we first will need to take the VPN servers (Router1) managed IP and input it into our Managed Routes on our Zerotier network so that all connected devices which want to use the VPN service will know where our VPN server is and save the configuration:
Testing the configuration
- And now we can confirm client (Router 2) obtaining the server IP address on a console or the CLI on the Service tab with the “curl ifconfig.co” command.
Before:root@Teltonika-RUTX50:~# curl icanhazip.com 12.12.12.12
After:
root@Teltonika-RUTX50:~# curl icanhazip.com 31.31.31.31