Changes

284 bytes added , 8 August

no edit summary

Line 1: Line 1: −

<~~span~~ style="color: red;">The information in this page is updated in accordance with ~~the RUTXXX_R_00_07_02<~~/~~b><~~/~~span>~~ firmware version.</~~span~~>

+

The information in this page is updated in accordance with [https://wiki.teltonika-networks.com/view/FW_%26_SDK_Downloads'''00.07.08.1'''] firmware version.

ZeroTier One is an open source software which can establish Peer to Peer VPN (P2PVPN) connection between various devices running various operating systems. It also provides network management possibilities such as routing and creating firewall rules.

Line 8: Line 8:

This article contains step-by-step instructions on how to set up and manage a Zerotier network using Teltonika-Networks devices alongs with other equipment.

−

== Setting up a ZeroTier network==

+

==Setting up a ZeroTier network==

<ul>

<li>Go to https://my.zerotier.com/login and log in or create an account if you haven't already.</li>

−

<li>Open the 'Networks' tab and click the 'Create a Network' button. [[File:~~Zerotier_configuration_1~~.png|border|class=tlt-border]]</li>

+

<li>Open the 'Networks' tab and click the 'Create a Network' button. [[File:RutOS_ZeroTier_7.8_1_network.png|border|class=tlt-border|1000px]]</li>

−

<li>Click the newly created network to begin configuration. [[File:~~Zerotier_configuration_2~~.png|border|class=tlt-border]]</li>

+

<li>Click the newly created network to begin configuration. [[File:RutOS_ZeroTier_7.8_2.png|border|class=tlt-border|1000px]]</li>

<li>Before configuring anything else, you may want to set up some basic settings.

<ol>

Line 19: Line 19:

<li>Optionally, set up a name and description for your network for easier management.</li>

<li>Select 'Private' access control type; unless you want nodes to connect freely, without authorization.</li>

−

</ol>[[File:~~Zerotier_configuration_3~~.png|border|class=tlt-border]]

+

</ol>[[File:RutOS_ZeroTier_7.8_3.png|border|class=tlt-border]]

</li>

−

<li>Scroll down to find the 'IPv4 Auto-Assign' section. Select one of the provided private IP ranges for your network or click 'Advanced' and set up the range manually. For this example we'll be using the 10.147.17.* selection which means our network will be using the 10.147.17.0/24 IP range. [[File:~~Zerotier_configuration_4~~.png|border|class=tlt-border]]</li>

+

<li>Scroll down to find the 'IPv4 Auto-Assign' section. Select one of the provided private IP ranges for your network or click 'Advanced' and set up the range manually. For this example we'll be using the 10.147.17.* selection which means our network will be using the 10.147.17.0/24 IP range. [[File:RutOS_ZeroTier_7.8_4.png|border|class=tlt-border]]</li>

</ul>

Line 43: Line 43:

<li>Enter a custom name for the configuration.</li>

<li>Click 'Add'.</li>

−

~~<li>Click the 'Edit' button next to the newly created configuration.</li>~~

+

</ol>[[File:RutOS_ZeroTier_7.8_5.png|border|class=tlt-border|1000px]]

−

</ol>[[File:~~Zerotier_configuration_5~~.png|border|class=tlt-border]]

</li>

<li>Complete the configuration.

<ol>

<li>Turn the instance on.</li>

−

<li>Paste the ZeroTier Network ID into the '~~Networks~~' field.</li>

+

<li>Add custom instance name.</li>

−

<li>~~Click~~ '~~Save & Apply~~'.</li>

+

<li>Click 'Add'.</li>

−

</ol>[[File:~~Zerotier_configuration_6~~.png|border|class=tlt-border]]

+

</ol>[[File:RutOS_ZeroTier_7.8_6fix.png|border|class=tlt-border|1000px]]

+

</li>

+

<li>Complete the configuration.

+

<ol>

+

<li>Enable '''instance''' on.</li>

+

<li>Paste the ZeroTier Network ID into the '''Network ID''' field.</li>

+

<li>Enable '''Allow managed IP'''.</li>

+

</ol>[[File:RutOS_ZeroTier_7.8_9.png|border|class=tlt-border|1000px]]

</li>

<li>Go to the ZeroTier Central dashboard and [[#Node_authorization|authorize]] this node.</li>

−

<li>To check the status of the connection from your device, go to the ~~Services~~ → CLI page and [[Command Line Interfaces|log in]]. Check connection status with this command:<pre>zerotier-cli info</pre>Check ZeroTier interface IP address with this command (replacing <network> with the ZeroTier Network ID):<pre>zerotier-cli get <network> ip</pre>[[File:~~Zerotier_configuration_15~~.png|border|class=tlt-border]]</li>

+

<li>To check the status of the connection from your device, go to the '''System → Maintenance → CLI''' page and [[Command Line Interfaces|log in]]. Check connection status with this command:<pre>zerotier-cli info</pre>Check ZeroTier interface IP address with this command (replacing <network> with the ZeroTier Network ID):<pre>zerotier-cli get <network> ip</pre>[[File:RutOS_ZeroTier_7.8_8.png|border|class=tlt-border]]</li>

</ul>

Line 102: Line 108:

</ol>

−

[[File:~~Zerotier_configuration_10~~.png|border|class=tlt-border]]

+

[[File:RutOS_ZeroTier_7.8_7.png|border|class=tlt-border]]

==Private network access==

Line 133: Line 139:

<ol>

<li>Enter a custom name for the rule.</li>

−

~~<li>Select zerotier as the external zone.</li>~~

<li>Enter an external port number for listening for incoming connections.</li>

−

~~<li>Select lan as the internal zone.</li>~~

<li>Enter a device's IP in the local network.</li>

<li>Enter a device's listening port number.</li>

<li>Click 'Add'.</li>

−

</ol>[[File:~~Zerotier_configuration_13~~.png|border|class=tlt-border]]

+

</ol>[[File:RutOS_ZeroTier_7.8_10.png|border|class=tlt-border|1000px]]

</li>

−

<li>Since this configuration concerns port 80, the default HTTP port, configuring it like this would eliminate WebUI access to the Teltonika device over the ZeroTier network. To maintain that access, consider using a different external port: [[File:~~Zerotier_configuration_14~~.png|border|class=tlt-border]]</li>

+

<li>Since this configuration concerns port 80, the default HTTP port, configuring it like this would eliminate WebUI access to the Teltonika device over the ZeroTier network. To maintain that access, consider using a different external port: [[File:RutOS_ZeroTier_7.8_11.png|border|class=tlt-border|1000px]]</li>

+

<li>Then you will be prompted to the configuration window:

+

<ol>

+

<li>'''Enable the port forward'''.</li>

+

<li>Click on the '''Save & Apply''' button.</li>

+

</ol>[[File:RutOS_ZeroTier_7.8_12.png|border|class=tlt-border|]]

+

</li>

</ul>

Line 152: Line 162:

*Navigate to '''''Services → VPN → ZeroTier''''' and access the ZeroTier Instance created previously to edit it for the bridging of LAN’s.

−

[[File:~~Zerotier Interfacev2~~.png|border|class=tlt-border|1050x1050px]]

+

[[File:RutOS_ZeroTier_7.8_14.png|border|class=tlt-border|1050x1050px]]

*From the '''''Bridge to''''' dropdown menu, select '''''LAN'''''. This option bridges The ZeroTier interface with the device's LAN interface, which extends the network and allows for Layer 2 communication via ZeroTier. Bridges operate at the data link layer and facilitate seamless communication between devices on different LAN segments

*Save & Apply settings

Line 159: Line 169:

----

−

*Navigate to '''''Services → VPN → Zerotier''''' → and access the ZeroTier instance, configuring it the same way as the first router.

+

*Navigate to '''''Services → VPN → Zerotier''''' → and access the ZeroTier instance, configuring it the same way as the '''first router'''.

−

* Navigate to '''''Network → LAN → ~~General~~ settings''''' and change the '''IPv4 address''' to an IP that is in the same subnet as the first router (We will use 192.168.1.2 for this example)

+

* Navigate to '''''Network → LAN → Edit instance settings''''' and change the '''IPv4 address''' to an IP that is in the same subnet as the first router (We will use 192.168.1.2 for this example)

−

*~~Navigate to '''''Network → Interfaces → LAN → DHCP Server''''' and~~ Disable ~~'''DHCP server''' option~~

+

*Disable DHCPv4 & DHCPv6

*Save & Apply settings

−

[[File:~~Zerotier configuration rut 2 configuration v1~~.png|border|class=tlt-border]]

+

[[File:RutOS_ZeroTier_7.8_13.png|border|class=tlt-border]]

=== ZeroTier Portal===

Line 170: Line 180:

*Open your ZeroTier Portal (https://my.zerotier.com/) and navigate to your ZeroTier Network.

*Scroll down to Members and enable '''"Allow Ethernet Bridging"''' option on both devices

−

[[File:ZeroTier Portal Bridging v1.3.png|~~500×200~~]][[File:ZeroTier Portal Bridging v1.2.png|~~500x200~~]]

+

[[File:ZeroTier Portal Bridging v1.3.png|500×200px]][[File:ZeroTier Portal Bridging v1.2.png|500x200px]]

*Make sure to turn off '''Auto-Assign from Range''' in the '''advanced section'''. Since this is a Layer 2 bridge configuration, there is no need for IP addresses on the ZeroTier Interfaces and managed IPs. With Layer 2 bridging, devices communicate directly using their local MAC addresses, eliminating the necessity for IP address management.

*'''NOTE: Make sure to remove any Managed IPs that might have stayed when the Auto-assigned feature was turned on (by default, ZeroTier keeps it on).'''

*In the '''Advanced section → Managed Routes,''' add the LAN network route (in this case, 192.168.1.0/24), which ensures communication within the bridge. This allows devices in the ZeroTier network to communicate with devices on the LAN.

−

[[File:Managed Routes.png|~~|500×200~~]]

+

[[File:Managed Routes.png|500×200px]]

*To ensure convenience and avoid any IP or routing conflicts, it is recommended to remove any other automatically assigned routes in ZeroTier. By doing so, you can prevent routing issues and ensure smoother communication within the LAN bridge network of 192.168.1.0/24 over the ZeroTier Network.

Dziugas.Syminas

Administrators

330

edits

Namespaces

Variants

Views

More

Search

Changes

ZeroTier Configuration (view source)

Revision as of 13:46, 8 August 2024

Navigation menu

Personal tools

NAVIGATION

Tools

Categories