Difference between revisions of "Template:Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX devices"

From Teltonika Networks Wiki
 
(12 intermediate revisions by the same user not shown)
Line 22: Line 22:
  
 
       <ol>
 
       <ol>
         <li>Open the 'Networks' tab and click the 'Create a Network' button.<br></li>
+
         <li>Open the ''''Networks'''' tab and click the ''''Create a Network'''' button.<br></li>
 
         <li>Before configuring anything else, you may want to set up some basic settings.</li>
 
         <li>Before configuring anything else, you may want to set up some basic settings.</li>
 
     </ol>
 
     </ol>
Line 29: Line 29:
  
 
         <ol>
 
         <ol>
             <li>Copy the Network ID; you will need it later for ZeroTier node configuration.</li>
+
             <li>Copy the '''Network ID'''; you will need it later for ZeroTier node configuration.</li>
 
             <li>Optionally, set up a name and description for your network for easier management.</li>
 
             <li>Optionally, set up a name and description for your network for easier management.</li>
             <li>Select 'Private' access control type; <u>unless</u> you want nodes to connect freely, without authorization.</li>
+
             <li>Select ''''Private'''' access control type; unless you want nodes to connect freely, without authorization.</li>
 
         </ol>
 
         </ol>
 
     </li>
 
     </li>
 
             [[File:Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device basic settings v1.png|border|class=tlt-border|1054px]]
 
             [[File:Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device basic settings v1.png|border|class=tlt-border|1054px]]
     <li>Scroll down to find the 'IPv4 Auto-Assign' section. Select one of the provided private IP ranges for your network or click 'Advanced' and set up the range manually. For this example we'll be using the <b>10.147.17.*</b> selection which means our network will be using the <b>10.147.17.0/24</b> IP range.<br>[[File:Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device ipv4 autoassign v2.png|border|class=tlt-border]]</li>
+
     <li>Scroll down to find the ''''IPv4 Auto-Assign'''' section. Select one of the provided private IP ranges for your network or click 'Advanced' and set up the range manually. For this example we'll be using the <b>10.147.17.*</b> selection which means our network will be using the <b>10.147.17.0/24</b> IP range.<br>[[File:Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device ipv4 autoassign v2.png|border|class=tlt-border]]</li>
 
</ul>
 
</ul>
  
Line 44: Line 44:
 
==Node configuration==
 
==Node configuration==
  
Zerotier <b>nodes</b> or <b>members</b> are clients that can connect to a ZeroTier network. This section provides information on how to configure ZeroTier nodes on different types of machines.
+
Zerotier <b>nodes</b> or <b>members</b> are clients that can connect to a ZeroTier network. This section provides information on how to configure ZeroTier nodes on RUTX devices.
  
Take note that if 'Private' access control type is selected, the nodes will only come online after they authorized by you from the ZeroTier Central dashboard. To learn how to authorize nodes, read the Node Authorization section of this article.
+
Take note that if ''''Private'''' access control type is selected, the nodes will only come online after they authorized by you from the ZeroTier Central dashboard. To learn how to authorize nodes, read the [[#Node_authorization|Node authorization]] section of this article.
  
===Teltonika-Networks device===
+
===Teltonika-Networks RUTX device===
 
----
 
----
 
<ul>
 
<ul>
     <li>Log in to your device's WebUI, and navigate to the Services → Package Manager page.</li>
+
     <li>Log into your device's WebUI, and navigate to the '''Services → Package Manager page'''.</li>
 
     <li>Find the ZeroTier package in the list and install it.</li>
 
     <li>Find the ZeroTier package in the list and install it.</li>
     <li>Navigate to the Services → VPN → ZeroTier page and create a new ZeroTier configuration.
+
     <li>Navigate to the '''Services → VPN → ZeroTier''' page and create a new ZeroTier configuration.
 
         <ol>
 
         <ol>
 
             <li>Enter a custom name for the configuration.</li>
 
             <li>Enter a custom name for the configuration.</li>
             <li>Click 'Add'.</li>
+
             <li>Click ''''Add''''.</li>
 
         </ol>
 
         </ol>
     </li>Click the 'Edit' button next to the newly created configuration.
+
     </li>
 
     <li>
 
     <li>
 
     </li>[[File:Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device add intance v1.png|border|class=tlt-border|1054px]]
 
     </li>[[File:Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device add intance v1.png|border|class=tlt-border|1054px]]
 
+
    <li>Click the ''''Edit'''' button and will be forwarded to the newly created configuration menu.</li>[[File:Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device edit intance v1.png|border|class=tlt-border|1054px]]
 
 
 
     <li>Complete the configuration.
 
     <li>Complete the configuration.
 
         <ol>
 
         <ol>
 
             <li>Turn the configuration on.</li>
 
             <li>Turn the configuration on.</li>
             <li>Paste the ZeroTier Network ID into the 'Networks' field.</li>
+
             <li>Paste the ZeroTier Network ID into the ''''Networks'''' field.</li>
             <li>Click 'Save & Apply'.</li>
+
             <li>Click ''''Save & Apply''''.</li>
         </ol>[[File:Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device edit intance v1.png|border|class=tlt-border|1054px]]
+
            <li>You will be redirected to the overview and the '''node ID''' will be created automatically</li>
 +
         </ol>
 
[[File:Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device enable intance v1.png|border|class=tlt-border|1054px]]
 
[[File:Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device enable intance v1.png|border|class=tlt-border|1054px]]
  
Line 76: Line 76:
 
==Node authorization==
 
==Node authorization==
  
When Access Control is set to 'Private', you will have to approve new nodes manually from the ZeroTier dashboard before they can become members of the network.
+
When Access Control is set to ''''Private'''', you will have to approve new nodes manually from the ZeroTier dashboard before they can become members of the network.
  
To do this, simply scroll down to the 'Members' section and:
+
To do this, simply scroll down to the ''''Members'''' section and:
  
 
<ol>
 
<ol>
Line 85: Line 85:
 
</ol>
 
</ol>
  
[[File:Zerotier_configuration_10.png|border|class=tlt-border]]
+
[[File:Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device node authorization v1.png|border|class=tlt-border]]
  
==Private network access==
+
==Testing configuration==
 +
===Ping Test===
 +
----
  
If you have configured ZeroTier in accordance with these instructions, your topology may look something like this:
+
If you've followed all the steps presented above, your configuration should be finished. But as with any other configuration, it is always wise to test the setup in order to make sure that it works properly. In order to test the '''ZeroTier''' Tunnel connection.
  
[[File:Zerotier_configuration_access_scheme.png]]
+
<ol>
 +
  <li>login to RUTX WebUI and go to '''Services → CLI'''.</li>
 +
  <li>Login with user name: '''root''' and the router's admin password.</li>
 +
  <li>From there you should then be able to '''ping''' the opposite instance's virtual IP address.</li>
 +
  <li>To use a ping command, type '''ping <ip_address>''' and press the "Enter" key on your keyboard:</li>
 +
</ol>
  
For this routing example, let's assume that we want to provide access to the 192.168.1.0/24 network behind the Teltonika device to your other ZeroTier nodes. There are several ways you can accomplish this.
+
[[File:Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device ping test v2.png|border|class=tlt-border]]
  
===ZeroTier routing===
+
If the ping requests are successful, congratulations, your setup works! If not, we suggest that you review all steps once more.
----
 
<ul>
 
    <li></li>
 
    <li></li>
 
    <li></li>
 
</ul>
 
  
===Port forwarding===
+
===ZeroTier Commands===
 
----
 
----
<ul>
+
Also it's possible to get information about the VPN tunnel configuration and status via '''CLI'''. If you would like to use the '''zerotier-cli''' commands, you need to login to the WebUI:
    <li></li>
+
<ol>
    <li></li>
+
  <li>Go to '''Services → CLI'''.</li>
    <li></li>
+
  <li>Login with user name: '''root''' and the router's '''admin password'''.</li>
</ul>
+
  <li>Write '''zerotier-cli help''' command and press the "Enter" key on your keyboard:</li>
 +
</ol>
  
==Testing configuration==
+
The RUTX will show the commands the '''zerotier-cli''' can issue, for this example we'll get the VPN info/status and IP address.<br><br>
 +
<li>Getting info/status:</li>
 +
<pre>zerotier-cli info</pre>
 +
<li>Getting IP address:<br><span style="color: red;"><b>Note: Need to write your own network ID</b></span></li>
 +
<pre>zerotier-cli get <network ID> ip</pre>
  
If you've followed all the steps presented above, your configuration should be finished. But as with any other configuration, it is always wise to test the setup in order to make sure that it works properly. In order to test the GRE Tunnel connection, login to RUTX WebUI and go to '''Services → CLI'''. Login with user name: '''root''' and the router's admin password. From there you should then be able to '''ping''' the opposite instance's virtual IP address. To use a ping command, type '''ping <ip_address>''' and press the "Enter" key on your keyboard:
+
[[File:Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device zerotier commands v1.png||border|class=tlt-border]]
 
 
[[File:Networking_RUTXxx_configuration_example_test_v1.png]]
 
 
 
If the ping requests are successful, congratulations, your setup works! If not, we suggest that you review all steps once more.
 

Latest revision as of 01:15, 9 July 2020

Introduction

ZeroTier One is an open source software product which establishes Peer to Peer VPN (P2PVPN) connection between laptops, desktops, phones, embedded devices, cloud resources, and apps.

This article contains step-by-step instructions on how to set up and manage a Zerotier network tunnel using two Teltonika-Networks RUTX devices.

Prerequisites

You will need:

  • Two Teltonika RUTX routers
  • A PC to configure the routers

Configuration scheme

Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device schem v1.png

Setting up a ZeroTier network

  • Go to https://my.zerotier.com/login and log in or create an account if you haven't already.
  • Click the newly created network to begin configuration.
    Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device networknameID v1.png
    1. Open the 'Networks' tab and click the 'Create a Network' button.
    2. Before configuring anything else, you may want to set up some basic settings.

    Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device create network v1.png

    1. Copy the Network ID; you will need it later for ZeroTier node configuration.
    2. Optionally, set up a name and description for your network for easier management.
    3. Select 'Private' access control type; unless you want nodes to connect freely, without authorization.
    Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device basic settings v1.png
  • Scroll down to find the 'IPv4 Auto-Assign' section. Select one of the provided private IP ranges for your network or click 'Advanced' and set up the range manually. For this example we'll be using the 10.147.17.* selection which means our network will be using the 10.147.17.0/24 IP range.
    Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device ipv4 autoassign v2.png

The last step concludes the ZeroTier network configuration. However, you may want to modify to the settings based on your specific requirements, but the network will function without any additional settings.

The next step is configuring members (aka nodes) for our ZeroTier network.

Node configuration

Zerotier nodes or members are clients that can connect to a ZeroTier network. This section provides information on how to configure ZeroTier nodes on RUTX devices.

Take note that if 'Private' access control type is selected, the nodes will only come online after they authorized by you from the ZeroTier Central dashboard. To learn how to authorize nodes, read the Node authorization section of this article.

Teltonika-Networks RUTX device


  • Log into your device's WebUI, and navigate to the Services → Package Manager page.
  • Find the ZeroTier package in the list and install it.
  • Navigate to the Services → VPN → ZeroTier page and create a new ZeroTier configuration.
    1. Enter a custom name for the configuration.
    2. Click 'Add'.
  • Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device add intance v1.png
  • Click the 'Edit' button and will be forwarded to the newly created configuration menu.
  • Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device edit intance v1.png
  • Complete the configuration.
    1. Turn the configuration on.
    2. Paste the ZeroTier Network ID into the 'Networks' field.
    3. Click 'Save & Apply'.
    4. You will be redirected to the overview and the node ID will be created automatically

    Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device enable intance v1.png

Node authorization

When Access Control is set to 'Private', you will have to approve new nodes manually from the ZeroTier dashboard before they can become members of the network.

To do this, simply scroll down to the 'Members' section and:

  1. Place check marks next to nodes you wish to authorize.
  2. Additionally, you may want to add names and descriptions for your nodes to make it easier to differentiate between them.

Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device node authorization v1.png

Testing configuration

Ping Test


If you've followed all the steps presented above, your configuration should be finished. But as with any other configuration, it is always wise to test the setup in order to make sure that it works properly. In order to test the ZeroTier Tunnel connection.

  1. login to RUTX WebUI and go to Services → CLI.
  2. Login with user name: root and the router's admin password.
  3. From there you should then be able to ping the opposite instance's virtual IP address.
  4. To use a ping command, type ping <ip_address> and press the "Enter" key on your keyboard:

Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device ping test v2.png

If the ping requests are successful, congratulations, your setup works! If not, we suggest that you review all steps once more.

ZeroTier Commands


Also it's possible to get information about the VPN tunnel configuration and status via CLI. If you would like to use the zerotier-cli commands, you need to login to the WebUI:

  1. Go to Services → CLI.
  2. Login with user name: root and the router's admin password.
  3. Write zerotier-cli help command and press the "Enter" key on your keyboard:

The RUTX will show the commands the zerotier-cli can issue, for this example we'll get the VPN info/status and IP address.

  • Getting info/status:
  • zerotier-cli info
  • Getting IP address:
    Note: Need to write your own network ID
  • zerotier-cli get <network ID> ip

    Networking rutos configuration example Setting up a ZeroTier tunnel between RUTX device zerotier commands v1.png