OK folks, so I’ve setup my openwrt router, everything is working by following this guide: Home · mwarning/zerotier-openwrt Wiki · GitHub
The problem is I can ping some of the devices e.g. printer, camera etc but some devices won’t respond to ping and I can’t get access to them, e.g. I have my nextcloud instance running on IP 192.168.1.222 but I can’t access it, my camera however on IP .250, I can access perfectly fine.
I have restarted the zerotier service on the router, but that hasn’t fixed it, so currently I’m at a loss as to why it works for some and not others.
I’m struggling to see what the issue is, need some help debugging this please.
Without having read that article, it sounds like you’re doing bridging from the OpenWRT Router. So you have some remote device that is also on the 192.168.1.0/24 range. and you want it to talk strictly at Layer2.
If that is accurate, (from a design perspective), do you actually need the hosts to talk on Layer2? There’s some added complexity with stretching L2 into on-prem over a WAN, along with less visibility when troubleshooting. Just food for thought.
I might need more info on your deployment, but when you’re pinging your printer and camera, is that coming from a remote device on your ZT network? If so, it would seem to indicate you have things configured correctly for OpenWRT and ZT.
What is your NextCloud running on? Is it a docker on a host? Can you ping other Dockers/Services on that host?
I have this setup
internet == openwrt(running ZT - in bridging mode) == lan == camera, printer, server etc.
Then I connect my phone to ZT via 4g/5g and when I am not at home I can see my camera.
This is my ZT config:
Auto assign pools:
172.23.0.1 to 172.23.0.255
My Router IP is 192.168.1.1
ZT IP on the router is 172.23.0.1
This setup should work and does work - for some IPs, but I’m trying to figure out why it doesn’t for ALL IPs?
For the time being I have fixed it by installed ZT on my server and now suddenly 192.168.1.222 pings and works fine…
BUT I shouldn’t have to do that…
Is it currently only services running on that server that are not reachable without putting ZT directly on it?
My immediate guess is the Server has a host level firewall that is blocking your traffic. A quick way to test this is disable the ZT you just put on your server, and try to ping the remote ZT node from the server. If that ping work, but you can’t ping from the remote Node to services on the server, then it’s a host level issue.
One side note: You’re not actually doing bridging right now. You’re doing a routed setup. For it to actually bridge, you’d need your on-prem LAN subnet (192.168.1.0/24) to be the same subnet as your ZT nodes.
It doesn’t seem right now that you actually need bridging though, so that’s perfectly fine.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.