G’day,
I am trying to get access to one LAN from another two. I set this up because one of my LANs (just 2 weeks) ago ended up behind a CGNAT and hence port forwarding no longer worked. Two of the LANs are talking to each other OK (including the one under CGNAT) but the third one will not connect with the other two, although PC’s on that LAN show status of OK on the ZeroTier network. I have spent days trying to figure this out. If anyone has any suggestions, that would be greatly appreciated.
A couple of quick questions to start:
- When you say you have 3 LANs, is this 3 separate sites, and you have managed routes to the LANs at each individual site? Or do you have 3 individual LANs built directly under the ZeroTier network? Can you list what you have under your “Managed Routes”?
- What kind of devices is ZeroTier running on?
3 LANs in 3 locations i.e. each one behind a router
Managed Routes:
1st LAN cottage - 192.168.195.0/24 via ethernet_32778
2nd LAN home - 192.168.195.0/24 via ethernet_32775
3rd LAN friend - 192.168.195.0/24 via ethernet_32775
I changed a few things so now
1st LAN cottage is -192.168.195.0/24 via ethernet_32775
ZeroTier is running on 1-3 PCs on each LAN and most are Win11, but 1 is Win10 plus one android smartphone.
And now for a very big break, I suspect, and might be a critical issue for ZeroTier installs on new Win11 PC’s. I accidently noticed that some ZeroTier computers had the ZeroTier network adaptor set as private and some as public, but I could find no way to change this as new Win11 systems seemingly did not prompt when installing ZeroTier to be private and it could not be modified afterwards…until I came upon this from your forum: Windows 11 does not prompt for Public/Private network (Windows Firewall setting) · Issue #1671 · zerotier/ZeroTierOne · GitHub
I executed these PoweShell commands (with admin privileges) on all PC’s very easily and set all ZeroTier to Private. This made an amazing difference to functionality given how I have set up network access for Public Networks.
One more issue to sort out.
The routes to every LAN in Zerotier should piont to the gateway in that specific LAN. It looks like you set the routes incorrect. It must something like:
[1st LAN network/24] via [address of the Zerotier pc in that LAN]
[2nd LAN network/24] via [address of the Zerotier pc in that LAN]
[3rd LAN network/24] via [address of the Zerotier pc in that LAN]
The 3 networks should have different network addresses.
If you want to access all devices in the 3 networks you have to setup masqurading on the pc’s running Zerotier or you have to setup static routes in the 3 networks to the pc with Zerotier.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.