Connection through ZeroTier, access to LAN

The topology is simple, so I am skipping the diagram.

Computer A, ZeroTier address 192.168.192.6
Computer B (Gateway; in ZeroTier 192.168.192.2), physical address 192.168.1.101

I can ping the ZT address on Computer B from Computer A, but I can’t ping its physical address. I need to access the NVR at address 192.168.1.199

Internet advice suggests setting up iptables on a Linux OS. I have decided to do this on Windows. I probably have gaps in my theory. I understand that something needs to manage NAT, and forward my packet where I want it. Iptables consists of three parts (Filter table, Nat table, Magle table), Nat table is responsible for managing where the package should go, the Windows equivalent is the “route” command. That’s all I know.

Unfortunately, I can’t set this up properly. I should mention that there is a router at 192.168.1.1 in the network I want to access. I don’t know if that matters or not. Either way, I should be able to ping 192.168.1.101

In the ZeroTier configuration, in the section “192.168.1.0/24 via 192.168.192.2”

I would appreciate any help. Regards, Groszexxx.

On computer B you have to make it possible to forward packets between the two network interfaces, the zerotier interface and the physical interface. When done you can ping 192.168.1.101

On network 192.168.1.0/24 you have to set a static route for network 192.168.192.0/24 via 192.168.1.101 just as you did on the zerotier network for 192.168.1.0/24 When done your NVR at 192.168.1.199 knows how packets can return to 192.168.192.6, not via the default gateway but via 192.168.1.101

Thx for answer. That’s a new topic for me. I am trying to understand the general concept.
I have writen in cmd (Computer A) : route add 192.168.1.101 mask 255.255.255.255 192.168.192.2
Now i can ping 192.168.1.101 (computer B physical adress). Ofc if i will delete this route, i will lose possibility to ping this.

But my target is reach 192.168.1.199 , so if You would lead me how to do it. Have I set static route where? On pc, which has adress 192.168.1.101 (Computer B) ? If I have understood You correctly: i have explain packet how to return to me… but is it a task for Computer B or router (192.168.1.1)?

Packet forwarding between network interfaces on a Windows pc (I think your compter B is Windows) does not work out of the box. See How can I enable packet forwarding on Windows? - Server Fault for more details.

If you set the static route 192.168.192.0/24 via 192.168.1.101 on your router at 192.168.1.1 this should work for all the computers in that network.

If I would have dissable packet forwarding then i wouldn not ping 192.168…1.101.
For example: when i will write:

route delete 192.168.1.101 mask 255.255.255.255 192.168.192.2

then i cant ping 192.168.1.101
After:

route add 192.168.1.101 mask 255.255.255.255 192.168.192.2

I can ping again 192.168.1.101

I tried realise second part of Your advice and set static rout on router (192.168.1.1), but without success.

routing list1035×369 24.2 KB

I am reading about static route and trying to resolve this.
Below i added my net scheme

net741×497 24.1 KB

Any sgestion?

I found solution. It wasn’t hard. Mr mdr has right. I added static routing on my router. It was first step. Second step was added route in A computer. Earlier i did it separately, so that’s why it didnt work.

Summary:

route add 192.168.1.101 mask 255.255.255.255 192.168.192.2
route add 192.168.1.1 mask 255.255.255.255 192.168.192.2
route add 192.168.1.199 mask 255.255.255.255 192.168.192.2
route add 192.168.1.102 mask 255.255.255.255 192.168.192.2

• add static routing on router (192.168.1.1) like on upper screenshot

Destination Network 192.168.192.0 Subnet Mask 255.255.255.0 Default Gatewat 192.168.1.101

It is all. Thank You.

Edit:
I still dont understand why

route add 192.168.1.0 mask 255.255.255.0 192.168.192.2 doesn’t work…

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.