[Guide] ZeroTier on Ubiquiti EdgeRouter as VLAN

Tips and Guides
1

1. Sources

2. Introduction

Based on the 2 articles, I have created a consolidated guide on how to connect a EdgeRouter to ZeroTier and provide it as VLAN. If there are any mistakes or additions needed, please let me know. I hope that this guide will help some people.

Tested with EdgeRouter X (v2.0.9-hotfix.4) and EdgeRouter 10X (v2.0.9-hotfix.4)

3. Example Information

3.1 ZeroTier Network

  • Id = c7c8172af19
  • Name = mynetworkname
  • Network = 10.203.0.0/24
  • Range Start = 10.203.0.2
  • Range End = 10.203.0.254

3.2 EdgeRouter Local Network

  • EdgeRouter IP (eth0) = 192.168.2.75

3.3 EdgeRouter ZeroTier Network

  • Name = eth203
  • Description = eth.mynetworkname
  • EdgeRouter IP (eth203) = 10.203.0.123

3.4 EdgeRouter VLAN

  • Id = 203
  • Description = vlan.mynetworkname
  • Network = 10.203.1.0/24
  • Range Start = 10.203.1.2
  • Range End = 10.203.1.254
  • Router = 10.203.1.1
  • Router = 1.1.1.1

4. Guide

4.1 ZeroTier | Web UI | Create Network

  1. Navigate to “Basics”
  2. Note the “Network ID” for later use → c7c8172af19
  3. Set “Name” to mynetworkname
  4. Navigate to “Advanced”
  5. Define your network at “Managed Routes” → “Destination” to 10.203.0.0/24
  6. Click “Submit”
  7. Set “IPv4 Auto-Assign” → “Range Start” to 10.203.0.2
  8. Set “IPv4 Auto-Assign” → “Range End” to 10.203.0.254
  9. Click “Submit”

4.2 EdgeRouter | SSH | Install or Update ZeroTier

Note: Only needed once

  1. sudo -i
  2. curl -s https://install.zerotier.com | sudo bash

4.3 EdgeRouter | SSH | Create firmware upgrade persistence

Note: Only needed once

  1. cd /var/lib
  2. mv /var/lib/zerotier-one /config/scripts/
  3. ln -s /config/scripts/zerotier-one

4.4 EdgeRouter | SSH | Join ZeroTier network

  1. zerotier-cli join c7c8172af19

4.5 EdgeRouter | SSH | Map your ZeroTier interface

  1. vi /var/lib/zerotier-one/devicemap
  2. Add c7c8172af19=eth203
  3. Press
  4. Press :
  5. Enter the following wq
  6. Press
  7. Restart ZeroTier /etc/init.d/zerotier-one restart

4.6 EdgeRouter | SSH | Enable new eth203 interface in EdgeOS

  1. configure
  2. set interfaces ethernet eth203 description "eth.mynetworkname"
  3. commit
  4. save

4.7 ZeroTier | Web UI | Allow EdgeRouter as member and bridge

  1. Navigate to “Members”
  2. Find your EdgeRouter
  3. Enable the “Auth?”-Checkbox
  4. Click on the settings icon
  5. Enable the “Allow Ethernet Bridging”-Checkbox
  6. Optional: Change the EdgeRouter IP
  7. Note the EdgeRouter IP for later use → 10.203.0.123

4.8 ZeroTier | Web UI | Add Managed Route

  1. Navigate to “Advanced”
  2. Set “Managed Routes” → “Destination” to 10.203.1.0/24
  3. Set “Managed Routes” → “Via” to 10.203.0.123
  4. Click “Submit”

4.9 EdgeRouter | Web UI | Create VLAN Interface

  1. Navigate to “Dashboard” → “Add Interface” → “Add VLAN”
  2. Set “VLAN ID” to 203
  3. Set “Interface” to switch0
  4. Set “Description” to vlan.mynetworkname
  5. Set “Address” to Manually define IP address → 10.203.1.1/24
  6. Click “Save”

4.10 EdgeRouter | Web UI | Create DHCP Server for VLAN

  1. Navigate to “Services” → “Add DHCP Server”
  2. Set “DHCP Name” to vlan.mynetworkname
  3. Set “Subnet” to 10.203.1.0/24
  4. Set “Range Start” to 10.203.1.2
  5. Set “Range Stop” to 10.203.1.254
  6. Set “Router” to 10.203.1.1
  7. Set “DNS 1” to 1.1.1.1 or anyone you like
  8. Click"Save"

4.11 EdgeRouter | Web UI | Add Source NAT Rule

  1. Navigate to “Firewall/NAT” → “NAT” → “Add Source NAT Rule”
  2. Set “Description” to snat.mynetworkname
  3. Set “Outbound Interface” to eth203
  4. Set “Translation” to Specify address and/or port → 10.203.0.123
  5. Set “Protocol” to All protocols
  6. Set “Src Address Group” → “Interface Addr” to switch0.203
  7. Click “Save”

4.12 EdgeRouter | Web UI | Add Destination NAT Rule

  1. Navigate to “Firewall/NAT” → “NAT” → “Add Destination NAT Rule”
  2. Set “Description” to dnat.mynetworkname
  3. Set “Inbound Interface” to eth203
  4. Set “Translations” → “Address” to 192.168.2.75
  5. Set “Protocol” to All protocols
  6. Set “Dest Address Group” → “Interface Addr” to switch0.203
  7. Click “Save”
  8. That’s it!
1 Like
3

Since I can’t update the guide here, please visit the latest version at Ubiquiti: https://community.ui.com/questions/Guide-ZeroTier-on-a-Ubiquiti-EdgeRouter-as-VLAN/e8974aaf-011d-42ef-8263-3899bbb26462