Route between ZeroTier and Physical NetworksS

gaukr2013_zt · May 7, 2024, 10:40am

I want do Route between ZeroTier and Physical Networks

Do it how - Route between ZeroTier and Physical Networks | ZeroTier Documentation
Managed routes -

10.144.0.0/16 - (LAN)
192.168.88.0/23 via 10.144.79.101
3. My Physical IP - 192.168.88.196
4. This is rule IPtables:

*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -o ens3 -j MASQUERADE
COMMIT

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A FORWARD -i ens3 -o ztr4n4jft7 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i ztr4n4jft7 -o ens3 -j ACCEPT
COMMIT

Not work, why?

dajhorn · May 9, 2024, 7:20pm

You have a compound problem.

First, this is a NAT configuration; not a routed configuration.
Computers on the LAN will not be able to initiate sessions with computers on the ZeroTier network.

Second, you’ve set my.zerotier.com to assign LAN addresses to ZeroTier clients, which is backwards unless you’re using network jargon incorrectly, which would be another mistake.

Third, you should describe what 192.168.88.196 is doing. Both sides are RFC1918 ranges, so you should clarify what you mean by “physical address”.

Fourth, directly using iptables is difficult. Use a network configuration tool provided by distro or by the desktop environment instead.

gaukr2013_zt · May 21, 2024, 6:26pm

I solve my problem - manage router -

0.0.0.0/0 → 10.144.65.61

system · June 20, 2024, 6:27pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.