Unable to access LAN devices from Laptop

jogden · February 1, 2025, 7:36pm

Hi all,

I just installed Zerotier this morning on my Mikrotik router. It set up fine and using my phone, I can connect to devices on my local network no problem.

But from my Mac laptop, I cannot access any local resources. I can ping the Zerotier IP of my router. I can access the internet just fine. I have zero access to anything on my LAN. The packets are not being routed properly.

In the Zerotier configuration portal I have the following route set up:

0.0.0.0/0 → 192.168.192.159

192.168.192.159 is the Zerotier IP on my router.

It seems to be a routing issue with my Mac. If I do trace routes from both the phone and the Mac, I see very different results. I’m currently remote. And if I do a traceroute to Google’s DNS at 8.8.8.8 I get the following:

Mac:

traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 40 byte packets
 1  * * *
 2  be-90-arsc1.area4.il.chicago.comcast.net (96.216.150.65)  19.478 ms  20.189 ms  23.334 ms
 3  be-501-ar01.area4.il.chicago.comcast.net (96.216.150.114)  20.459 ms
    be-502-ar01.area4.il.chicago.comcast.net (96.216.150.118)  27.235 ms  20.091 ms
 4  c-50-171-101-230.unallocated.comcastbusiness.net (50.171.101.230)  18.855 ms  21.101 ms  13.103 ms
 5  * * *
 6  dns.google (8.8.8.8)  28.807 ms  19.103 ms  17.912 ms

However, on my phone (using HE.NET Network Tools) I get:

traceroute to 8.8.8.8 (8.8.8.8)...
 1 192.168.192.159  127.07ms  96.74ms  95.83ms
 2 10.22.114.194  106.94ms  96.9ms  104.47ms
 3 -  *  *  *
 4 po-310-328-rur202.algonquin.il.chicago.comcast.net (96.216.27.77)  124.65ms  204.14ms  205.89ms
 5 po-200-xar02.algonquin.il.chicago.comcast.net (24.153.88.193)  205.52ms  205.21ms  169.01ms
 6 be-11-ar01.area4.il.chicago.comcast.net (68.87.231.125)  132.63ms  207.77ms  105.19ms
 7 c-50-171-101-230.unallocated.comcastbusiness.net (50.171.101.230)  196.37ms  110.84ms  195.77ms
 8 142.250.209.165  119.86ms  113.85ms  118.82ms
 9 142.251.60.213  116.43ms  109.49ms
 9 -  *
10 dns.google (8.8.8.8)  116.88ms  201.12ms  206.68ms

I’m using the same WiFi network for both the laptop and the phone. So as you see from the traceroutes, the phone is going through my router at 192.168.192.159. The laptop is not. The routes are completely different.

And if I do a traceroute to a device on my LAN from my phone I get:

traceroute to 192.168.0.1 (192.168.0.1)...
 1 192.168.192.159  196.53ms  112.47ms  114.79ms
 2 192.168.0.1  122.8ms  117.5ms  121.04ms

Just like I should. If I try that from my laptop I get:

traceroute 192.168.0.1
traceroute to 192.168.0.1 (192.168.0.1), 64 hops max, 40 byte packets
 1  * * *
 2  * * *
 3  * * *
 4  * * *
 5  * * *
 6  * * *
 7  * * *
 8  * * *
 9  * * *

Showing my routing tables on the laptop I get:

Routing tables

Internet:
Destination        Gateway            Flags               Netif Expire
default            172.20.20.1        UGScg                 en0       
127                127.0.0.1          UCS                   lo0       
127.0.0.1          127.0.0.1          UH                    lo0       
169.254            link#16            UCS                   en0      !
172.20.20/24       link#16            UCS                   en0      !
172.20.20.1/32     link#16            UCS                   en0      !
172.20.20.1        0:0:0:2:2:2        UHLWIir               en0   1195
172.20.20.20/32    link#16            UCS                   en0      !
172.20.20.255      ff:ff:ff:ff:ff:ff  UHLWbI                en0      !
192.168.192        link#41            UC               feth2826      !
192.168.192.255    ff:ff:ff:ff:ff:ff  UHLWbI           feth2826      !
224.0.0/4          link#16            UmCS                  en0      !
239.255.255.250    1:0:5e:7f:ff:fa    UHmLWI                en0       
255.255.255.255/32 link#16            UCS                   en0      !
255.255.255.255    ff:ff:ff:ff:ff:ff  UHLWbI                en0      !

The Zerotier interface is the feth2826 interface. It’s way down and it doesn’t look like my configured route is being respected.

Can someone give any idea what is going on? I have a ZeroTier dump file generated by the CLI if that helps. I don’t want to just post it here in case there’s any information that should not be divulged publicly.

Thanks,

Jon

accelbreaker · February 2, 2025, 2:50am

if i not mistaken, you make one manage route with 0.0.0.0/0 to 192.16.192.159?

this is definitely wrong.

follow this step.

add one Ip4 assign from zero tier. in my case 172.28.asterisk.asterisk (dont know why i cant use asterisk)
add managed route as you want. in my case 172.28.0.0/16
now you need to add your mikrotik to your zerotier
update the IP as you want to have easier memorization in my case 172.28.10.1, etc. one IP per device
now add your mikrotik to managed route in my case 192.168.70.0/24 ( one of my mikrotik local ip) via 172.28.10.1
add another one if you have different location which did not have the same local connection as the one above the same way in my case 192.168.80.0/24 via 172.28.10.2

as easy as that. hope this helps

jogden · February 2, 2025, 4:27am

Well, I was able to get it working by selecting “Allow Default Route Override” on the client. Then things started working. But the challenge is that I need two routes (I did not make that point in my original post). I have two networks locally:

192.168.0.0/23
10.0.0.0/8

I can only set up one route in the zerotier portal unless I pay $$. That’s why I set up the 0.0.0.0/0 route…

erik · February 3, 2025, 7:47am

In that case, you’ll need to add the second route manually (and of course manage it so that it’s only active when needed).

Locally on MacOS:
sudo route add -net 10.0.0.0/8 192.168.192.159
and
sudo route delete -net 10.0.0.0/8