Use ZT like a VPN

Hi

I am living in Germany but I am very often in Spain
In Spain and in Germany I have a GL-iNET GL-MV1000 on both is ZT installed and working well.

All my devices connected to the Spanisch GL-MV1000 are mainly to watch German movies. So I would need a German IP address.

Can I force my Spanisch GL-iNET GL-MV1000 to connect to my German one - like a VPN- and go from there to the internet?

I can not do a VPN because i have an IPv4 in Spain and IPv6 in Germany.

Alle the ZT devices see each other and working fine.
thanks for your support.

It’s possible. You might not get good performance if one side is v4 only and one is v6 only.

You could also probably just add a route manually in the Spain gl-inet?

0.0.0.0/0 via {zt-ip-of-germany-router}

I don’t know what the UI of the gl-inet looks like to describe more.

And make sure the germany device is set up to allow forwarding between the zt network and WAN.

thanks for the tip
I guess I do something wrong here:
root@GL-MV1000:~# route 0.0.0.0/0 via 172.26.0.10
BusyBox v1.30.1 () multi-call binary.

Usage: route [{add|del|delete}]

Edit kernel routing tables

-n	Don't resolve names
-e	Display other/more information
-A inet{6}	Select address family

maybe this will do it.

ip route add 0.0.0.0/1 via 172.26.0.10
ip route add 128.0.0.0/1 via 172.26.0.10

thanks for your fast help:

this is my output:
root@GL-MV1000:~# ip route add 0.0.0.0/1 via 172.26.0.10

RTNETLINK answers: File exists

root@GL-MV1000:~# ip route add 128.0.0.0/1 via 172.26.0.10

RTNETLINK answers: File exists

ah sorry. Some similar route already exist possibly. It can be a pain to figure out sometimes.
ip route will show the existing routes.

They don’t have a GUI to add static routes?

I tried replace instead of add without any error but ping 8.8.8.8 did not work so I deleted those lines

here is my route output:
root@GL-MV1000:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.10.10.1 0.0.0.0 UG 10 0 0 wan
10.10.10.0 * 255.255.255.0 U 10 0 0 wan
172.26.0.0 * 255.255.0.0 U 0 0 0 ztly56vpaa
192.168.8.0 * 255.255.255.0 U 0 0 0 br-lan
217.245.107.17 10.10.10.1 255.255.255.255 UGH 0 0 0 wan

I do not know what that means?

This is my route output before i added anything:

root@GL-MV1000:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.10.10.1 0.0.0.0 UG 10 0 0 wan
10.10.10.0 * 255.255.255.0 U 10 0 0 wan
172.26.0.0 * 255.255.0.0 U 0 0 0 ztly56vpaa
192.168.8.0 * 255.255.255.0 U 0 0 0 br-lan
217.245.107.17 10.10.10.1 255.255.255.255 UGH 0 0 0 wan
root@GL-MV1000:~#
root@GL-MV1000:~#
root@GL-MV1000:~#
root@GL-MV1000:~#
root@GL-MV1000:~#

root@GL-MV1000:~# ip route replace 0.0.0.0/1 via 172.26.0.10
root@GL-MV1000:~#
root@GL-MV1000:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.26.0.10 128.0.0.0 UG 0 0 0 ztly56vpaa
default 10.10.10.1 0.0.0.0 UG 10 0 0 wan
10.10.10.0 * 255.255.255.0 U 10 0 0 wan
172.26.0.0 * 255.255.0.0 U 0 0 0 ztly56vpaa
192.168.8.0 * 255.255.255.0 U 0 0 0 br-lan
217.245.107.17 10.10.10.1 255.255.255.255 UGH 0 0 0 wan
root@GL-MV1000:~# ip route replace 128.0.0.0/1 via 172.26.0.10
root@GL-MV1000:~#
root@GL-MV1000:~#

The Genmask is switching from 0.0.0.0 to 128.0.0.0 could this be my problem?

root@GL-MV1000:~#
root@GL-MV1000:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.26.0.10 128.0.0.0 UG 0 0 0 ztly56vpaa
default 10.10.10.1 0.0.0.0 UG 10 0 0 wan
10.10.10.0 * 255.255.255.0 U 10 0 0 wan
128.0.0.0 172.26.0.10 128.0.0.0 UG 0 0 0 ztly56vpaa
172.26.0.0 * 255.255.0.0 U 0 0 0 ztly56vpaa
192.168.8.0 * 255.255.255.0 U 0 0 0 br-lan
217.245.107.17 10.10.10.1 255.255.255.255 UGH 0 0 0 wan

Hello
I was hoping that would create 0.0.0.0/1 via 172.26.0.10 and 128.0.0.0/1 via 172.26.0.10 while keeping the original default route. A common old VPN trick. Not sure why it’s not working.

Another way to try is, create a Managed Route on the zerotier network. 0.0.0.0/0 via 172.26.0.10
Then on your router do zerotier-cli set $networkid allowDefault=1 Probably should have suggested that first.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.