ZeroTier Bridge to acces network and use as VPN

xxgmxxjirka · May 5, 2021, 10:49pm

Hi, is there any easy tutorial on how to set up ZeroTier Bridge, to either use as VPN or to access my home network from my phone or another computer? I have tried it, but I am a bit confused because there is no step-by-step tutorial and other tutorials doesn’t really work for me.
I am trying to set it up for weeks with all tutorials I could find, like this:

This one looks the best of all, but I am really confused about what this means

mv bridge-start /usr/local/bin
mv make-tap /usr/local/bin
mv startvpn.sh /usr/local/bin

should I put the scripts inside the /usr/local/bin or do it with “vi bridge-start” I dont really know, because there is no such script by default. I have mage like 100+ VMs with different tutorials, non of them works. I can ping the devices, but thats all I have done.

Is there easy tutorial to follow, that everyone is able to do or should I just leave this ideta behind ?

xxgmxxjirka · May 6, 2021, 11:51am

Another one is this (better one)
ZT VPN

With this one, everything was working until I get to the " From DO tutorial"

#!/bin/bash
# A very basic IPtables / Netfilter script /etc/firewall/enable.sh

PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'

#service networking restart > /dev/null 2>&1

touch /root/RUNNING_FIREWALL_IPTABLES_NOW

# Flush the tables to apply changes
/sbin/iptables -F

# Default policy to drop 'everything' but our output to internet
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -P INPUT   ACCEPT
/sbin/iptables -P OUTPUT  ACCEPT

# Allow established connections (the responses to our outgoing traffic)
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow local programs that use loopback (Unix sockets)
/sbin/iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT

/sbin/iptables -t nat -A POSTROUTING -o enp2s0 -j MASQUERADE
/sbin/iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i ztklhsm3zp -o enp2s0 -j ACCEPT


exit 0

I am not really sure what this script means. So I read the DO tutorial instead:
DO Tutorial
In the step 5

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

sudo iptables -A FORWARD -i zt0 -o eth0 -j ACCEPT

I probably need to change the eth0 to the name of the “ethernet” of the device. I have it running on VirtualBox and it seems like the eth0 for me is enp0s3. I have changed the command to this.

sudo iptables -t nat -A POSTROUTING -o enp0s3 -j MASQUERADE

sudo iptables -A FORWARD -i zt21r4amuq -o enp0s3 -j ACCEPT

Is it correct ? if I write ifconfig I get somehing like this:

ubuntu@ubuntu:~$ ifconfig
enp0s3    Link encap:Ethernet  HWaddr xxx
          inet addr:192.168.0.167  Bcast:192.168.0.255  Mask:255.255.255.0
.
.
.
zt2lr4amuq Link encap:Ethernet  HWaddr xxx
          inet addr:192.168.0.167  Bcast:192.168.0.255  Mask:255.255.255.0
.
.
.

I can ping the server, server can ping my phone, but if I anable default route, the phone cant acces anything.

system · June 5, 2021, 11:51am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.