ZeroTier + Mullvad (or any paid anonymizing VPN)

pc.00000 · September 16, 2021, 10:03pm

My apologies up front for being very networking-unsavvy.

I use ZeroTier as a piece-of-cake way to maintain easy access to a remote computer (Windows on both ends) separated from my home system by various levels of NAT and CG-NAT. This is mainly for the purpose of VNC over SSH. That may or may not be a smart system, but it works well enough for me.

However, I would like to remote computer to only access the external internet via a paid anonymizing VPN such as Mullvad, while keeping it accessible in my ZeroTier private network. In other words, I want to log into that remote computer over my ZeroTier network and then access the external internet from that remote computer via Mullvad (or equivalent).

I can’t find any decent information via Google on how one would achieve this, or if it’s even possible. The remote computer has dual network ports if that makes a difference, with the additional option of a USB WiFi adapter.

Can anyone here help me out, please?

zt-travis · September 16, 2021, 10:49pm

Hello,
welcome to the forum.
That unfortunately might be pretty tricky to get working. Privacy VPNs take over the internet access for the machine, ZeroTier will be going through the VPN too. They also block a lot of stuff, everything that isn’t the web, so ZeroTier might not work at all.
I don’t use a privacy vpn, but i do see a lot of comments and questions about them not getting along with zerotier!

josha · September 21, 2021, 1:52pm

I managed to get this working with NordVPN. I was running in linux with the official NordVPN client. The key thing was this command:

nordvpn whitelist add port 9993
nordvpn whitelist add subnet ZT_SUBNET

The ZT_SUBNET should be the zerotier subnet you’ve configured (e.g. 1.0.0.0/24). You may also want to whitelist any other resources on the local network.

Doing that, I was able to reach both ZT resources as well as reach out through the privacy VPN provider. I have the local network of my home network also whitelisted. I don’t remember if that was necessary for ZT to start up or if that was something I setup to access local resources at home.

pc.00000 · October 1, 2021, 1:16am

Thank you, that’s worth considering. I’ve been looking into Mullvad configuration a bit more and it seems like I may be able to set it up with OpenVPN to only tunnel certain applications, but I’ve also read (here on the community forum) that the OpenVPN client and ZeroTier client don’t seem to get along. I wonder if NordVPN’s client would work the same on Windows and get along with ZeroTier.