A subreddit for discussing the ZeroTier network virtualization platform and all things related.
New to Zerotier. How do I assign an "exit node"?
I tried Tailscale recently and it has a neat function, it let's you specify which device on your Tailscale network to route internet traffic to.
I couldn't find an option to do this on Zerotier, how can I achieve this?
My use case:
I have a PC on NETWORK1 that I want to use remotely, I want my traffic to pass through that PC then onto NETWORK1 as it were originated from that PC. Then I want it to return to me on an Android phone or another PC located somewhere else outside of NETWORK1. Why? I just need to access some of our resources (mostly websites) that are restricted to NETWORK1.
The PC on NETWORK1 sits behind a NAT, so DDNS is out of the question. In addition, port forwarding is out of my control. So that what lead me to find out about Zerotier and Tailscale. I couldn't get Tailscale to work completely yesterday, I do not know if it was a DNS problem or a routing problem, I gave up and plan to try Zerotier tomorrow.
EDIT:
Solution for the time being if the exit node is a Windows PC:
-
On the Zerotier Windows client app check: Allow managed IPs, and Allow Default Route Override
-
In Windows settings > Control Panel > Network and Internet > Network Connections
Go to properties of the physical ethernet adapter that you use, in the sharing tab choose the Zerotier Virtual adapter. Windows will then change the IP address of the Zerotier adapter to 192.168.137.1. Change the IP address back to you proper Zerotier address network/subnet whatever it was (mine for example was 192.168.3.0/24, my home network which includes this PC is 192.168.1.0/24. I didn't include any routes between the two anywhere). This happened at home not NETWORK1.
That's it basically. Tomorrow I'll be back to NETWORK1 mentioned earlier and I'll report back what happens.
On the client on your end you would set up a route in the OS routing table using the
routecommand* that sends traffic to certain hosts (or all hosts by setting up a default route) via a certain Zerotier IP as gateway.On that gateway PC you would have to set up routing and NAT manually, Zerotier does not handle that.
* You might be able to use Zerotier managed routes for this as well.
On the Zerotier routing I used:
0.0.0.0/0 as the destination
172.24.0.2 as the gateway (PC's IP in my zerotier network)
Now, I can ping the PC from my Android, but I can browse any website. What am I missing?
Go to the zerotier web interface for your network and add a route with destination 0.0.0.0/0 with the gateway being the zerotier IP of the exit node.
Then on any other device in the same zerotier network, select "allow default router override" using the GUI or CLI.
Should be as simple as that.
You can turn "allow default router override" on and off on each device as/when you prefer.
Thank you. So i did just that (except allow default router override, because I it doesn't exist on the android app) and I can ping the PC from my android.
However, on the android I can't open any website. Any ideas?
Hey were you able to get the VPN working with a windows host? If so can you share the steps or relevant resouces? I found one for a linux host but I'm clueless how to get it to work with a windows host
Here's how you do it for a linux host