ZeroTier Full Tunnel VPN

bterps · September 6, 2021, 9:42am

Hi,

I’ve got ZeroTier set up to a GCP instance, and am trying to configure the RB4011 to route all traffic from 1 LAN IP through the tunnel.

I feel like I’m very close, but with the new changes to routing tables and such in v7, its not working. I’ve read a number of different posts and documentation, but still struggling.

Current config:

/ip route
 0  As   dst-address=0.0.0.0/0 routing-table=via-zerotier pref-src="" gateway=10.147.18.127 immediate-gw=10.147.18.127%zerotier1 distance=1 
         scope=30 target-scope=10 suppress-hw-offload=no 
/routing rule
Flags: X - disabled, I - inactive 
 0   routing-mark=via-zerotier action=lookup table=via-zerotier         
/routing table
 0 D   name="main" fib 

 1     name="" fib 

 2     name="via-zerotier" fib
 /ip firewall mangle
  3    chain=forward action=mark-connection new-connection-mark=via-zerotier src-address=192.168.88.246
 /ip firewall nat
  0    ;;; route Xbox to ZeroTier
      chain=srcnat action=masquerade src-address=192.168.88.246 out-interface=zerotier1 log=yes log-prefix="zerotier"

bterps · September 9, 2021, 6:47am

Anyone have any insight for me? Would love any thoughts or insights!

cable · January 4, 2022, 3:23pm

Did you figure it out? I can connect to other routers in Zerotier but can’t seem to route traffic over the tunnel even with a 0.0.0.0/0 route in zero tier with the main router. It works just by checking the Override box on windows just fine.

anav · January 4, 2022, 4:12pm

Yeah, tis frustrating, the lack of any documentation at zerotier for MT and of course lack of MT for MT is ops normal.
One would think MT would actually want to promote the new functionality by providing some decent help guides for the obvious setups.

mozerd · January 4, 2022, 6:15pm

MikroTik are far behind in bringing their documentation for RoS v7.x … I suspect it will take them another full year before the docs are in shape to be helpful.
Insofar as ZT is concerned I cannot see it’s value proposition and am truly intrigued as to why MikroTik decided to add it in as part of their add in unless they are getting a piece of the pie indirectly … IMO TailScale is far superior and works on all of the hardware platforms oferred by Tik ….. ZT currently is very limited …..

anav · January 4, 2022, 6:37pm

yes but I want to implement router to router, smarthphone to router etc policies.
tailscale aint on the router but appreciate that at any time can do tailscale device to device… and it may come to that eventually

mozerd · January 4, 2022, 6:44pm

So you like to waste your time with brute force Huh …. Collaboration is far easier with TailScale ….. but I do understand that you are a brute for punishment so good luck with ZT

jprietove · January 4, 2022, 11:25pm

[quote=mozerd post_id=902834 Collaboration is far easier with TailScale …..
[/quote]

So bored about your constant spam… Please, we DO know that it’s the best thing, but be polite and don’t get dirty every thread of this forum.

Thanks in advance