Community discussions

MikroTik App
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

ZEROTIER basics

Mon Nov 22, 2021 9:45 pm

Hello,

I have conected Rasberry pi4 in my home network behind double NAT and my mobile phone on another netwotk work, both devices are coneced into Zeroter. In Zerotier I can see both devices online, but I can not reach on mobile phone the network on Rasberry pi.

What should I do to connect rasberry and mobile into one netword thorough Zerotier?
 
User avatar
Hominidae
Member
Member
Posts: 309
Joined: Thu Oct 19, 2017 12:50 am

Re: ZEROTIER basics

Mon Nov 22, 2021 11:21 pm

...this not in any case MT related, isn't it?
zt is a SDN, so every device will be on the same ZT-LAN....that's the main purpose.
Should you desire to use zt as a transfer network, enable routing...on both sides of each connection...zt-central allows to configure routes
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Re: ZEROTIER basics

Tue Nov 23, 2021 12:36 am

it is MK related...behin rasberry pi is my HAP AC2, should I allow any routes in firewall?¨

How should I enable routing...on both sides of each connection...?? In android APP there is no such a option...and on rasberry pi I do not know....

The rasberry pi is on the same network as Hap AC2, and I would like to connect thorrough rasberry to my router behind NAT...
Last edited by Rox169 on Tue Nov 23, 2021 1:13 am, edited 1 time in total.
 
User avatar
krafg
Forum Guru
Forum Guru
Posts: 1020
Joined: Sun Jun 28, 2015 7:36 pm

Re: ZEROTIER basics

Tue Nov 23, 2021 1:06 am

It's not a Mikrotik related, sometimes after some time ZeroTier shows the computer as connected but it can't stablish any kind of connections. If it is your case you need reinstall ZeroTier completely removing %ProgramData%\ZeroTier folder in case of Windows machines and /var/lib/zerotier-one folder in case of Linux machines.

And of course use ZeroTier with mobile data, not your Wi-Fi on your phone.

On MikroTik you not need declare any firewall rules to get ZeroTier working on any device.

Regards.
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Re: ZEROTIER basics

Tue Nov 23, 2021 1:13 am

The rasberry pi is on the same network as Hap AC2, and I would like to connect thorrough rasberry to my router behind NAT...
 
User avatar
Hominidae
Member
Member
Posts: 309
Joined: Thu Oct 19, 2017 12:50 am

Re: ZEROTIER basics

Tue Nov 23, 2021 1:37 am

Ehhmmm, that statement is totally different that the one you gave in your first post.
Unclear how your setup looks like, where the zt-clients are (rPi or MT-hap^2, phone/App) ...and what you want to achieve...pls create a diagram of your setup.
 
User avatar
krafg
Forum Guru
Forum Guru
Posts: 1020
Joined: Sun Jun 28, 2015 7:36 pm

Re: ZEROTIER basics

Tue Nov 23, 2021 6:21 am

The rasberry pi is on the same network as Hap AC2, and I would like to connect thorrough rasberry to my router behind NAT...
If you want connect to your router (assuming that is your hAP AC2 running ROS7 with ZeroTier support) I not know the capabilities of ZeroTier under ROS7.

Regards.
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Re: ZEROTIER basics

Tue Nov 23, 2021 3:51 pm

One side:
ISP - no public IP, NAT
HAP AC2 - NAT
Rasberry Pi - zerotier

Second side:
Mobile phone Zerotier - no public IP behing NAT

Is it possible to create one network where I will connect from mobile phone to the HAP AC2 via Mikrotik app on the mobile phone?

Thank you
 
User avatar
krafg
Forum Guru
Forum Guru
Posts: 1020
Joined: Sun Jun 28, 2015 7:36 pm

Re: ZEROTIER basics

Tue Nov 23, 2021 8:30 pm

If your hAP AC2 it's running ROS 7.1rc2 and have ZeroTier configured and it's activated on ZeroTier Central, I assume that it should works.

Regards.
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Re: ZEROTIER basics

Tue Nov 23, 2021 8:38 pm

Sorry but did you read what I wote? Do you see any mention about zerotier on HAP AC2? The zerotier is on the Rasberry pi....
 
zandhaas
Frequent Visitor
Frequent Visitor
Posts: 73
Joined: Tue Dec 11, 2018 11:02 pm
Location: The Netherlands

Re: ZEROTIER basics

Tue Nov 23, 2021 9:41 pm

On the ZeroTier Central you need to create " Managed Routes" under the TAB Advanced.

For Example the network behind your raspberry is 192.168.0.0/24 you need to create the following route

Destination: 192.168.0.0/24
Via: "ZeroTier address of the raspberry-PI"
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Re: ZEROTIER basics

Tue Nov 23, 2021 9:58 pm

On the ZeroTier Central you need to create " Managed Routes" under the TAB Advanced.

For Example the network behind your raspberry is 192.168.0.0/24 you need to create the following route

Destination: 192.168.0.0/24
Via: "ZeroTier address of the raspberry-PI"
Zandas you do understand the problem. I have already this settings but its not working...
 
zandhaas
Frequent Visitor
Frequent Visitor
Posts: 73
Joined: Tue Dec 11, 2018 11:02 pm
Location: The Netherlands

Re: ZEROTIER basics

Tue Nov 23, 2021 10:13 pm

I have installed ZT on my RB4011 and beside the orut in ZeroTier Central I also have a route back from the RB4011 to the Zerotier network via the zerotier interface.
I think you have to do that on your RPI also.
And I think also on your HAPac2. Add a route to the ZeroTier network with the rapsberry (internal IP) as the gateway.
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Re: ZEROTIER basics

Tue Nov 23, 2021 10:27 pm

I think I should set in Zerotien on Rasberry ethernet bridging, but i dont know how...

Could you please help me wtih setting of firewall? What shoul I set? Input and forward?
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Re: ZEROTIER basics

Tue Nov 23, 2021 11:22 pm

And I think also on your HAPac2. Add a route to the ZeroTier network with the rapsberry (internal IP) as the gateway.

This is not working, as soon as I set route in zerotier I can not reach the HAP AC2, so something is going on, but I have to disable the route in Zerotier to be able login into ROS on HAP AC2

Any ideas?
 
User avatar
krafg
Forum Guru
Forum Guru
Posts: 1020
Joined: Sun Jun 28, 2015 7:36 pm

Re: ZEROTIER basics

Wed Nov 24, 2021 3:04 am

If you want manage your router using MikroTik APP with ZeroTier network, the only way is installing directly ZeroTier on your Mikrotik router.

Regards.
 
zandhaas
Frequent Visitor
Frequent Visitor
Posts: 73
Joined: Tue Dec 11, 2018 11:02 pm
Location: The Netherlands

Re: ZEROTIER basics

Wed Nov 24, 2021 10:22 am

And I think also on your HAPac2. Add a route to the ZeroTier network with the rapsberry (internal IP) as the gateway.

This is not working, as soon as I set route in zerotier I can not reach the HAP AC2, so something is going on, but I have to disable the route in Zerotier to be able login into ROS on HAP AC2

Any ideas?
Have you restricted access via winbox to you local network?
If so you are not allowed to access you rrouter via the ZT network
 
User avatar
Hominidae
Member
Member
Posts: 309
Joined: Thu Oct 19, 2017 12:50 am

Re: ZEROTIER basics

Wed Nov 24, 2021 10:10 pm

This is not working, as soon as I set route in zerotier I can not reach the HAP AC2, so something is going on, but I have to disable the route in Zerotier to be able login into ROS on HAP AC2
that respective chain for that connection is the input chain in the hap^2 firewall.
Access to others is the forward chain.
Pretty sure you did not include zt-network into LAN interface list, when running the standard firewall rules set.
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Re: ZEROTIER basics

Wed Nov 24, 2021 10:11 pm

I have add some rull in firewall to accept the network from zerotier but no luck a have even added the routes as was suggested here but no luck. I have even created the same network in zerotier as is my local.. 193.168.3. but no luck
 
User avatar
Hominidae
Member
Member
Posts: 309
Joined: Thu Oct 19, 2017 12:50 am

Re: ZEROTIER basics

Wed Nov 24, 2021 11:46 pm

...it is said, that a picture is worth a thousand words..pls. draw us a pic: https://app.diagrams.net/ including all IPs used, routes deployed for all relevant components, that are to be connected/reached.

Who is online

Users browsing this forum: itsbenlol, mstanciu, NetTecture, tarfox and 37 guests