Hi, anyone using ZeroTier for accessing HA ? Have you ever tried to Allow Ethernet Bridging ?
I have successfully accessed the HA outside my network with the ZeroTier, but not everything is accessible.
I would like to access the whole network because I want to access BlueIris and others as same as using it as VPN. I have tried several tutorials with no luck. After I enable the default route, the device can access the internet.
The first one was this:
bridged-zerotier
I did not really understand the part below, should I put it somewhere, is it a command? Nothing worked for me.
mv bridge-start /usr/local/bin
mv make-tap /usr/local/bin
mv startvpn.sh /usr/local/bin
Another one is this (better one)
ZT VPN
With this one, everything was working until I get to the " From DO tutorial"
#!/bin/bash
# A very basic IPtables / Netfilter script /etc/firewall/enable.sh
PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
#service networking restart > /dev/null 2>&1
touch /root/RUNNING_FIREWALL_IPTABLES_NOW
# Flush the tables to apply changes
/sbin/iptables -F
# Default policy to drop 'everything' but our output to internet
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
# Allow established connections (the responses to our outgoing traffic)
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow local programs that use loopback (Unix sockets)
/sbin/iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT
/sbin/iptables -t nat -A POSTROUTING -o enp2s0 -j MASQUERADE
/sbin/iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i ztklhsm3zp -o enp2s0 -j ACCEPT
exit 0
I am not really sure what this script means. So I read the DO tutorial instead:
DO Tutorial
In the step 5
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i zt0 -o eth0 -j ACCEPT
I probably need to change the eth0 to the name of the “ethernet” of the device. I have it running on VirtualBox and it seems like the eth0 for me is enp0s3. I have changed the command to this.
sudo iptables -t nat -A POSTROUTING -o enp0s3 -j MASQUERADE
sudo iptables -A FORWARD -i zt21r4amuq -o enp0s3 -j ACCEPT
Is it correct ? if I write ifconfig I get somehing like this:
ubuntu@ubuntu:~$ ifconfig
enp0s3 Link encap:Ethernet HWaddr xxx
inet addr:192.168.0.167 Bcast:192.168.0.255 Mask:255.255.255.0
.
.
.
zt2lr4amuq Link encap:Ethernet HWaddr xxx
inet addr:192.168.0.167 Bcast:192.168.0.255 Mask:255.255.255.0
.
.
.
I am trying to access my HA and other services for years… This one was kind of a success, but not everything works so far. If anyone has any advice, I would be gratefull.