Use Linux IP tables to connect your home LAN to your ZeroTier network. This seems to be the simplest pattern for getting remote access to your LAN. It doesn't require access to the LAN's router or have some of the pitfalls of bridging. This requires is a Linux PC or VM, something that runs iptables, on your LAN. A raspberrypi works. This is a NAT/Masquerade setup.
...
Code Block |
---|
sudo zerotier-cli join $NETWORK_ID
sudo zerotier-cli listnetworks
|
Authorize it at my.zerotier.com/network/$NETWORK_ID
...
Code Block |
---|
sudo sysctl -w net.ipv4.ip_forward=1 |
Configure iptables
...
...
sudo apt install iptables-persistent
Assign some shell variables (personalize these)
Code Block |
---|
PHY_IFACE=eth0; ZT_IFACE=zt7nnig26 |
Write iptables config file. This will overwrite the existing config.Add rules to iptables
Code Block |
---|
cat << EOF | sudo tee /etc/iptables/rules.v4 *nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] iptables -t nat -A POSTROUTING -o $PHY_IFACE -j MASQUERADE COMMIT *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] sudo iptables -A FORWARD -i eth0 -o $ZT_IFACE -m state --state RELATED,ESTABLISHED -j ACCEPT sudo iptables -A FORWARD -i $ZT_IFACE -o $PHY_IFACE -j ACCEPT COMMIT EOF |
Activate iptables configSave iptables rules for next boot
Code Block |
---|
sudo apt install iptables-persistent sudo iptables-restoresave <> /etc/iptables/rules.v4 |
Test!
...