Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:services:vpn:zerotier [2024/10/17 19:23] – [Basic Configuration] andrewz | docs:guide-user:services:vpn:zerotier [2024/10/18 14:51] – [Basic Configuration] andrewz | ||
|---|---|---|---|
| Line 22: | Line 22: | ||
| service zerotier restart | service zerotier restart | ||
| </ | </ | ||
| + | |||
| + | For ZeroTier version 1.14.1 or newer: | ||
| + | < | ||
| + | uci set zerotier.global.enabled=' | ||
| + | uci delete zerotier.earth | ||
| + | uci set zerotier.my_zt_net=network | ||
| + | uci set zerotier.my_zt_net.id=< | ||
| + | uci commit zerotier | ||
| + | service zerotier restart | ||
| + | </ | ||
| + | |||
| * When a new virtual network is joined, a //secret// will be generated, which may take a while. When it's finished, the //secret// will be saved in ''/ | * When a new virtual network is joined, a //secret// will be generated, which may take a while. When it's finished, the //secret// will be saved in ''/ | ||
| * Typical communication with Zerotier peers will happen on port 9993/udp, and no additional configuration is needed for an out-of-the-box router configuration. | * Typical communication with Zerotier peers will happen on port 9993/udp, and no additional configuration is needed for an out-of-the-box router configuration. | ||
| * To use the virtual network, the device must be authorized on Zerotier Central by clicking the " | * To use the virtual network, the device must be authorized on Zerotier Central by clicking the " | ||
| - | * Device connectivity can be seen by using the " | + | * Device connectivity |
| < | < | ||
| - | zerotier-cli info | + | root@OpenWrt# |
| + | 200 info xxxxxxxxxx 1.14.0 ONLINE | ||
| </ | </ | ||
| * Some services (eg dropbear, luci) may need to be reconfigured to allow access from the new Zerotier virtual interface. The easy way is to un-restrict them from specific networks/ | * Some services (eg dropbear, luci) may need to be reconfigured to allow access from the new Zerotier virtual interface. The easy way is to un-restrict them from specific networks/ | ||
| * For dropbear (allow access from anywhere, potentially unsafe): | * For dropbear (allow access from anywhere, potentially unsafe): | ||
| < | < | ||
| - | cat / | + | root@OpenWrt# |
| config dropbear | config dropbear | ||
| Line 39: | Line 51: | ||
| </ | </ | ||
| - | **You must reboot OpenWrt router at this point otherwise | + | :!: You must reboot OpenWrt router at this point otherwise |
| + | |||
| + | After reboot get the device name using your 16-digit Network ID: | ||
| + | < | ||
| + | root@OpenWrt# | ||
| + | ztXXXXXXXX | ||
| + | </ | ||
| + | |||
| + | Alternatively run '' | ||
| <code bash> | <code bash> | ||
| Line 46: | Line 66: | ||
| uci set network.ZeroTier=interface | uci set network.ZeroTier=interface | ||
| uci set network.ZeroTier.proto=' | uci set network.ZeroTier.proto=' | ||
| - | uci set network.ZeroTier.device=' | + | uci set network.ZeroTier.device=' |
| # Configure firewall zone | # Configure firewall zone | ||