About ZeroTier

Some issues and solutions for routing LAN to Zerotier in Windows, a tutorial on introducing moon server

https://www.zerotier.com/download/

Be sure to approve installation of the driver during the install process. Note: Windows 7 and Server 2012 users, please download ZeroTier 1.6.6, as there is no Windows 7 support in ZeroTier 1.8 or later. 

If you are installing via a remote desktop session read this knowledge base entry.

• MSI Installer (x86/x64)

MacOS 10.13+ or newer is supported.

• MacOS PKG Installer

Debian and RPM based distributions including Debian, Ubuntu, CentOS, RHEL, Fedora, and others are supported via a script that adds the right repository and installs the package.Other Linux distributions may have their own packages. If not try building and installing from source.

If you’re willing to rely on SSL to authenticate the site, a one line install can be done with:

1curl -s https://install.zerotier.com | sudo bash

If you have GPG installed, a more secure option is available:

1curl -s 'https://raw.githubusercontent.com/zerotier/ZeroTierOne/master/doc/contact%40zerotier.com.gpg' | gpg --import && \ if z=$(curl -s 'https://install.zerotier.com/' | gpg); then echo "$z" | sudo bash; fi

After using the script, use apt or yum to manage future updates to zerotier-one

• ZeroTierOne Github

https://www.reddit.com/r/zerotier/comments/sbbfuj/layer_3_route_to_lan_on_windows/

https://www.reddit.com/r/zerotier/comments/f5pa84/zerotier_is_great_however_creating_a_bridged/

1. Add a managed route in ZeroTier for the subnet you will be accessing via the Windows host
   
2. Network & internet => Related settings/More network adapter options, right click network and click properties option and choose sharing tab
3. Allow other network users to connect..., choose your zerotier network
4. Add firewall rules on the Windows host to allow the traffic

1. Create moon template

1cd /var/lib/zerotier-one
2zerotier-idtool initmoon identity.public > moon.json

2. Update moon template and modify stableEndpoints property

1vim moon.json

set your vps ip here

1"stableEndpoints": [ "your_ip_addr/9993" ]

3. genearte signature and you will get a file like 00000xxxx.moon

1zerotier-idtool genmoon moon.json

4. open TCP/9993 and UDP/9993 on the firewall
5. Create moons.d directory in zerotier installed directory(/var/lib/zerotier-one)

1cd /var/lib/zerotier-one
2mv 00000xxxx.moon(which you genearte in last step) moons.d

6. restart zerotier

1systemctl restart zerotier-one

• Method 1. The id is id value in moon.json

1zerotier-cli orbit <id> <id>

• Method 2. Create moons.d directory in your zerotier installed directory, copy 00000xxxx.moon into moons.d and restart zerotier service

after above all actions, you can use command zerotier-cli listpeers to check: role column has moon value.

1[root@server5 ~]# zerotier-cli listpeers
2200 listpeers <ztaddr> <path> <latency> <version> <role>
3200 listpeers 0cccb***** 35.236.*.*/64393;110;10726 327 1.6.3 LEAF
4200 listpeers 3a46f***** 185.180.*.*/9993;110;757 -1 - PLANET
5200 listpeers 3ed7c***** 39.97.*.*/9993;172;79 32 1.6.3 MOON
6200 listpeers 4f838***** - -1 - LEAF
7200 listpeers 62f86***** 50.7.*.*/9993;110;4796 351 - PLANET
8200 listpeers 778cd***** 103.195.*.*/9993;5148;4887 253 - PLANET
9200 listpeers 992fc***** 195.181.*.*/9993;10161;4921 226 - PLANET
10200 listpeers 9d2b5***** - -1 - LEAF

1. 在 OpenWrt 管理后台找到 ZeroTier 管理页面，填写 ZeroTier Network ID，勾选自动允许管理客户端 NAT 和启用，保存并应用。
2. 设置完并启用了 ZeroTier 后，点击“网络” > “接口” > “添加新接口”，新接口的名称 随意填写（为了方便填写为：zerotier），新接口的协议 选择 DHCP 客户端，包括以下接口 选择以太网适配器: "xxxxxxx" (可以通过 ssh 进入到 OpenWrt 系统使用 zerotier-cli listnetworks 获取网卡名, 一般一眼就能认出来是一串随机字母数字组合)
3. 在 ZeroTier 接口内选择防火墙设置，将 创建/分配防火墙区域 选择为 不指定或新建，可以在输入框输入你想起的名字 (为了方便填写为: zerotier)
4. 接着点击“网络” > “防火墙” > “添加”，名字随意，只需要将 入站数据、出站数据 和 转发 全部选择接受，覆盖网络 选择命名为 zerotier 的接口，允许转发到目标区域 选择为 lan 口
5. 做完上面的步骤，另外设置好 ZeroTier 官网上的授权管理就可以开始使用了。