Help with ZeroTier routing between GL.iNet devices

On your “home” beryl AX router, you will need to enable the “WAN” checkbox for Zerotier. On your “travel” Beryl AX router, you will NOT need any additional checkboxes enabled. That should complete the Zerotier configuration. After that, setup a Wireguard server on your “home” Beryl AX, then export the config file. Import the config file into your travel Beryl AX router under the Wireguard client (add a “New Group”, then add the config after that). Before importing the config file, I modified the config file so it uses the internal/Zerotier IP of the home router, since I believe it will default to your public IP at home, and you want the traffic to route over your Zerotier network (only). After that, you are more or less done, just go to the VPN dashboard to enable the connection. As mentioned earlier, on your travel router, you will want to set “block non-vpn traffic” as well under “Global Options”, otherwise you will likely accidentally leak your local IP if the internet blips or the tunnel goes down. This setting will ensure your network DROPS instead of leaking your location. After that you are bullet proof! Any LAN traffic (wired or wireless) will be funneled through your Zerotier and Wireguard-protected network. This combo is great since you can really configure 99% of this right through the Glinet GUI, and won’t really need to mess with scripting or anything custom at all. The only “modification” is the IP adjustment on the Wireguard config file when importing. I hope that helps!

2 Likes