I am discovering zerotier, kind of a p2p vpn solution. I would have my MiFi to be a hotspot for zerotier network. The MiFi itself will run the zerotier client and gets an extra interface. It’s unmanaged but gets an IP from the zerotier software (let’s say 192.168.1.23). On that same virtual zerotier network there’s an outgoing gateway (192.168.1.50). I would want the traffic of my hotspot interface to be forwarded to the zerotier network, with NAT.
I tried already some things, but I don’t seem to be able to forward the traffic from hotspot to vpn. If I try to forward to the classic wan things are working fine. If I try to ping out of interface zt0, it works.
Please advise me how I can change the “output zone” of hotspot (or any other zone) so that it goes out to the internet on the vpn zone.
That’s exactly what I tried. Traffic to 192.168.1.x subnet (vpn subnet) goes out of the vpn interface. All other traffic is not going through the vpn tunnel.
If I do a “ping 126.96.36.199” from a device on the hotspot network then I get a “destination port unreachable”. If I ping from the MiFi itself, with specification “ping -I zt_nameofvpninterface 188.8.131.52” it is working fine and leaving on vpn interface.
I am in the same situation and have been pulling my hair out already.
When following that guide mentioned above, the slate successfully joins the zerotier network. Other clients on that network can at least ping the slate zerotier ip, but no client from LAN /WLAN side of the slate can access or even ping resources on the zerotier network.
I am not an expert using openwrt so cannot debug that deeper than just that. Hopefully someone will get this to work.
No, there is no portal in the zerotier client.
Also this is not a problem with DNS, as access to direct IPs on the zerotier layer will not work as well.
Zerotier is a virtual Ethernet layer, like gre- tunnels, or EOIP or similar to a central zerotier service.