Forwarding from Zerotier to LAN

hello together

I already have several RUT240/RUT241 in use for remote maintenance. on the old interface you could select the option “server”. Now we do not have this option in the new interface.

My LAN has the following IP:
The router IP is:

So that the LAN participants are now accessible via VPN I have now adapted the following:

  • i set zerotier => lan to Accept / Accept / Accept in the firewall
  • Source NAT: Any traffic from any host in zerotier to any host in lan. rewrite to source IP

Is this the definitive solution or is there a more elegant solution?

Thanks for your help :slight_smile:



All you should need to do, is set the ZeroTier forwarding chain to accept in the firewall, and via the ZeroTier portal you need to add a route to the LAN IP of your device.
ZeroTier client will push these routes to all connected clients, and there should ne no need to rewirite the IP addresses.

Best regards,

1 Like

Hello Daumantas

thank you very much for the quick reply.

This is exactly how I have always configured it so far. The access via VPN to the router also works directly.

However, I can only reach other end devices in the LAN of the router after I have created a “NAT Rule” (see also printscreens).

I have found this to be the case with two new routers and have reset the devices to factory settings several times. Access to the interface of the router was always possible.

I don’t have a device on hand to test this (it’s currently public holiday here), but have you turned the masquerading option off manually? It should be turned on.
If that does not help, I’ll get back to you on Monday so see what could be causing the issue here.

i never changed this setting manually. but now it works. perfect - thank you. Thank you also that I received a reply during a holiday! Top :slight_smile:

1 Like