RUT as VPN Gateway

Hello,

I would like to use RUT Devices as VPN Gateways to existing costumer networks.

The special requirement is, that the rut is just a device in the costumer network and not the main router.

Is it possible that the rut gets Internet from the LAN interface so that e.g. zerotier works on the rut and to be configured that it can route to the entire network?

Regards

Hello,

Yes, it is possible. I recommend checking the following wiki pages:

Please let me know if you have any additional questions.

Best regards,

Hello Marija,

thank you for the fast answer. Can you give me an routing example when the target network is 192.168.104.0/24 and the gateway is 192.168.104.254 ? Can’t get my head around the configuration.

Regards

You can try setting the ZeroTier forwarding chain to “accept” in the WebUI firewall. Additionally, through the ZeroTier portal, you’ll need to add a route to the LAN IP of your device. The ZeroTier client will push these routes to all connected clients.

Best regards,

It set the route for Internet on the lan interface and configured a DNS Server. Now I can ping a website but I cant get a connection to the zerotier controller. Is there maybe a firewall rule I need to change

Yes, as i have mentioned previously, in Network → Firewall → Traffic Rules you should set ZeroTier forwarding to “accept”.
Additionally, turn “masquerding” off.

Please let me know how it goes!

Best regards,

I managed to Add the Teltonika Device to Zerotier and it says its online but

zerotier-cli status is TUNNELED and I cant ping other devices from Teltonika on ZT Network and vice versa. I attached my current forwading and traffic rules.


Hello,

Sorry for any inconvenience. Could you please try turning masquerading on?

Best regards,

Hello, I tried to turn masquerading on but with no success

Please check if you have added the interface in Inter-Zone Forwarding. You can find this option by pressing Edit next to the ZeroTier zone, under General Settings.

Best regards,

I have checked it and it was added in Inter-Zone Forwarding:

Hello,

You should apply these rules only to the ZeroTier zone (the 3rd one). If you set “accept” for all zones, the zones will no longer function as a firewall, and the router will instead rely on traffic rules.

Best regards,