Open in app

Sign in

Write

Sign in

ZeroTier accessing Local LAN through Bridge

Sai Arunesh
2 min readJul 29, 2023

--

Zero Tier helps us connect to a device through a private tunnel. What if you want to access the whole network/LAN instead of just the LAN?

One use case is to access your IP cameras without enabling dangerous P2P options provided by the manufacturers.

The below code can be copied and run as shell script. You have to edit these things to fit your configuration

BR_IF = The Name of Interface that has the Device’s local IP. Mine is br0

GW_ADDR = IP Address of your Router. Most probably 192.168.1.1

BR_ADDR = IP Address of the device with subnet (24 if the device is not on some other VLAN)

NETWORK_ID = Network ID of your ZeroTier Network

ZT_IF = The interface created by ZeroTier in your device. Find out by typing ifconfig

BR_IF=<INTERFACE_THAT_SHOWS_IP_ADDRESS_SAME_AS_YOUR_DEVICE>
GW_ADDR=<IP_ADDRESS_OF_YOUR_ROUTER>
BR_ADDR=<IPADDRESS_OF_YOUR_DEVICE>/24
NETWORK_ID=<YOUR_NETWORK_ID)
ZT_IF=<ZEROTIER_INTERFACE_NAME)
sudo zerotier-cli set $NETWORK_ID allowManaged=0;
sudo apt remove - purge - auto-remove dhcpcd5 fake-hwclock ifupdown isc-dhcp-client isc-dhcp-common openresolv;
sudo ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf;
sudo systemctl enable systemd-networkd;
sudo systemctl enable systemd-resolved;
sudo systemctl enable systemd-timesyncd;
sudo zerotier-cli set $NETWORK_ID allowManaged=0
cat << EOF | sudo tee /etc/systemd/network/25-bridge-br0.network
[Match]
Name=$BR_IF
[Network]
Address=$BR_ADDR
Gateway=$GW_ADDR
DNS=1.1.1.1
EOF
cat << EOF | sudo tee /etc/systemd/network/br0.netdev
[NetDev]
Name=$BR_IF
Kind=bridge
EOF
cat << EOF | sudo tee /etc/systemd/network/25-bridge-br0-zt.network
[Match]
Name=$ZT_IF
[Network]
Bridge=$BR_IF
EOF
cat << EOF | sudo tee /etc/systemd/network/25-bridge-br0-en.network
[Match]
Name=eth0 # might be en*
[Network]
Bridge=$BR_IF
EOF
clear
tail -n+0 /etc/systemd/network/*
sudo iptables -A FORWARD -p all -i br0 -j ACCEPT

Once the above script has been run on the device containing ZeroTier , We can move to configuring your ZeroTier network.

  • Go to my.zerotier.com
  • Go to the Members section of the Network
  • Open the Wrench Icon for advanced settings and check
  • Check Allow Bridging
  • Check Do Not Auto Assign]
  • Try connecting the device you want to bridge
  • Now Authorize the member in the your zero tier account
Home Automation
Zerotier
Security
Cctv

--

--

Sai Arunesh

Written by Sai Arunesh

0 Followers

Beep Boop Peep

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams