docs.facundoitest.space

User Tools

Site Tools

Trace: forzar_detencion_de_backups_en_proxmox mapear_unidad_con_net_use agregar_calendar_reviewers self_-_elevation sre_nre uso_del_bodyashtml cv_-_about_me job_post_fetcher_app delete_files_older_than monitorear_temperatura_del_cpu_con_zabbix_userparameters
vpn_site2site_usando_zerotier_con_bridge_en_lxc

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
vpn_site2site_usando_zerotier_con_bridge_en_lxc [2023/09/09 01:37] – created osovpn_site2site_usando_zerotier_con_bridge_en_lxc [2025/07/10 15:41] (current) oso
Line 29: Line 29:
 ===== Step 4: Install Zerotier ===== ===== Step 4: Install Zerotier =====
  
-6. Install Zerotier with the following command: `curl -s https://install.zerotier.com | bash`+6. Install Zerotier with the following command:  
 +<code>curl -s https://install.zerotier.com | bash</code>
  
 ===== Step 5: Join Zerotier Network ===== ===== Step 5: Join Zerotier Network =====
Line 67: Line 68:
  
 Replace `<ContainerIPAddress>` with the IP address of the LXC container in your local network. Replace `<ContainerIPAddress>` with the IP address of the LXC container in your local network.
 +
 +e.g.
 +
 +<code>
 +*nat
 +:PREROUTING ACCEPT [0:0]
 +:INPUT ACCEPT [0:0]
 +:OUTPUT ACCEPT [0:0]
 +:POSTROUTING ACCEPT [0:0]
 +-A POSTROUTING -o eth0 -s 10.241.0.0/16 -j SNAT --to-source 192.168.188.250
 +COMMIT
 +*filter
 +:INPUT ACCEPT [0:0]
 +:FORWARD DROP [0:0]
 +-A FORWARD -i zt+ -s 10.241.0.0/16 -d 0.0.0.0/0 -j ACCEPT
 +-A FORWARD -i eth0 -s 0.0.0.0/0 -d 10.241.0.0/16 -j ACCEPT
 +:OUTPUT ACCEPT [0:0]
 +COMMIT
 +</code>
  
 ===== Step 8: Apply iptables Rules ===== ===== Step 8: Apply iptables Rules =====
Line 72: Line 92:
 11. Run ''iptables-restore < /etc/iptables/rules.v4'' to apply the iptables rules. 11. Run ''iptables-restore < /etc/iptables/rules.v4'' to apply the iptables rules.
  
-===== Step 10: Enable Traffic Masquerading (if needed) =====+===== Step 10: Enable Traffic Routing and Masquerading (if needed) =====
  
-12. If the LXC container exists on a different VLAN and you need to enable traffic masquerading, use the following rule:  +12. Add the route "dst: 10.10.0.0/16 gateway: <<lxc container local address, e.g. 192.168.188.250>> .If the LXC container exists on a different VLAN and you need to enable traffic masquerading, this will enable to reach the VPN network from a different VLAN. Use the following rule:  
-  * Source NAT masquerade+  * chain: src-nat  
 +  * action: masquerade
   * Destination Address: 10.10.0.0/16 (your VPN network)   * Destination Address: 10.10.0.0/16 (your VPN network)
   * Out Interface: 'LXC Container VLAN'   * Out Interface: 'LXC Container VLAN'
Line 81: Line 102:
  
 By following these steps, you should have successfully set up a Zerotier exit gateway in your Debian 10 LXC container to facilitate communication between networks. By following these steps, you should have successfully set up a Zerotier exit gateway in your Debian 10 LXC container to facilitate communication between networks.
 +
 +Resources: https://www.reddit.com/r/Proxmox/comments/jctd6x/comment/g93vloi/?utm_medium=android_app&utm_source=share&context=3
 +
 +
 +----
 +
vpn_site2site_usando_zerotier_con_bridge_en_lxc.1694223455.txt.gz · Last modified: 2024/10/17 21:42 (external edit)