Differences

This shows you the differences between two versions of the page.

--- vpn_site2site_usando_zerotier_con_bridge_en_lxc [2023/09/09 03:50] – [Step 7: Configure iptables] oso
+++ vpn_site2site_usando_zerotier_con_bridge_en_lxc [2026/02/04 21:23] (current) – [Step 1: Prepare the Container] oso
@@ Line 14: / Line 14: @@
 . Create a Debian 10 container and place it on the same vmbr as the target network.
-. Add the following line to your container's configuration:
+. Add the following line to your container's configuration (at ''root@pve1:~# nano /etc/pve/lxc/1101.conf''):
   lxc.mount.entry: /dev/net dev/net none bind,create=dir
@@ Line 29: / Line 29: @@
 ===== Step 4: Install Zerotier =====
-. Install Zerotier with the following command: `curl -s https://install.zerotier.com | bash`
+. Install Zerotier with the following command:
+<code>curl -s https://install.zerotier.com | bash</code>
 ===== Step 5: Join Zerotier Network =====
@@ Line 91: / Line 92: @@
 . Run ''iptables-restore < /etc/iptables/rules.v4'' to apply the iptables rules.
-===== Step 10: Enable Traffic Masquerading (if needed) =====
+===== Step 10: Enable Traffic Routing and Masquerading (if needed) =====
-. If the LXC container exists on a different VLAN and you need to enable traffic masquerading, use the following rule:
+. Add the route "dst: 10.10.0.0/16 gateway: <<lxc container local address, e.g. 192.168.188.250>> .If the LXC container exists on a different VLAN and you need to enable traffic masquerading, this will enable to reach the VPN network from a different VLAN. Use the following rule:
-  * Source NAT masquerade
+  * chain: src-nat
+  * action: masquerade
   * Destination Address: 10.10.0.0/16 (your VPN network)
   * Out Interface: 'LXC Container VLAN'
@@ Line 100: / Line 102: @@
 By following these steps, you should have successfully set up a Zerotier exit gateway in your Debian 10 LXC container to facilitate communication between networks.
+Resources: https://www.reddit.com/r/Proxmox/comments/jctd6x/comment/g93vloi/
+----