Mirrored from: https://kysonlok.github.io/2020/06/12/Set-Up-a-ZeroTier-Network-on-OpenWRT/
In this test, we set up Zerotier on Asus OpenWRT routers. To use ZeroTier service, you need to create your own ZeroTier account. Sign up for an account here: https://my.zerotier.com/login.
Important: Stop other VPN service on the router before you start is recommended
Login your ZeroTier account. Go to Network menu and click on Create button
to create a new network.
Next you should see the configuration page of your network. Please jot down the Network ID which will be used later.
Setup ZeroTier on router
SSH to the router, and execute the following commands to install ZeroTier package:
opkg update opkg install zerotier opkg install ipset
You should edit the configuration file /etc/config/zerotier to enable ZeroTier
and join into a network. It looks like:
# cat /etc/config/zerotier config zerotier 'sample_config' option enabled '1' list join 'd5e5fb6745219a7d'
Please replace the code above d5e5fb674521a7d with your own Network ID.
If you want to access the router’s LAN, you have to configure the firewall as
well. Please edit the firewall configuration file /etc/config/firewall. Add
below lines into it.
config zone 'vpn_zone' option name 'zerotier' option input 'ACCEPT' option forward 'REJECT' option output 'ACCEPT' option device 'zt+' option masq '1' option mtu_fix '1' config forwarding option dest 'zerotier' option src 'lan' config forwarding option dest 'lan' option src 'zerotier'
Start ZeroTier Service
/etc/init.d/zerotier restart /etc/init.d/firewall restart
Go back to your Zerotier’s web console and you will see the device which you just joined. Check the checkbox of “Auth?”, otherwise, your device may not be able to get an IP address from ZeroTier.
After authentication, the network interface will obtain an IP address. Check it
ifconfig, it looks like:
ztwdjh372k Link encap:Ethernet HWaddr 7E:BD:F0:B6:4E:87
inet addr:10.241.143.3 Bcast:10.241.255.255 Mask:255.255.0.0
inet6 addr: fdd5:e5fb:6537:869a:7d99:9327:7681:2b7c/88 Scope:Global
inet6 addr: fce2:6361:1827:7681:2b7c::1/40 Scope:Global
inet6 addr: fe80::7cbd:f0ff:feb6:4e87/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:2800 Metric:1
RX packets:39 errors:0 dropped:0 overruns:0 frame:0
TX packets:68 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:1638 (1.5 KiB) TX bytes:4368 (4.2 KiB)
You can manage route in ZeroTier’s web console. For example, I add a static route on Managed Routes, so that I can access the router’s LAN.