How can I running zerotier without NAT mode?

[Kation]

Physical Network: Subnet 1: 192.168.128.0/24 Subnet 2: 192.168.129.0/24 They are in different locations.

Zerotier Network: Subnet: 10.0.0.0/24

Router A is 192.168.128.254, and have zerotier ip 10.0.0.1. Router B is 192.168.129.254, and have zerotier ip 10.0.0.2.

I have configured zerotier routes: 192.168.128.0/24 10.0.0.1 192.168.129.0/24 10.0.0.2 And enable Allow Ethernet Bridging both.

For now I can ping and access subnet device for each other.

Then I have a Nginx server on 192.168.128.1. When a client access from subnet 192.168.129.0/24, Nginx log client 10.0.0.2 as client ip.

How can Nginx get origin subnet client ip address?

[ogarcia]

With this configuration you cannot. The NAT that Router B does to create connections from the 192.168.129.0/24 network prevents you from doing so.

In fact it is the same thing that happens on the internet, your machines all have private IPs and yet on the servers what is logged are the public IPs because the private IPs do not overcome the NAT of the router.

[Kation]

@ogarcia Zerotier act as a network adapter but it does not support layer 2 route? I used PPTP, SSTP, OpenVPN before, they work fine in layer 2 mode. I`m new to openwrt. I don't know what configuration is wrong with Zerotier or Openwrt.

[ogarcia]

Yes, but your configuration is in layer 3. You could set up a layer 2 system but in that case your entire network should be in the same IP address range. For example your ZT network in the 172.16.0.x range, router A in 172.16.1.x, router B in 172.16.2.x and your network would be 172.16.0.0/22. Here it talks a bit about it.

[Kation]

@ogarcia I make a mistake. I used PPTP, SSTP, OpenVPN in layer 3 mode routing by Windows Server RRAS. I don't know it is same as Zerotier? Can Openwrt configure same like RRAS?

[ogarcia]

I am sorry but I do not know RAS.

However you can try to configure the same as indicated in the link I passed you in my previous comment to have a layer 2 system.