search

zerotier / ZeroTierOne

A Smart Ethernet Switch for Earth
https://zerotier.com
Other
14.38k stars 1.68k forks source link

[Doc Request] how to full tunnel office ip traffic through home via zerotier (windows10) #1497

Closed x151973 closed 2 years ago

x151973 commented 2 years ago

It seems have no windows case for full tunneling after googling, so tried myself and worked, if someone succeed, please let me know

1, install and config zerotier (1.65) on both pc, and both pingable eachother through zerotier ip address, say home physical|zerotier ip :192.168.1.110/24|172.28.12.34, office:192.168.2.222/24|172.28.56.78 (both zerotier ip range 172.28.0.0/16)

2, add a default route on zerotier web dashboard: 0.0.0.0/0 via 172.28.12.34

3, test: 3.1 pathping 8.8.8.8 on office pc, first hop should be 192.168.2.222 3.2 ping 8.8.8.8, success 3.3 enable click Allow Default Route on zerotier app 3.4 pathping 8.8.8.8 on offics pc, first hop should be 172.28.56.78 3.5 ping 8.8.8.8, will fail 3.6 uncheck Allow Default Route on zerotier app

4, config home pc as edge nat router (most important!): ref https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/user-guide/setup-nat-network 4.1 enable home pc hyper-v function of windows on control panel, restart

4.2 open powershell:

New-VMSwitch -SwitchName "SwitchName" -SwitchType Internal ↑add a new virtual switch Get-NetAdapter ↑note the ifIndex number of new added switch, say 42 New-NetIPAddress -IPAddress 172.28.0.1 -PrefixLength 16 -InterfaceIndex 42 ↑set address for new virtual switch, ifIndex 42, should same ip range as zerotier adapter New-NetNat -Name MyNATnetwork -InternalIPInterfaceAddressPrefix 172.28.0.0/16 ↑enable nat, set ip range same as zerotier adapter ip range

5, test again 5.1 pathping 8.8.8.8 on office pc, first hop should be 192.168.2.222 5.2 ping 8.8.8.8, success 5.3 enable click Allow Default Route on zerotier app 5.4 pathping 8.8.8.8 on offics pc, first hop should be 172.28.56.78 5.5 ping 8.8.8.8, SHOULD SUCCESS 5.6 test webpage like whatismyipaddress, result should be your home location city/isp/country address

qzydustin commented 2 years ago

I had the same problem, and I still have no success since my home computer doesn't support hyper-v.

gnattu commented 2 years ago

You need to reserve the actual public address of your home computer, the zerotier root server etc from the 0.0.0.0/0 route so that they will not "loop" into the zerotier interface. To do so, add a static routes to those ip addresses through your default gateway.

htht2001 commented 1 year ago

Works perfectly Why not add it to the guides?

joseph-henry commented 1 year ago

We're reworking some docs now. If @x151973 is willing to grant us permission we could adapt this and put it on our docs site once we confirm it works.