Here we'll explain how to join your ZeroTier network with your office or home LAN so you can access your private servers and services securely from anywhere in the world. You don't even need to install ZeroTier on the servers connected to the LAN. Just on your router.
On LEDE, ZeroTier 1.1.4 is available in the Stable channel, and 1.2.4 is available in the Development Snapshot channel. For OpenWRT, you must use the Development Snapshot channel.
For simplicity's sake, we're going to join two adjacent Class C network blocks.
The Local LAN will be
10.99.5.0/24. The ZeroTier network will be
If you have not done so already, sign up for an account on https://my.zerotier.com and create a network.
Open the network to edit it. In the
Managed Routes section and enter
10.99.5.0/23. Leave the field
that says "(LAN)" alone and then click the + button. Your
Managed Routes section should now look like
Next, check the
IPv4 Auto-Assign checkbox and go to the advanced tab. Add an auto-assign pool and set the
10.99.6.1 - 10.99.6.254.
Open your web browser to the router configuration page. In the
System menu select
ZeroTier in the Available packages list and hit the install link.
Once installed, you'll need to open an SSH connection to your router. Using your favorite editor, edit
By default it should look something like this:
config zerotier 'default' option enabled '1' option interface 'wan' list join '8056c2e21c000001' option secret 'some_really_long_hex_string'
8056c2e21c000001 with your network ID. Save and close the file, then reboot your router. (Yes, you must
actually reboot your router here).
Once your router is back up and running, it will be trying to join your ZeroTier network. Go to https://my.zerotier.com and authorize it to join the network.
Additionally, you will have to click the Tool icon next to the authorization checkbox and enable
Allow Ethernet Bridging
Though it's not strictly necessary, I set the ZeroTier assigned IP address of the router to 10.99.6.1 and removed the auto-generated IPv4 address.
Now it's time to back to the web interface for your router. In the
Network menu, select
click the 'Add new interface' button. Configure the interface like so:
If zt0 is not in the interface list, select
Custom Interface and enter
zt0 into the text box. Hit submit and go back to the Interface list page.
Next we want to edit the existing
LAN bridge. This interface was auto created by LEDE and bridged the switch
and wireless radios.
General Setup page, set the IPv4 address to
10.99.5.1, and IPv4 netmask to
Physical Settings tab, ensure
zt0 is checked in the interface list.
Click the "Save & Apply" button and your router will be configured. On the device you're working from, you'll likely need to release and renew your DHCP assigned address at this point.
Your local LAN and ZeroTier are now bridged together as one network and you'll be able to access your local LAN behind the router from wherever your other ZeroTier enabled devices are!