10948 questions

13055 answers


27920 members

0 votes
506 views 2 comments

Im trying to get a RUT-955 configured with ZeroTier but am struggling to get two way communication. Unsure if its a ZeroTier issue, a Windows Server issue or a RUT-955 issue.


I have a RUT-955 configured with ZeroTier from the RUT cli I can ping Server1, and from Server 1 I can ping the RUT as well as the clients connected to the RUT's LAN. So i know i have basic communication in place.

Client1<----> RUT-955 <----> [ZeroTier] <----> Server1

I however am unable to get Client1 to communicate with Server1. I suspected its either a firewall policy blocking it or a routing issue, however i dont know how to toubleshoot the connection.

To clarify...

  • From the RUT CLI i can Ping Server1
  • From Server 1 i can access the RUT and all clients on the LAN.
  • From Client 1 i CANNOT reach Server 1

Any suggestions? I have the feeling that im almost there but cant figure out the last bit.

2 Answers

0 votes

Windows servers tend to have pretty strong firewall rules that would not let you reach it. Same with Windows 10 operating system. So the solution to this would be to try to check if your windows server isn't blocking incoming connections.

Firewall on the server has already been disabled for testing. : /
Alright, could you then please post full topology with IP addresses and screenshot current configurations that you've done so far? e.g managed routes page, firewall rules active on your RUT955 right now, and so on.

0 votes


Is Client1 a machine connected to the RUT955's LAN or is it also an independent ZeroTier node?

If Client1 is just a LAN client to RUT955 (which is a ZeroTier node), then you probably need to implement additional routing. For example:

  • Add a static route to the ZeroTier network or just the Windows server in the Network → Routing → Static Routes page. For example:
  • Set up port forwarding to Windows server's ZeroTier IP in the Network → Firewall → Port Forwarding page. Perhaps this reference will come in handy for this (it's for a newer device, but the principle remains the same).

If Client1 is already on the ZeroTier network as a node, it's most likely a firewall issue. However, without understanding the full context it's hard to predict where exactly.

A quick way to test whether the issue is with RUT955's firewall would be to add this line in the Network → Firewall → Custom Rules page or execute it as a command via SSH/CLI:

  • iptables -I FORWARD -s <Client1_IP> -d <Server1_IP> -j ACCEPT

Or disable the firewall entirely with these commands:

  • iptables --flush
  • /etc/init.d/firewall stop

To enable it again:

  • /etc/init.d/firewall restart

Some other things that could be causing this (although it's unlikely):

  • ZeroTier LAN route was deleted in ZeroTier central?
  • ZeroTier can also act as a firewall. Perhaps additional rules that prevent this traffic were added?

Anyway, I hope this gives you something to work with.

Good luck,