10933 questions

13039 answers

20334 comments

27474 members

0 votes
193 views 5 comments
by
Hi. When installing zerotier package, you can set the zerotier vpn services and then set firewall rules using the zerotier in the source. But when changing profiles the VPN stays up, but if you try to set firewall rules the zero doesnt appear in the source zones, it its if the new profile vpn rules section is unaware the package has been installed when using a profile othet than the one you used to install the package.

1 Answer

0 votes
by

Hello,

I was able to replicate the said issue I am consulting our HQ for this. I will give you feedback once I hear from their side.

Regards,
Mellow

by
Thanks Mellow. Is there any workaround in the meanwhile?
by
Hi kontech,

For the scenario, you want to implement you just want to have a new zerotier configuration in the other profile correct? Could you give me the full details about the solution you want to implement for me to try to generate some workarounds. :D

Regards,
Mellow
by

Hi. I need to create port forwards in other profiles that match the same port forwards created in the default profile. The issue is that when i log into the other profiles, i cannot select the source zone as Zero, so i cant use the zerotier IP for port forward rules. Is there a way to manually copy or sync port forward rules from one profile to another?

by

Hi kontech, 

Could you send me a copy of the troubleshoot file of the device via pm? Also in creating the profile you ticked the option Profile from the current configuration?  If yes, kindly check in Network > Firewall > Zone Forwarding if there is a zone named "zero" if not you need  to manually add it via SSH with the use of "vi" command: 

You can do so by following these steps:
1. log in to the CLI of the router
2. Execute this command /etc/config/firewall
3. Use the arrow keys at the very bottom part you should be able to see config redirect "DMZ"
4. Navigate the small box above it then press "a" button on your keyboard to enter editing mode. 
5. Copy paste these lines:

config zone 'zero_zone'

        option name 'zero'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option device 'zt+'

config forwarding

        option src 'zero'
        option dest 'lan'

6. It should look like this:

7. Press "Esc" button on your keyboard then type :wq to save the settings
8. Execute /etc/init.d/firewall restart to apply the settings. 

Then after that, you should be able to have a zero zone available on your port-forward rules. 

Regards,
Mellow

by
Hi. Yep thats working. To confirm, i didnt try to create a new config with the copy option, i was trying to add port forward rules using a profile that was created prior to addin zerotier. it would have been a lot of work to re-create the profile, so i followed your steps to add the config data to the config file and i can not use those zero config in port forwards. Thanks for your help.

Pete