ZeroTier Port Forwarding

Hi!
I´m trying to forward port on a ZeroTier interface, that I want is forward the port 5900 of 192.168.100.134 to the Zerotier Interface(192.168.195.51), I did the port forwarding on LuCI, but I think that the packets coming from 192.168.100.134 can´t reach the Zerotier peer(192.168.195.2).I allowed forward from and to the Zerotier interface,This is my network setup:


I´m missing any firewall or iptables order or another thing?
Thanks in advance
TheMrRafus

  • You don't show the firewall rule
  • You never mentioned opening Port Forward on the ISP router

You don't need Port Forwarding if these networks are on the OpenWrt:

If the 2 zones are not allowed to communicate by default, then you need a Traffic Rule to allow them to talk to each other. Port Forward implies NATing - which is unneeded in this instance.

Hi! First thanks for the quick reply! I don´t want to open ports on the WAN except the Zerotier ports, that I want is to access the 5900 port of the 192.168.100.134 device from 192.168.195.2(Zerotier).The forward rules that I have are on the custom rules of LuCI:
iptables -A INPUT -i ztinterface -p tcp --dport 5900 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 5900 -i ztinterface -j DNAT --to 192.168.100.134:5900
Tomorrow I will try the solution that you say.
Thanks!

Why don't you use the web-based GUI to make rules in OpenWrt syntax...added to the proper places?

The terms I used (e.g. "Traffic Rule") are easily seen when navigating the Firewall section of the web GUI.