How To Setup and Use ZeroTier VPN Server

VPN is an acronym for Virtual Private Network. It is commonly used to provide protection or mask users against untrusted networks. This is achieved by encrypting all the traffic, securing a connection to a network, and bypassing all geographical restrictions allowing users to surf over public networks while keeping their data private.

There are several VPN solutions in the market today. ZeroTier is capable of connecting team members from anywhere in the world on any device. It is able to create secure connections between the on-premise, cloud, desktop, and mobile devices.

ZeroTier provides both VPN and SD-WAN capabilities making it easier to manage your network. Users are able to enjoy flexibility as they avoid hardware costs associated. There are several other features and benefits associated with ZeroTier, these are:

• Easy to set up and use – ZeroTier can be set up in minutes with remote, automated deployment. Simplify your network stack by unifying VPNs, VLANs, and SD-WANs with one solution. You are also able to integrate cloud devices on one interface
• Flexibility – It emulates Layer 2 Ethernet with multipath, multicast, and bridging capabilities.
• More secure – ZeroTier’s zero-trust networking approach provides scalable security with 256-bit end-to-end encryption. This can help secure corporate network overlay and failover layer
• High performance – Create a 5G-capable secure P2P network for any IoT device that can run on 64MB of RAM. It also offers network control and P2P functionality

ZeroTier offers several editions for its users. The editions are:

• Open-source: this is a free and self-hosted controller for non-commercial use.
• Basic: Free / ZeroTier Hosted Controller with limited features. Mostly used for a home lab, remote access, tunnelling and other simple networking cases.
• Professional: Here you only pay for what you need. Used by developers, IT, technology professionals, startups, SMBs, and product R&D.
• Enterprise: For high-volume VPN, IoT, embedded networking, multi & hybrid cloud, IaC, and Commercial Use.

Today, we will learn how to set up and use ZeroTier VPN Server. We will see how you can connect two devices over ZeroTier. We will then test the connection using the pingcommand.

#1. Create the ZeroTier network

We will begin by creating the ZeroTier network. Remember this is free as no credit card is required. Visit the ZeroTier website and create an account.

Sign up and create your first network here.

Now you will have a network created with a random ID as well as a random name.

You can modify this network as desired by clicking on it.

You can set the desired name and make other configurations as desired. You can scroll down and see the members’ panel. Currently, we have nothing added.

#2. Install ZeroTier app on Your Device

Now on any device, you want to use ZeroTier, you need to install it. This can be done by downloading the packages from the official ZeroTier downloads page.

On this page, we have Linux, Windows, macOS, iOS, Android, FreeBSD and NAS packages. In this guide, I will demonstrate how to install the ZeroTier app on Linux.

Use the command:

##If you Have GPG installed:
curl -s 'https://raw.githubusercontent.com/zerotier/ZeroTierOne/master/doc/contact%40zerotier.com.gpg' | gpg --import && \
if z=$(curl -s 'https://install.zerotier.com/' | gpg); then echo "$z" | sudo bash; fi

##Alternatively use
curl -s https://install.zerotier.com | sudo bash

Once the package has been installed, it stores files at /var/lib/zerotier-one/. So we will create a symbolic link for the CLI tool:

sudo ln -sf /var/lib/zerotier-one/zerotier-cli /usr/bin/zerotier-cli

Once created, verify if it is working:

$ sudo zerotier-cli info
200 info e7f33c71da 1.10.2 ONLINE

For Windows, macOS, iOS and Android, you will have a desktop application which you can easily use.

#3. Join your first ZeroTier network

Now you can add the devices to the created network. First copy the Network ID of the network from the ZeroTier web. For example df78bf9436d46af6. This will be required when you add each device to the network.

To add a device, proceed as shown:

• On macOS

Provide the Network ID

• On Windows

Provide your Network ID

• On Mobile device

Provide the Network ID

• On Linux(command line)

sudo zerotier-cli join af78bf9436d46af6
##OR
sudo /usr/sbin/zerotier-one -q join af78bf9436d46af6

#4. Authorize your device to ZeroTier network

Now you need to allow your device to connect to the ZeroTier VPN network, otherwise, the devices will say “Access Denied“

For example on Linux:

$ sudo zerotier-cli listnetworks
200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips>
200 listnetworks ***********  f6:90:22:d2:54:2a ACCESS_DENIED PRIVATE zthnhgx7wa -

Now on the ZeroTier web, you will see the device appear as shown in the Members panel. Verify that the Address matches the address of your client.

Give it a name and check the “Auth?” box to allow it to connect.

Once the device is allowed, the status will change from “Access Denied” to “OK“. For example on Linux:

$ sudo zerotier-cli listnetworks
200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips>
200 listnetworks af78bf9436d46af6 neveropen_net f6:90:22:d2:54:2a OK PRIVATE zthnhgx7wa 192.168.195.59/24

#5. Test ZeroTier VPN Server

To test if the VPN server is working as desired, you will add another device using a similar process as above. Once you have the two devices, obtain the IP of the second one and try pinging it.

These managed IPs, are different from the IPs of your network. To test if everything is working as desired, we will run the ping command as shown:

Voila!

Now you are set to establish connections between devices across your organization as well as offer protection or mask users against untrusted networks. I hope this was important to you.

See more:

Bypass Any Website Region Restrictions using Ivacy VPN

Deploy WireGuard and IPsec VPN Server using Ansible