Category: Remote Access

The “Authentication Required to Create Managed Color Device” Problem

Create the following files under /etc/polkit-1/localauthority/50-local.d/

References

VPN without public IP using ZeroTier

I want to access my office network (192.168.1.0/24) from home. My office PC is behind NAT. It can access Internet, but no public IP is available for hosting a VPN server.  Here is how to use zerotier to setup a VPN channel for my home PC to connect to the office network.

Here is the configurations of the home and office PCs.

ItemHome PCOffice PC
Physical Network Interfaceens33eno1
IP address192.168.5.123192.168.1.89
Network192.168.5.0/24192.168.1.0/24

Installation

Install ZeroTier Client on both PCs using the following command:

If GPG is installed, here is the more secure way to install zerotier:

Go to https://www.zerotier.com/ to register an account. You will be given a Network ID, e.g. 17d70944892a9b2b.

On both PCs, join the network using the following command:

On the management webpage of ZeroTier, check the ‘Auth?’ of the two PCs.

After joining the network, a virtual network interface will be added

ItemHome PCOffice PC
Virtual Network Interfaceztks52g3qx ztks52g3qx
IP address192.168.191.34192.168.191.88
Network192.168.191.0/24192.168.191.0/24

Configure the ZeroTier managed route

At my.zerotier.com/network/ 17d70944892a9b2b -> Settings -> Managed Routes, add the following route:

Destination(via)
192.168.1.0/24
(Office Subnet)		192.168.191.88
(ZeroTier IP Address of “Router”)

Enabling IP forwarding

Configure the IP forwarding in the office PC.

To make the setting permanent, edit /etc/sysctl.conf to uncomment net.ipv4.ip_forward. This enables forwarding at boot.

Save iptables rules for next boot

References

  1. Zerotier
  2. Route between ZeroTier and Physical Networks