Zerotier setup for full tunnel mode (VPN) issu - no connection.

[Nord1ing]

Hello,

following guide, i am pretty sure what zerotier was installed and configured correctly.

LAN and home network connections works fine, but any connection to Internet are broken from devices inside zerotier lan.

Current setup is:
Zerotier account:

Spoiler

 

 

 

 

Gateway configuration:

• OrangePi with Armbian 23 Bullseye
• ip route:

default via 192.168.1.1 dev eth0 proto dhcp metric 100
169.254.0.0/16 dev ztfp6azmws scope link metric 1000
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.95 metric 100
192.168.200.0/24 dev ztfp6azmws proto kernel scope link src 192.168.200.95

• Iptables output:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  192.168.200.0/24     anywhere
ACCEPT     all  --  anywhere             192.168.200.0/24

• iptables config:

:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -s 192.168.200.0/24 -j SNAT --to-source <XXX.XXX.XXX.XXX external IP>
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
-A FORWARD -i ztfp6azm -s 192.168.200.0/24 -d 0.0.0.0/0 -j ACCEPT
-A FORWARD -i eth0 -s 0.0.0.0/0 -d 192.168.200.0/24 -j ACCEPT
:OUTPUT ACCEPT [0:0]
COMMIT

• port forwarding output (cat /proc/sys/net/ipv4/ip_forward) : 1
• Firewall rules:

• PC configuration:

 

From 192.168.200.XXX to 192.168.1.XXX everything work (access to samba and other local resources).

And connection does not work to internet from 192.168.200.XXX via 192.168.200.95 (same thing from windows pc, from android phone).

I do not understand why this bloody thing does not work