If I have two ZS boxes A and B on separate networks on the internet, both have a single connection to the internet.
ZS-A has two NIC’s connected to a single switch, the switch gets an internet connection from a router with IP 192.168.1.1/24 (set as Default GW for ZS-A). ZS-A ETH00 connects to the internet connection with IP 192.168.1.2/24 (behind NAT) ETH01 has IP 172.16.1.1/16 and will be used for client devices.
ZS-B has only one NIC with a public IP address ETH00 18.104.22.168/24 and Default GW 22.214.171.124
I want ZS-A to connect to the internet through ZS-B using the the public IP of ZS-B. Can I do this by setting up a LAN to LAN VPN if ZS-B has only one NIC? If I understand the LAN to LAN VPN correctly I will need to have a second NIC on ZS-B eg:
(if ZS-B has second NIC) ZS-B ETH01 10.0.0.1/8
ZS-B LAN to LAN VPN Server IP 192.168.250.250/24
ZS-A LAN to LAN VPN Client IP 192.168.250.251/24
If ZS-B had a second NIC I would route to ZS-A with a static route like – Destination 172.16.0.0/16 via GW 192.168.250.251/24 and the reverse on ZS-A like- Destination 10.0.0.0/8 via GW 192.168.250.250/24.
But if I can’t install a second NIC on ZS-B how can I accomplish this?
Should I not use VPN to accomplish this?
OK so now I understand. Disregard my post above (what a mess). I was confused about how to set the internet gateway and was thinking I had to do this manually (trying all sorts of crazy things) but then realized that NetBalancer does this by applying individual rules. I was way off!
From what I now understand about Linux IPtables or netfilter is that by creating individual rules in NetBalancer it must be creating PREROUTING and POSTROUTING rules in the NAT table forcing all traffic from one interface (LAN NIC) down another (VPN interface).