Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
ZeroTier sessions from all interfaces?
« previous
next »
Print
Pages: [
1
]
Author
Topic: ZeroTier sessions from all interfaces? (Read 555 times)
DocGonzo74
Newbie
Posts: 30
Karma: 3
ZeroTier sessions from all interfaces?
«
on:
July 06, 2024, 04:09:49 pm »
I have ZeroTier configured with my OpnSense firewall as an endpoint. The VPN works great as a default gateway and a remote access solution.
The problem I'm having is that all of my interfaces are trying to establish connections to the ZeroTier network. All of the sessions are being caught and denied by the auto-created default deny rule. My IPS is seeing these sessions as well.
Has anyone else seen this activity? If so, are you blocking it or just chalking it up to the ZeroTier plugin being a bit chatty and trying to talk out of every port?
2024-07-06T10:05:53.509258-0400 2039784 allowed 1_LAN 192.168.1.253 9993 103.195.103.66 9993 ET INFO ZeroTier Related Activity (udp)
2024-07-06T10:05:53.509241-0400 2039784 allowed 1_LAN 192.168.1.254 9993 103.195.103.66 9993 ET INFO ZeroTier Related Activity (udp)
2024-07-06T10:05:53.509228-0400 2039784 allowed 1_LAN 10.254.254.253 9993 103.195.103.66 9993 ET INFO ZeroTier Related Activity (udp)
2024-07-06T10:05:53.509215-0400 2039784 allowed 1_LAN 172.16.200.253 9993 103.195.103.66 9993 ET INFO ZeroTier Related Activity (udp)
2024-07-06T10:05:53.509195-0400 2039784 allowed 1_LAN 172.16.100.253 9993 103.195.103.66 9993 ET INFO ZeroTier Related Activity (udp)
2024-07-06T10:05:53.509177-0400 2039784 allowed 1_LAN 172.16.1.253 9993 103.195.103.66 9993 ET INFO ZeroTier Related Activity (udp)
2024-07-06T10:05:53.509154-0400 2039784 allowed 1_LAN 172.16.200.1 9993 103.195.103.66 9993 ET INFO ZeroTier Related Activity (udp)
2024-07-06T10:05:53.509135-0400 2039784 allowed 1_LAN 172.16.100.1 9993 103.195.103.66 9993 ET INFO ZeroTier Related Activity (udp)
2024-07-06T10:05:53.509112-0400 2039784 allowed 1_LAN 172.16.1.1 9993 103.195.103.66 9993 ET INFO ZeroTier Related Activity (udp
Logged
Cerberus
Jr. Member
Posts: 63
Karma: 4
Re: ZeroTier sessions from all interfaces?
«
Reply #1 on:
July 12, 2024, 10:21:13 pm »
I think Zerotier does this for multipath, if there are multiple ways out, it uses them. You can add options to ignore certain networks for transport.
try adding this to your zerotier config:
{
"settings": {
"interfacePrefixBlacklist": ["interface1", "interface2"]
}
}
https://docs.zerotier.com/config/#local-configuration-options
Logged
newsense
Hero Member
Posts: 1036
Karma: 77
Re: ZeroTier sessions from all interfaces?
«
Reply #2 on:
July 13, 2024, 02:46:22 am »
If you have ZT nodes in vlans that will connect directly to the network then you need to allow that traffic source IP/alias to Destination ANY DPort 9993
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
ZeroTier sessions from all interfaces?