force Zerotier outgoing interface

Started by ja3far, July 14, 2021, 10:43:53 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 14, 2021, 10:43:53 AM
Hello
I have installed zerotier plugin and everything is working as expected. In my OPNsense setup I also have OpenVPN clients connected to the outside world and assigned to interfaces. On the zerotier management portal I noticed that OPNsense is connected using one of the OpenVPN client IPs.
Is there a way to force it to use the WAN interface only? my WAN interface is vtnet1. I tried the following zerotier configuration without success.

{
  "settings": {
    "defaultBondingPolicy": "aggressive-active-backup",
    "policies": {
      "aggressive-active-backup": {
        "links": {
          "vtnet1": {
            "ipvPref": 4,
            "mode": "primary"
          }
        }
      }
    }
  }
}
July 20, 2021, 04:47:08 PM #1
Hi,

you need to blacklist the openvpn network, you need this custom parameters in zerotier:

for example:

"physical": {
   "192.168.0.0/24": {
      "blacklist": true
July 20, 2021, 09:49:23 PM #2
Thanks Cerberus
I have reviewed the config manual, and found that I can do this

{
    "settings": {
        "interfacePrefixBlacklist": [ "ovpnc" ]
    }
}
Print
Go Up Pages1
User actions