Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
firewall rule on the ZeroTier interface in OPNsense
« previous
next »
Print
Pages: [
1
]
Author
Topic: firewall rule on the ZeroTier interface in OPNsense (Read 1032 times)
manilx
Jr. Member
Posts: 88
Karma: 4
firewall rule on the ZeroTier interface in OPNsense
«
on:
September 03, 2022, 10:26:22 am »
I have configured ZT according to this:
https://wcollins.io/post/2022/exploring-zerotier-for-remote-access/
All is working just fine. But the wide open fw rule is of course an issue.
Any ideas on how I should close down this rule a bit? I have tried to make an alias and put the ZT client IP's in there and then use this as the source in the fw rule to only allow the defined clients access but this does not work as clients which are not mentioned in the alias can connect.
«
Last Edit: September 03, 2022, 02:12:50 pm by manilx
»
Logged
manilx
Jr. Member
Posts: 88
Karma: 4
Re: firewall rule on the ZeroTier interface in OPNsense
«
Reply #1 on:
September 03, 2022, 11:09:51 am »
What I want to do is only allow specific nodes to connect to OPNsense (i.e. my internal network), even if they are connected to the ZT network...
As the fw rule I created as specified above doesn't work I don't have a clue and really appreciate help.
«
Last Edit: September 03, 2022, 02:13:00 pm by manilx
»
Logged
manilx
Jr. Member
Posts: 88
Karma: 4
Re: firewall rule on the ZeroTier interface in OPNsense
«
Reply #2 on:
September 03, 2022, 02:11:35 pm »
I had lots of traffic being blocked on the FW level regarding ZT.
One has to add a few FW rules in addition to the description in the blog above. Didn't know which ones...
Also the speed was 25-30% of what I get with working Wireguard.
So in the end no advantage and I uninstalled it.
«
Last Edit: September 03, 2022, 02:13:45 pm by manilx
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
firewall rule on the ZeroTier interface in OPNsense