ZeroTier Road Warrior setup on 26.01

[opkky]

Hello Guys.

I am setting up remote access to my home network with the help of ZeroTier and OPNsense v26.01
At the end I need to get access to my home network behind OPNsense.

For some reason I can access only OPNsense router via ZeroTier overlay but not the LAN network behind the bridge.
I have a computer with 4 GE ports. The first is WAN and the rest 3 are bridged in to Bridge LAN

Firewall from ZeroTier interface to bridge lan is open


and



Any ideas what is going wrong here?

[opkky]

Case is closed.

The problem was not related to ZeroTier. It was because I used lanbridge interface on the device.
It require additional floating outgoing firewall rule to allow traffic from bridge to LAN.

Now all works fine.

[Patrick M. Hausen]

It was because I used lanbridge interface on the device.
It require additional floating firewall rule to allow traffic from bridge to LAN.

This should not be necessary.

Did you

- assign "LAN" to the bridge interface?
- add the two mandatory tunables for a LAN bridge?

Documentation, step #6.

https://docs.opnsense.org/manual/how-tos/lan_bridge.html#lan-bridge

[opkky]

All steps related to bridge creation were done as said in documentation, including step 6.

This is a new device install. There is nothing special is needed, except remote access to the network.

I noticed that even if I ssh directly to the device and then in cli ping from Bridge interface hosts from LAN, it was not working.
And after applying floating firewall rule, it started to work as PF was blocking access.

Ans as a result access to LAN hosts via ZeroTier also started to work