Help with OPNSense and ZeroTier for connecting two office

ismurdegus · February 26, 2021, 9:36am

Hi guys
Hope everyone doing well and safe!

I am been working on this for weeks and also ask on the Zerotier forum but no one can help me.

I have two office connected to the internet with a 4G modem in bridge to the OPNSense router/firewall.
I installed the ZeroTier plugin and configure everything like suppose to be. Below my setup:

OFFICE 1
4G Modem
OPNSense → 192.168.2.1
ZeroTier IP → 10.10.10.2

OFFICE 2
4G Modem
OPNSense → 192.168.3.1
ZeroTier IP → 10.10.10.3

SALES LAPTOP
4G Modem
ZeroTier IP → 10.10.10.5

My main problem is that OFFICE 1 & 2 can’t ping each other so from OFFICE1 I can’t access the NAS that is located into OFFICE 2 .

At this stage I have instead access to OFFICE 1 & 2 from the LAPTOP; and if I try to ping the LAPTOP from OFFICE 1&2 also work.

I am not an expert at all but I think I need configure some rules inside the two router/firewall at OFFICE
1&2 ?

Anyone cam give me some help please?

Thanks

chrisfonte · February 26, 2021, 1:45pm

Are the Zerotier Nodes set up to bridge?

ismurdegus · February 26, 2021, 9:39pm

Hi
If you mean the “Allow Ethernet Bridging” inside the ZeroTier web interface, Yes I have it activate.

Thanks

garethw · February 27, 2021, 10:00am

Never used Zerotier but my understanding it that it sits on top of your existing connection so if Zerotier is working then it’s not going to be a router / firewall problem. It’s going to be a zerotier problem.

as I say, I don’t use it so I don’t really know but I think it works the same as other vpn ish solutions.

ismurdegus · February 28, 2021, 4:13am

Thanks for your comment
I find strange that no one had never use ZeroTier for a “Site to Site” vpn.

garethw · March 4, 2021, 10:30am

Again, I could be way off here but my understanding of zerotier is that it’s for connecting multiple devices together not for connecting multiple sites.

In my opinion you would be better off with a pfSense box (or VM) running OpenVPN (or wireguard now I guess)

neogrid · March 4, 2021, 10:39am

OpenVPN is pretty stable, site-to-site just works, though I much prefer running two RAS. If you are running OpenVPN 2.5 I believe they have updated their encryption and security further, that’s more important for sure when connecting businesses.