Pinning this comment with some reference materials: OPNsense setup docs: docs.opnsense.org/manual/how-tos/zerotier.html Zerotier whitepaper: docs.zerotier.com/zerotier/manual
@WineTwoThree
2 жыл бұрын
Best explanation and demo of ZeroTier I've come across. Loving your channel content and presentation style!
@TheNetworkBerg
2 жыл бұрын
Thanks Sam, I really appreciate the kind words!
@starfoxBR77
2 ай бұрын
Second time using this guide! Amazing!
@blk86trk
Жыл бұрын
All I can say is thank you, very clear and easy setup for ZT!!!! Installed both OPNsense and ZT in less than 30min....and most of that was d-load time....
@SergeantTrigger
10 ай бұрын
Loud and clear, thank!
@maigonis.elleris
2 жыл бұрын
Now I understand more how it works, will setup on my Mikrotik for testing.
@mikendala6722
6 ай бұрын
Good stuff. ZT has always made things easier for me. I have it running on MT arm64 architecture and I just love it.
@simonjones3224
Жыл бұрын
You solved it for me dude! missed the routes on the ZT side! Thanks!
@qcnsllcqcnsupport7616
2 жыл бұрын
Great video... more opnsense videos please 🙏
@TheNetworkBerg
2 жыл бұрын
Thanks, I definitely plan on creating more OPNsense content ^^
@JasonsLabVideos
Жыл бұрын
Thank you for this Clear video sir, I think i'm going to try this !
@silverismoney
Жыл бұрын
Thanks for your video. I couldn't work out the last part on adding a route to one of my VLANs but you explained it really simple. I have a question though, I have 3 WAN links, I want Zerotier to be able to use any of them to get to the internet. Is it just a matter of making an outgoing rule on the Zerotier firewall rules that uses my gateway group ?
@dr.anymemm
2 жыл бұрын
Dear Johnny, thank your for this great video! I've been successfully running multiple mission-critical NeoRouter networks for quite some time now, on own controllers, 500+ nodes. Is maybe ZT the ultimate open source NeoRouter replacement on steroids - I was thinking?! AFAIK, it is also possible to run your own ZT controller, so you can have full control over your ZT network. Might be veeerry interesting! All the best and greetings from Germany, Dr. Anymemm
@camaycama7479
Жыл бұрын
sweet and neat! Bravo!
@Zeenixx
2 жыл бұрын
Very nice guide, thank you for all your work. I have also been looking at ZeroTier, but can’t decide if I am going to use Netmaker that some clams are a lot faster. Could be wonderful if you could test that clam.
@matt-san7
Жыл бұрын
Thank you very much for those awesome tutorials! I got an OPNsense router for my office where I have several machines and I want to connect to that from my home using Zerotier. What would be the best way to make all machines connected to the OPNsense available to my home PC? Do I need to manually add a route for every machine like you did it?
@chuckcorvec3453
Ай бұрын
Do you have a video on opnsense firewall rules
@zyghom
8 ай бұрын
nice, but question: what is the difference/advantage of having Zerotier vs having wireguard server in your lab? then you can connect to your home from any device where you have WG client installed. Am I missing anything here? Oh, and with WG nothing goes out of YOUR devices - unlike with the Zerotier - the controller is NOT in your possession, right?
@tomhueb793
Жыл бұрын
Wondering why i can still connect to the firewall IP while disconnected from the ZeroTier client on windows??
@Mainzproper27101995
9 ай бұрын
I did everything exactly as you did but it doesn't work for me
@JeremiahK
Жыл бұрын
Very nice video. I'm a networking novice, but am having fun playing with zerotier and just started with opnsense too. What would you say would be a good general rule or set of rules to add, rather than to allow all for the ZT interface?
@DerekAldridge1
Жыл бұрын
I've been deciding between OPNSense and pfSense when my hardware comes in. Do you specifically prefer Zerotier over Tailscale? I've been using Tailscale for quite some time, but I wasn't sure if there's something that I'm missing feature-wise from Zerotier that makes it better. I do like the interface of OPNSense better, but having Tailscale as native in pfSense gives it a slight edge to me at this point.
@TheNetworkBerg
Жыл бұрын
Both protocols work pretty similar, even throughput is very similar although Tailscale pulls slightly ahead. The biggest difference is Zerotier is a custom protocol whereas Tailscale makes use of Wireguard. If you already have a network running on Tailscale then it would make sense to continue using pfSense. If I'm not mistaken Tailscale is an additional package for pfSense that was only brought online a couple of months ago by Christian McDonald one of the pfSense devs. So the potential is there to see a package on OPNsense as well, although I do not know if this is something that is being actively worked on.
@haydenc2742
Жыл бұрын
oof...just tested with zenarmor...says the interface cannot support jumbo frames, went back into the interface ZT, set frame size to 1500 rather than empty and it started working
@zippytechnologies
Жыл бұрын
been playing with opnsense and pf - went with OPN but my question now is bare metal or as a vm on my proxmox cluster? I currently have fiber to house, ATT fiber network modem/router with 4 1gb out I take to my own DDWRT router (helps with some firewall and IP routing - I have 5 public IP addresses I pay for - don't start with me on reasons why... I have testing IP, gaming IP and home IP I don't like to mix when I share my public gaming or other network traffic with my personal stuff... anyhow - I have 5 from my ISP currently ATT.). I take the DDWRT router to my switch then to all my computers and devices - which includes 10 nodes for proxmox. Most are small dell servers I use as minecraft host or whatever I want host for VM with additional HDD and SSD OSD in a PM managed ceph cluster... long story short - I need to know if I can just live with OPN as a VM on a node somewhere in my PM cluster of nodes with live migrate to next on failure etc - or if that just negates all the reason for OPN for safety and security routing behind routers already... I want to manage the IP's with reverse proxy and OPN.. again another reason to have multiple IP at home... different domains totally isolated and when I get ddos I can swap over and keep plugging away lol.. anyhow - I am just lost on if I can or should keep OPN on the same level of VMs on the Proxmox nodes or maybe if its better to put on its own bare metal... and insert that right after the ATT fiber modem and then manage all IP and domain proxies from there on... need to be able to find and talk to all the VM's for each service on my PM cluster... but I was also thinking about doing a really small 2 or 3 node PM cluster just for network management - like a separate PM cluster in front of my main cluster of application servers and ceph nodes... From what I see - it seems to work fine just on the same layer - and I know it is overkill to dedicate and pay for power for 3 machines just for opn sense... maybe I can just do 1 or 2 with failover - never tried the built-in fail-over for OPN and no idea how it works... I just know the PM nodes with my VM's never ever go down unless I take them down... power out - HDD failure - they bounce over to the next in the list on my HA definitions within my cluster... Data is a little slower than bare metal and heavily affected by large bandwidth migrations - but other than that - it is perfect for me for data redundancy... I just am trying to go the next step and actually use opn or reverse proxy to define where all my servers exist and to help with intrusion and threat monitoring... Most of my nodes are pretty secure for home use with default debian Proxmox setup - and all I do for passing IP to a specific VM is have the router passthrough all IPS to my DDWRT box and then have that simple listen and repeat all range except specific ones I block or forward to the LAN side where I have the cluster living and each VM then just is static assigned the IP I want for it's service manually... thinking there is an easier way but my way works too.. ideas? Do I need OPNSense on its own machine in front of the proxmox cluster to manage everything and monitor traffic correctly?
@karloa7194
2 жыл бұрын
Netmaker is probably a better SDWAN alternative. There is no plugin as far as I know, but there is a FreeBSD installer
@BrendanRichman
Жыл бұрын
Tried every guide on the internet, but can't seem to keep a reliable connection going. Pinging is more miss than hit. Any ideas?
@theterriblegamer1228
Жыл бұрын
any chance we can get a video that connects 2 OPNsense routers with zerotier and allow LAN to LAN communication? Having a time trying to figure this out.
@calebrio02
Жыл бұрын
same inquiry here 👋
@TheNetworkBerg
Жыл бұрын
Will swing back around to this idea and see if I can get a video up regarding "site-to-site" Zerotier connectivity ^^. Thanks for your suggestion!
@calebrio02
Жыл бұрын
@@TheNetworkBerg thank you dude 🙌 new subscriber
@theterriblegamer1228
Жыл бұрын
@@TheNetworkBerg Thanks. Love the product but the step but step guides are lacking.
@PS-xn8ej
2 жыл бұрын
Maybe you know how to enable masquerade on WAN interface also not only on LAN ?
@TheNetworkBerg
2 жыл бұрын
Sure, I'll see if I can make a video on that as well
@ajudanet8005
Жыл бұрын
In a regular network would you use mk + opnsense or just keep one of them?
@TheNetworkBerg
Жыл бұрын
For SOHO networks I would typically suggest just deploying a single device. Comes down to preference if you want to either use MT or OPNsense. Both have pros and cons, though I do think there's a bit more firewalling that you can achieve by using an OPNsense.
@ajudanet8005
Жыл бұрын
@@TheNetworkBerg it's a smb environment... With dual Wan case
@siphiwokhumalo8412
2 жыл бұрын
Why does it feel like router OS(s) are being exterminated by these firewall "sense" technologies. Now that you can install an NIC and run the network directly to your machine from the ISP. Cancel the Netgate or whatever device you are using. Routers were like let's install OS who needs these network OS, and PC were like lets virtualize the entire thing. What were routers?
@aoczon
2 жыл бұрын
Please one with crowdsec
@johnarnebirkeland
3 ай бұрын
No your fault, but lost me at the external account requirement.
Пікірлер: 41