Basic Tutorials for ZT Networking? 0.0.0.0 routes and IPS to inspect outbound traffic

bbowlsbey · July 14, 2021, 1:47pm

Hello, new ZT user here.
Use case: 15 users quarantined in geographically separated living spaces. Users connecting to Google Workspace accounts to do work with BYOD devices.
Requirement: Enable a Nessus server to connect and scan all endpoints, and redirect all outbound web traffic through an OPNsense or PFsense vm running Suricata or Snort in the cloud for inspection.

Anyone doing anything similar? I think I can redirect all traffic to the *Sense box by using a redirect in the rules, or entering a quad 0 route. Assuming that is so and my technical solution works; has anyone had any difficulties with non-technical end users being able to comprehend how to join the ZT network when they use their BYOD for work? Has it been easy to redirect all work related traffic through the IPS by simply teaching them to join the ZT network and disconnect from it when doing personal stuff?

Any thoughts would shorten my development time and be appreciated.

zt-travis · July 14, 2021, 8:21pm

Hello!
User’s will have to check the “Allow Default” checkbox in their client network for 0.0.0.0 to work.

You can send all zerotier traffic to you IDS with a tee rule without using zerotier default route.
If you want to monitor all their webtraffic as well, you’ll need the default route.

bbowlsbey · July 19, 2021, 8:15pm

Thank you sir. Appreciate it.

system · August 13, 2021, 1:47pm

This topic was automatically closed after 30 days. New replies are no longer allowed.