Disabling remote access to LAN with ZT on Mikrotik router

I want to use ZT in order to secure my network by making my devices on LAN inaccessible from both within LAN and from WAN. I want to connect to them only with ZT. If I understand the ZT concept correctly, this is done by design and there is no firewall configuration needed since everything is handled by the ZT virtual interface, except perhaps forwarding?

ZeroTier will allow you to have secure communications between devices, but it won’t by itself disallow insecure communications. You’ll need to block traffic at L3 using a Firewall (whether network or host based), and at layer 2 using something like dot1x or MAC filtering since L2 traffic won’t traditionally go through a firewall.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.