Hello guys, I have a simple question.
Can OPNsense firewall filter and use Intrusion Detection and Prevention System (IDPS) for Zerotier tunnel?
Hello guys, I have a simple question.
Can OPNsense firewall filter and use Intrusion Detection and Prevention System (IDPS) for Zerotier tunnel?
I don’t see why it couldn’t. Each ZeroTier network gives you a virtual Ethernet device and you could probably attach it to the IDS. I’m not that familiar with OPNsense, though, so i couldn’t tell you how.
I have tested it on OPNsense and it’s working. (btw, it’s a lab environment in Virtualbox).
The key is to route all the traffic (default route) to the OPNsense address.
For instance (at zerotier central):
0.0.0.0/0 via “OPNsense ZeroTier IP address”
and then, other devices must allow default route (Full Tunelling)
Linux:
“sudo zerotier-cli join “network-id” allowDefault=1”
or if you’ve already joined a network, just type…
“sudo zerotier-cli set “network-id” allowDefault=1”
Android:
Tick the “Route Via ZeroTier” box.
Windows:
Tick “Allow Deafult Router Override” at your network-id
on OPNSense IDS (Suricata), select WAN interface.
Some useful articles for reference:
This topic was automatically closed after 30 days. New replies are no longer allowed.