Network Setup Advice

Micxen · June 13, 2023, 12:06pm

Hi Forum.

I am about to setup a Zerotier network with one ‘master server’ containing applications that needs to communicate with a lot of clients. (At this point, all Windows 10). That’s pretty strait forward, everyone can communicate with everyone.

My challenge is, that clients should NOT be allowed to communicate with other clients - Only to the master-server. How do I achieve that? As far as I can see, there is no firewall in the Zerotier Central?

Is this only possible to prevent with client-firewalls? Or can I do this in another way, by creating the Zerotier network structure in a specific way?

Best regards.
Michael.

AndrewZ · June 13, 2023, 12:27pm

Not true. Have you ever logged into my.zerotier.com ?
This is the example for your specific use case - Client Isolation

Micxen · June 13, 2023, 12:45pm

Yes, all my setup is done through my.zerotier.com.

In general, im working with iptables in Linux and pfSense, but unfortunately i dont understand how zerotier-firewall works then. If that is best practice in this case, ill need to look a bit more into how the firewall is working.

Thanks.

AndrewZ · June 13, 2023, 12:54pm

See this recent discussion for ideas: Allow rdp and ping only - #2 by AndrewZ

Micxen · June 13, 2023, 8:46pm

Much better, i can work with that!

Thanks!

system · July 13, 2023, 8:47pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.