Hi, have been trying to get to the bottom of this for a few days and I can’t see why this isn’t working.
I am trying to get Zerotier working in a similar way to a traditional roadwarrior VPN. I have to use this (or similar) as I am on Starlink and CGNAT’d. I really like ZeroTier as it gives me control around access/firewall rules etc. Tailscale doesn’t and call me old fashioned but I don’t trust someone else’s ACLs! Before I give up and go down a VPS route, I thought I’d try here.
I have Zerotier setup on my OPNSense router. I can connect it to my network and have setup the route etc etc. I have the recommended settings/arguments in the config. currently have a blanket allow rule on the firewall for ZeroTier interface.
From a Windows pc on a different network I can also connect to the ZeroTier network. I can ping the OPNSense machine and machines in that subnet. I can also connect (http/s) and browse to some simple services - e.g piKVM or the OPNSense Login page. But the weird thing is thinks like my Synology login or Plex don’t work, I can see they connect (in fw logs) and they whirl in the browser, but they do not load… I cannot understand why. I can ping those machines. I can telnet to the ports for those services… but the pages do not load!
IPerf test confirms a reasonable bandwidth of 8 Mbit/sec and the setup works with Tailscale.
Weirdly testing connectivity the other way (from OPNSense network to the Laptop), I see much slower IPerf results (3-4Mbits) and some dropper all together.
Am I missing something in my setup? Is this related to the OPNSense config issues I have read about?
Any help appreciated!