Maybe asking too much… wondering if ZeroTier client could be developed for these devices since they have WiFi support, including WPA2 and WPA3. Thanks.
I fully support this request. It would open the door to a new IOT platform
Have you tried out this one:
Maybe someday but it’s not currently under development nor is it planned. I think you’d have a better experience setting up a bridge onto a ZeroTier network (like a raspberry pi or such) and having all your IoT devices talk through that.
There’s a really good tutorial here: Getting Started with Software-Defined Networking and Creating a VPN with ZeroTier One | DigitalOcean
It’s a bit lengthy but it’s pretty easy to do if you follow each step carefully.
I do communicate with a couple of raspis in my home vacation through a reverse ssh tunnel (the router there is behind CGNAT and no ports can be opened on it). The setup works (very slow) but the ZT concept is very clean and universal (both in processors term and in services). For me it would be quite a good thing to be able to add to my private network there ESP32 units.
I forgot to mention that to have the reverse tunnel alive, a raspi had to be permanently online behind mi home network router, so as to act as the entry point of the tunnel for all the units wanting to communicate with the tunnel originator. No need for this raspi with ZT approach.
And reverse ssh requires to have the shh port open in my home network router. No need for this with ZT.
ESP32 simply doesn’t have the compute power to do the cryptography required by ZeroTier. @zt-joseph’s suggestion to use the pi as a ZeroTier bridge/router is probably the closest you’re going to get.
I’m not an expert, but I have many doubts that ESP32s do not have enough computing power to setup a VPN. I have no data to support my assertion, only my technical intuition
Well, the ESP32-S3 has hardware crypto acceleration on board, so I wasn’t sure. I have ZT running on a little NanoPi ARM board at 480 MHz quad core and CPU consumption is modest (0 to 5%). The ESP32-S3 is a dual core at 240 MHz. My guess the issue for the ESP32-S3 won’t be the CPU but the limited memory.
I don’t think memory needs to be an issue if you use a board with external RAM. Espressif ESP32-S3 supports internal RAM of a few hundred kilobytes and 16 MB of external SPI RAM. It is of course a challenge to make it all fit in that small amount of memory.
What I’ve heard and read, there will be plenty of simliar ESP32 coming out this year with support for larger external RAM and improved MMU that possible might even run an ordnary linux kernel as well. Mikrotik has several devices, allthoug not ESP32, that runs Mikrotik RoS (Linux based) using only 64 Mb RAM.
Even though the network communication including encryption might be slower, it doesn’t really matter since IoT devices normally try to limit the data flow to a minimum. What does matter is reliable and secure network communications.
Not to set up a VPN, no. The use I envision would be an edge device, such as a remote sensor that would periodically send or receive small amounts of data. For sensors that are too far away from the local LAN router, there are ESP32-S3 boards with integrated 4G LTE connectivity. If that device had a ZT address then anyone on the VPN could see the sensor.