Had same probs - dropped packets dropped lines etc. If you blacklist the LAN subnet in the local.conf it becomes rock solid. Some guy on some forum figured that out I just followed it. Also, opening UDP 9993 like you did for wireguard's default port doubled my iperf throughput results. Hopefully this saves someone else some hassle.
@venopsis2 жыл бұрын
Hey, thanks for those useful info. could you describe exactly what has been added into the local.conf file, etc? Pastebin or other way.
@the_KID_b Жыл бұрын
@@venopsis pastebin sbtzVL56 . the link there has some good informations
@BrianJBrandon3 жыл бұрын
Did someone say open source router with built in WAN network multipathing?? Assuming site A was a datacenter and each sub site was a field office (with multiple Internet connections such as xDSL, Cable, 5G, etc) each sub site could bond (unify) multiple wan internet connections to form a single ultra reliable aggregate.. Yes, the speed of all individual Internet connections can soon be realized.. Now if we can just get it up to 88mph.. Great Scott!
@Nick-ud6oy9 ай бұрын
Thanks for this video
@BrianJBrandon3 жыл бұрын
A of this writing, the zero tier package in opnsense was created by the Opnsense community not by zero tier.
@JamesT653 жыл бұрын
6:10 this is why I used my own private controller
@utrutr60133 жыл бұрын
Thanks for the video and especially for keeping the problems in the video. I would very much like to use ZT with OPNSense but this is not looking great. I wonder how actively the ZT plugin is developed and improved. Anyone know?
@GatewayITTutorials3 жыл бұрын
Thank you for your kind words sir :) It's a community supported plugin (at least the last time I checked it was).
@utrutr60133 жыл бұрын
@@GatewayITTutorials I'm trying to read up on it now because I just bought a new Protectli with OPNSense and I was hoping to use the ZT plugin. I just recently found you and I see you do numerous OPNSense vids so I just subscribed and the bell is ready to let me know.. Lol.
@PowerUsr13 жыл бұрын
This is highly unstable package. I configured it exactly per the instructions here and within OPNsense documenation. The ZT interface remains down for some reason and i cannot ping my other firewall nodes. Firewall rules are wide open for ZT interfaces. Wireguard and openVPN are much preferred over ZeroTier right now. Still very buggy.
@isandervod3 жыл бұрын
Great video. I use zero tier with Teltonika routers on production and its work fine. I dont have any connection issues. Do u know any other vpn working behind NAT and without public ip?
@GatewayITTutorials3 жыл бұрын
Thanks :) Nebula and WireGuard, but Nebula doesn't have an official package just yet
@tuxfever5373 жыл бұрын
I prefer using IPSec with dynamic DNS in these cases. It works fine as long as you allow any gateway to connect to it. If you feel like this is insecure you can still setup IPSec with RSA instead of PSK.
@rudypieplenbosch675211 ай бұрын
Would be nice if you would show us how to do this without openpfsense. Connecting two sites, where Zerotier is installed on a VM used as an exit node.
@MohamedShaheed3 жыл бұрын
Bro, i am having an issue with windows server 2012, the network adaptor is not getting installed using the latest windows installer as well. it has no use if i can't install properly on servers. please let me know if you have any solution for this. application installed on the server but status shows PORT_ERROR.
@GatewayITTutorials3 жыл бұрын
I didn't do much testing on the windows side of things unfortunately, you'll have to post your issue on their forums to get some help.
@ajudanet80052 жыл бұрын
Can wireguard do the same function like zrrtier? Do you have any video?
@GatewayITTutorials2 жыл бұрын
I've got videos on WireGuard, but it's definitely not the same as ZT. WG requires much more configuration, and for good reason.
@mukky5808 Жыл бұрын
Bro, I was wondering it could be possible ?... One remote Windows Server connected to Zero Tier One Opnsense router connected to zero Tier Both of those machine can ping each other. How we could setup opnsense router in order to enabling all of clients under Opnsense router to connect to remote Windows server (which connected to zerotier) without installing zerotier on each of client machine. Thanks.
@BrendanRichman Жыл бұрын
Tried every guide on the internet, but can't seem to keep a reliable connection going. Pinging is more miss than hit. Any ideas?
@benardmensah76883 жыл бұрын
So from your experience which is better zero tier or wireguard?
@GatewayITTutorials3 жыл бұрын
ZeroTier looks cool on paper, but it is not as stable as WG. So for OPNSense site2site links I use primarily WG (unless both firewalls are behind the NAT, in that case ZT is a way to go). But when it comes to large deployments of OSes (FreeBSD, Linux), I use Nebula (OpenSource project from Slack) to achieve pier2pier communication. Video on Nebula is coming soon too :)
@JamesT653 жыл бұрын
@@GatewayITTutorials i have used zerotier with my own controller and found it to be as stable as anything else. I also use wireguard and its performance is slightly better than zerotier. Wireguard exposes too much header information where zerotier is entirely closed. Wiregard is able to stream hls and other video formats where zerotier has some issues. I prefer zerotier to secure all my ops management.
@JamesT653 жыл бұрын
@Benard Mensah I use them both neither is better than the other.
@faithful4513 жыл бұрын
@@GatewayITTutorials I'm looking forward to the Nebula vid!
@ajudanet8005 Жыл бұрын
It's possible to create a new video tutorial doing several site to site vpn with zerotier? Really having trouble finding a solution... Tks
@scottjmagee3 жыл бұрын
Does anybody know if ZeroTier's reliability with OPNsense has improved since this video was made? I'd love to use it as I also use it on Teltonika 4G/LTE routers and our Raspberry Pi Based UniFi controllers and 3CX Session Border Controllers to remote admin. It would be great to use it on the OPNsense routers too but I'm nervous about using it after seeing how unstable it was in this video!
@GatewayITTutorials3 жыл бұрын
Well, give it a go, maybe you'll have different results. Just don't rely on the ZT on its own, create another way in for yourself: like a WG VPN or OpenVPN, or expose a web interface to WAN. So in case if your ZT tunnel fails you've got a way to restart the service or troubleshoot the issue.
@docssera56172 жыл бұрын
if i restarted the opensense the service have to be restarted and the interface also why ?