Below are the steps required to get Zerotier setup on your OPNsense router to act as a network bridge between your Localnetwork and Clients with Zerotier client installed on remote networks.

In ZT network screen:

• Managed routes:
  • An IP assigned to the ZT network for the range selected e.g. 10.10.10.0/24.
  • For the device the service runs on (OpnSense) there is a destination for 192.168.1.1/24 to LAN of the ZT network IP range you’ve set e.g. 10.10.10.22.
• Auth
  • Activated for OpnSense appliance on 10.10.10.22 device above
  • Activated for Mobile device on 10.10.10.23 managed

On the OpnSense appliance on 192.168.1.1:

• Packages
  • ZeroTier integration package installed.
• Interfaces
  • ZT interface enabled on static IP without IPv6.
  • IPv4 address is assigned to the IP of the device in ZT 10.10.10.22.
  • Upstream set to auto detect.
• Firewall Rules ZT
  • Action: Pass
  • Interface: ZT
  • Direction: In
  • TCP/IP: IPv4
• VPN Settings
  • Enter your ZT network ID and enable