Configure pfSense to connect to zeroTier for use in a double-NAT situation

Michel-angelo

Hello,

I am trying to use zeroTier (https://www.zerotier.com/) to allow a secure remote access to my home network, using screen sharing. This is useful to access my computer, my data stored on a server, my home automation software and possibly other data. Screen sharing being an unsecured connection, it must pass through a secure link, like SSL.

Unfortunately, virtual networks like zeroTier require a simple NAT to work and fail in double-NAT situations.

Unfortunately, also, my ISP, not alone in this request, makes it mandatory to configure their connexion modem as a router. In view of my lack of trust in my ISP's mandatory router, in order to secure my private LAN, I am compelled to set up my pfSense microfirewall as a router behind my iSP's supplied modem, thus setting up a double NAT at my home, thus rendering zerotier ineffective.

On my request, zeroTier claims to have a solution to that difficulty whereby my LAN devices would access the zerotier virtual network through the pfSense router (the SG-1000) instead of via the zerotier app. To do that, I would need to run zerotier on the pfSense device (the SG-1000). Could a zerotier package exist to procure such service through a pfSense device like the SG-1000 ? Does it exist already ?

I looked in the list of packages accessible to my SG-1000 and did not find any reference to any such zerotier package.

Is there a way to allow a secure access to my home network using zerotier or some equivalent virtual network through the double NAT isolating my home network ?

I would gladly assist to the extent of my abilities in the creation of update of any such package.

Thank you for any suggestion.