{"id":454,"date":"2020-09-15T11:24:50","date_gmt":"2020-09-15T14:24:50","guid":{"rendered":"https:\/\/www.tonev.pro.br\/?p=454"},"modified":"2020-09-15T11:24:50","modified_gmt":"2020-09-15T14:24:50","slug":"instalacao-do-zerotier-no-pfsense","status":"publish","type":"post","link":"https:\/\/www.tonev.pro.br\/?p=454","title":{"rendered":"Instala\u00e7\u00e3o do ZeroTier no pfSense"},"content":{"rendered":"<p>Segue um roteiro para adicionar o servi\u00e7o de VPN do ZeroTier no pfSense. Se ainda n\u00e3o conhece o ZeroTier, <a href=\"https:\/\/www.tonev.pro.br\/?p=441\" target=\"_blank\" rel=\"noopener noreferrer\">leia aqui<\/a> o meu primeiro post. Apenas para deixar registrado n\u00e3o sou favor\u00e1vel a instala\u00e7\u00e3o de pacotes de terceiros que alterem o firewall. O pacote bin\u00e1rio faz parte do ports do FreeBSD e em vers\u00f5es futuras pode estar dispon\u00edvel ou ser removido do reposit\u00f3rio da distribui\u00e7\u00e3o.<\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li>Instale e configure o pfSense ( testado no 2.4.5-RELEASE-p1-amd64 );<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_001.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-458 size-medium\" src=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_001-300x170.jpg\" alt=\"\" width=\"300\" height=\"170\" srcset=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_001-300x170.jpg 300w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_001-700x397.jpg 700w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_001-768x436.jpg 768w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_001.jpg 821w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>Baixe e instale o pacote do ZeroTier do repositorio do <a href=\"http:\/\/pkgmir.geo.freebsd.org\/FreeBSD:11:amd64\/quarterly\/All\/zerotier-1.4.6.txz\" target=\"_blank\" rel=\"noopener noreferrer\">FreeBSD<\/a> ou <a href=\"https:\/\/download.tonev.pro.br\/zerotier-1.4.6.txz\" target=\"_blank\" rel=\"noopener noreferrer\">aqui<\/a>;<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_003.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-479 size-medium\" src=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_003-300x188.jpg\" alt=\"\" width=\"300\" height=\"188\" srcset=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_003-300x188.jpg 300w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_003-700x438.jpg 700w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_003-768x480.jpg 768w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_003-482x300.jpg 482w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_003.jpg 1321w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>Abra o console web do pfSense, entre em &#8220;<strong>System&#8221;<\/strong> -&gt; &#8220;<strong>Advanced&#8221;<\/strong> -&gt; <strong>&#8220;System Tunables&#8221;<\/strong>\u00a0 e clique no bot\u00e3o <strong>&#8220;New&#8221;<\/strong>. Preencha de acordo com a imagem abaixo ( \u00e9 necess\u00e1rio criar o par\u00e2metro de sysctl <strong>net.link.tap.up_on_open<\/strong> com o valor de 1 ). Ao terminar clique em <strong>&#8220;Save&#8221;<\/strong>.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_004.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-461 size-medium\" src=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_004-300x190.jpg\" alt=\"\" width=\"300\" height=\"190\" srcset=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_004-300x190.jpg 300w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_004-700x443.jpg 700w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_004-768x486.jpg 768w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_004.jpg 1274w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p><a href=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_005.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-462 size-medium\" src=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_005-300x190.jpg\" alt=\"\" width=\"300\" height=\"190\" srcset=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_005-300x190.jpg 300w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_005-700x443.jpg 700w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_005-768x486.jpg 768w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_005.jpg 1274w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>No console execute os comandos abaixo para que o script servi\u00e7o do ZeroTier seja carregado no boot:<\/li>\n<\/ul>\n<pre>cd \/usr\/local\/etc\/rc.d\/\r\nln -s zerotier zerotier.sh\r\n<\/pre>\n<p><a href=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_014.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-482 size-medium\" src=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_014-300x188.jpg\" alt=\"\" width=\"300\" height=\"188\" srcset=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_014-300x188.jpg 300w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_014-700x438.jpg 700w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_014-768x480.jpg 768w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_014-482x300.jpg 482w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_014.jpg 1321w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>Ainda no console execute o comando abaixo para que o servi\u00e7o do ZeroTier seja carregado no boot:<\/li>\n<\/ul>\n<pre>echo zerotier_enable=\\\"YES\\\" &gt;&gt; \/etc\/rc.conf.local<\/pre>\n<p><a href=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_015.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-483 size-medium\" src=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_015-300x188.jpg\" alt=\"\" width=\"300\" height=\"188\" srcset=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_015-300x188.jpg 300w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_015-700x438.jpg 700w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_015-768x480.jpg 768w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_015-482x300.jpg 482w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_015.jpg 1321w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>Verifique se o servi\u00e7o est\u00e1 ativo ( no momento n\u00e3o deve estar ), inicie o cliente\/servidor e verifique se est\u00e1 listando o status de conex\u00e3o:<\/li>\n<\/ul>\n<pre>\/usr\/local\/etc\/rc.d\/zerotier.sh status\r\n\/usr\/local\/etc\/rc.d\/zerotier.sh start\r\n\/usr\/local\/etc\/rc.d\/zerotier.sh status\r\n\/usr\/local\/bin\/zerotier-cli listnetworks<\/pre>\n<p><a href=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_016.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-484 size-medium\" src=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_016-300x188.jpg\" alt=\"\" width=\"300\" height=\"188\" srcset=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_016-300x188.jpg 300w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_016-700x438.jpg 700w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_016-768x480.jpg 768w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_016-482x300.jpg 482w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_016.jpg 1321w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>Crie uma rede ou entre na rede publica do ZeroTier. A interface que ser\u00e1 criada tem nome aleatorio, mas consta na saida do comando de listagem de redes. Nesse caso foi a interface <strong>zt80lm2s8e00001<\/strong><\/li>\n<\/ul>\n<pre>\/usr\/local\/bin\/zerotier-cli listnetworks\r\n\/usr\/local\/bin\/zerotier-cli join 8056c2e21c000001\r\n\/usr\/local\/bin\/zerotier-cli listnetworks\r\nifconfig<\/pre>\n<p><a href=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_017.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-487 size-medium\" src=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_017-300x188.jpg\" alt=\"\" width=\"300\" height=\"188\" srcset=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_017-300x188.jpg 300w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_017-700x438.jpg 700w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_017-768x480.jpg 768w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_017-482x300.jpg 482w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/09\/pfs_install_zeerotier_017.jpg 1321w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>Volte para a interface WEB do pfSense e entre em <strong>&#8220;Interfaces&#8221;<\/strong> -&gt; <strong>&#8220;Assignments&#8221;<\/strong>. Em <strong>&#8220;Available network ports&#8221;<\/strong> estar\u00e1 listada a interface da VPN. Clique no <strong>&#8220;Add&#8221;<\/strong>;<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_009.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-466 size-medium\" src=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_009-300x190.jpg\" alt=\"\" width=\"300\" height=\"190\" srcset=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_009-300x190.jpg 300w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_009-700x443.jpg 700w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_009-768x486.jpg 768w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_009.jpg 1274w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>A interface ser\u00e1 adicionada como a pr\u00f3xima OPT dispon\u00edvel;<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_010.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-467 size-medium\" src=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_010-300x190.jpg\" alt=\"\" width=\"300\" height=\"190\" srcset=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_010-300x190.jpg 300w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_010-700x443.jpg 700w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_010-768x486.jpg 768w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_010.jpg 1274w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>Clique na interface da VPN e na configura\u00e7\u00e3o se certifique que est\u00e1 marcada apenas a op\u00e7\u00e3o de <strong>&#8220;Enable interface&#8221;<\/strong>;<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_011.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-468 size-medium\" src=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_011-300x245.jpg\" alt=\"\" width=\"300\" height=\"245\" srcset=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_011-300x245.jpg 300w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_011-700x571.jpg 700w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_011-768x627.jpg 768w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_011.jpg 1274w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>Reinicie o seu pfSense para fazer &#8220;o teste do reboot&#8221;. Quando o firewall terminar o boot, a interface da VPN deve estar listada juntamente com as demais interfaces;<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_013.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-470 size-medium\" src=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_013-300x197.jpg\" alt=\"\" width=\"300\" height=\"197\" srcset=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_013-300x197.jpg 300w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_013-700x460.jpg 700w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_013.jpg 722w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>Logue na interface WEB, v\u00e1 em <strong>&#8220;Firewall&#8221;<\/strong> -&gt;<strong> &#8220;Rules&#8221;<\/strong> -&gt; <strong>&#8220;OPT2&#8221;<\/strong> ( ou na OPT que corresponder a interface da VPN no seu firewall ) e crie as regras que desejar;<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><a href=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_012.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-469 size-medium\" src=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_012-300x245.jpg\" alt=\"\" width=\"300\" height=\"245\" srcset=\"https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_012-300x245.jpg 300w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_012-700x571.jpg 700w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_012-768x627.jpg 768w, https:\/\/www.tonev.pro.br\/wp-content\/uploads\/2020\/08\/pfs_install_zeerotier_012.jpg 1274w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Segue um roteiro para adicionar o servi\u00e7o de VPN do ZeroTier no pfSense. Se ainda n\u00e3o conhece o ZeroTier, leia aqui o meu primeiro post. Apenas para deixar registrado n\u00e3o sou favor\u00e1vel a instala\u00e7\u00e3o de&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15,7,2,8],"tags":[],"class_list":["post-454","post","type-post","status-publish","format-standard","hentry","category-freebsd","category-pfsense","category-rede","category-vpn"],"_links":{"self":[{"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=\/wp\/v2\/posts\/454","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=454"}],"version-history":[{"count":21,"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=\/wp\/v2\/posts\/454\/revisions"}],"predecessor-version":[{"id":494,"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=\/wp\/v2\/posts\/454\/revisions\/494"}],"wp:attachment":[{"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=454"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=454"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=454"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}