Do not open port 1880 in your firewall settings. As @bakman2 mentioned, this is indeed not needed.
If both, your remote device and your node-red server have joined your private (!) zerotier network, you should be fine to reach out to node-red via http://zerotrier-network-ip-of-node-red:1880.
Please check in your zerotier account and your zerotier network that
a) both devices are connected
b) both devices are allowed to join
c) both devices are online
you can check this in the status section of the corresponding network.
EDIT: This will only work, if you access node-red via its zerotier IP. If you choose hostname, it most likely is referring to the wrong IP or cannot find the ip at all (as long as it is not a public IP)
I suspect this (company network) could still be the problem? Although not likely.
I experienced something similar strange with my laptop working onsite at my client's office network. Company firewalls might indeed block traffic, although this is only a rare condition (see zerotier help).
In order to check this I'd try to connect one of the PCs (which I assume are remote) via your phone (thethering, I assume your phone works). If you could access your node-red server then indeed the company firewall seems to block something needed from zerotier.
Other than this. I run out of ideas since you can ping in both directions. Last call would be to de-install/install zerotier on those remote PCs and hope for the best
Everything works absolutely fine if I tether all devices to the same network (internet) and use its corresponding IPs, in which case I don't need zerotier.
The issue begins if the network is different and I use zerotier server and IPs.
The only remaining idea that comes to my mind is the fact that you are using company PCs. They very often carry limitations to secure the company's network integrity. Hence there might be policies under the hood that do not allow this.