ZeroTier Question
-
Basically what you have done is make a new LAN that sits on top of your old LAN. This new one is the "user space" where all of the users and servers sit to talk to one another. So you'll need to start thinking of that as your LAN addressing across the board.
-
Do you have ZeroTier installed on ALL of your workstations? (Desktops and Laptops?)
-
Also, I think ZeroTier might work better for you if you set up a Gateway system using Linux, and then only install ZeroTier on Laptops that leave the office.
-
@dafyre said in ZeroTier Question:
Also, I think ZeroTier might work better for you if you set up a Gateway system using Linux, and then only install ZeroTier on Laptops that leave the office.
Which is the opposite of what I advised him to do.
But you are thinking one gateway, all devices going through it... it can work.
-
@dafyre said in ZeroTier Question:
Do you have ZeroTier installed on ALL of your workstations? (Desktops and Laptops?)
Yes, he's going for full mesh.
-
@scottalanmiller said in ZeroTier Question:
@dafyre said in ZeroTier Question:
Do you have ZeroTier installed on ALL of your workstations? (Desktops and Laptops?)
Yes, he's going for full mesh.
I misunderstood that, then. In that case, @scottalanmiller would be right. Just make sure that your AD Server is using the ZT IP addresses for your Exchange server, etc.
Does this happen when she is in the office, or does it happen only when she is away?
-
@dafyre said in ZeroTier Question:
Also, I think ZeroTier might work better for you if you set up a Gateway system using Linux, and then only install ZeroTier on Laptops that leave the office.
I'm having flash back to 6 months ago..
-
@dafyre said in ZeroTier Question:
Also, I think ZeroTier might work better for you if you set up a Gateway system using Linux, and then only install ZeroTier on Laptops that leave the office.
Absolutely do not do this.
Put ZeroTier on everything. That is how it is designed to be used. A gateway is complications waiting to break.
-
A good use of a gateway would be a one to one device where the device in question cannot run ZT. Such as a special case appliance or super rare operating system. Gateways have a special use case that is retained within the full mesh model, but it's in one to one.
-
@scottalanmiller said in ZeroTier Question:
ZT addresses are assigned by the ZT client, so no DHCP will be involved.
Machines on ZT should add their own addresses to DNS if you are using AD and DNS from Windows in a standard way.
Having things like Exchange be set up will likely require configuring them manually to use the new IP Addressing scheme.
Thanks for the Welcomes. I have it installed on all servers except for our linux boxes (all in due time). I installed it on two full time remote machines both running WIndows 10 and one reports connectivity issues with mapped drives. Should I be bridging anything? Is there something I am missing?
WLS-ITGuy
-
Also, I currently have IPv6 set to unmanaged. Any reason I should change this?
-
No, you should not be bridging anything that has been mentioned.
-
I did notice that the machines that are having issues are both registering their networks as Public. One was truly at a coffee shop. StarSchmucks to be exact. The other was at his house but for some reason his internet shows up as a public spot. I should be able to fix one of those for sure
-
The actual network as in real physical network should not matter public or not... The ZT network does need to be trusted though, and even that should matter on the client side because you aren't sharing your just accessing.
-
When having a problem open a CMS prompt and ping the severname... Check the ip ita resolving to... It should only use the ZT ip...
-
@Dashrender I just connected and pinging the server results in an IP address that isn't even on my network. ZeroTier or real LAN.
-
@Dashrender said in ZeroTier Question:
The actual network as in real physical network should not matter public or not... The ZT network does need to be trusted though, and even that should matter on the client side because you aren't sharing your just accessing.
Exactly this. The ZeroTier network should be reporting as domain.
-
My LAN is 172.16.x.x
ZeroTier is 192.168.191.x
When I ping the DC I get 198.105.244.130
-
Sounds like you have a DNS issue. You might not be able to use short NetBIOS type names.. you might have to move to FQDN instead.
For example, if you're at StarBucks and the DHCP server gives a suffix of starbucks.com out with the IP, and you ping server1, your system might be pinging server1.starbucks.com instead of server1.yourdomain.com
-
@Dashrender For this machine it does resolve to a FQDN just with the 198.105.244.130 address instead of the ZT IP of the DC
