Pertino - Is Anyone Successfully Using Any Version Above 510 with DNS/AD Connect?
- 
 @scottalanmiller I haven't every gotten the gateway to work at all and I am almost positive that there are 2 unrelated issues I am experiencing. The 1st problem is that the pertino client (build 520+) actually prevents my DNS servers from dynamically updating host records so when a desktop on my LAN that has nothing to do with Pertino gets a new IP from my local DHCP server or is assigned a static one, DNS never updates the host record. When installing 510 or uninstalling pertino completely, it updates it immediately. The second issue is with the gateway and how it does not allow traffic to flow through it. Traffic goes there to die. 
- 
 @Dashrender Yes, I have Enterprise 100, which is the highest tier and includes everything. As indicated, Pertino/Cradlepoint support is baffled by the problems. 
- 
 So if I have to dump pertino, what would you guys use in terms of a more traditional VPN? I really liked the automatic connection/running as a service aspect. Do other VPNs have this? 
- 
 Zero Tier.... Zero Tier.... Zero Tier.... Did I mention Zero Tier? 
- 
 
- 
 @Breffni-Potter Thanks, I use ZT for a homelab but don't think it is quite what I want for the company. 
- 
 @wrx7m said: @Breffni-Potter Thanks, I use ZT for a homelab but don't think it is quite what I want for the company. No problem, can you share your thoughts as to why? 
- 
 In my limited experience with it, I can't seem to figure out DNS with it. Also, I am not sure that the bridging works the way I need for it to act as a gateway. 
- 
 On the one hand, Pertino is something very expensive that you've paid for. On the other, Zero Tier let's you do it for free, or at a much lower cost. I think you might want to give it another evaluation. It is designed to work differently so some things won't be "click click" as in Pertino. But it also means they should work far more reliably. 
- 
 @wrx7m said: In my limited experience with it, I can't seem to figure out DNS with it. Also, I am not sure that the bridging works the way I need for it to act as a gateway. I've not used it excessively, but where are you running into DNS issues? Are you putting ZT everywhere, what DNS are you using? Knowing how ZT and DNS works, I'm surprised that there is a hiccup. 
- 
 Plus, for the cost saving of not using Pertino, why not bring in someone else to help set Zero Tier up and support it for you? 
- 
 I ran into problems with ZT and DNS as well - but I didn't deploy ZT everywhere - nor did I want to. I'm guessing that If I did deploy ZT on every device I could that my problems would have been little to none, because DNS would register both the NIC IP and the ZT IP and in general I wouldn't matter which it was using when 99% of things are on the local network. 
- 
 What are you using gateway appliances to supply connectivity to? 
- 
 @Dashrender said: What are you using gateway appliances to supply connectivity to? Fileservers, ShoreTel Server, AV server, Printers etc. 
- 
 @wrx7m said: @Dashrender said: What are you using gateway appliances to supply connectivity to? Fileservers, ShoreTel Server, AV server, Printers etc. Are those appliances you can't install Pertino/ZT onto directly? OK Printers I understand, but other than remote management, why would you need to connect to them on a Pertino/ZT network? 
- 
 @Dashrender To push out updates for AV clients and for ShoreTel, the use of "softphones" for external sales personnel. 
- 
 @Dashrender said: I ran into problems with ZT and DNS as well - but I didn't deploy ZT everywhere - nor did I want to. That's really a problem with design, not with ZT or DNS then, right?  
- 
 @wrx7m said: @Dashrender To push out updates for AV clients and for ShoreTel, the use of "softphones" for external sales personnel. Put the server for the softphones elsewhere for the external guys?  
- 
 @Breffni-Potter It also has to be accessible on the LAN for all of the ShoreTel equipment and local IP phones 
- 
 @scottalanmiller I saw that for the clients that did not have ZT installed on them, I would get DNS responses with the ZT IP addresses, effectively breaking DNS. I don't want to have to install ZT on every single system both client and server, as I don't with Pertino either. 


