ZeroTier Question
-
@dafyre said in ZeroTier Question:
Also, I think ZeroTier might work better for you if you set up a Gateway system using Linux, and then only install ZeroTier on Laptops that leave the office.
Absolutely do not do this.
Put ZeroTier on everything. That is how it is designed to be used. A gateway is complications waiting to break.
-
A good use of a gateway would be a one to one device where the device in question cannot run ZT. Such as a special case appliance or super rare operating system. Gateways have a special use case that is retained within the full mesh model, but it's in one to one.
-
@scottalanmiller said in ZeroTier Question:
ZT addresses are assigned by the ZT client, so no DHCP will be involved.
Machines on ZT should add their own addresses to DNS if you are using AD and DNS from Windows in a standard way.
Having things like Exchange be set up will likely require configuring them manually to use the new IP Addressing scheme.
Thanks for the Welcomes. I have it installed on all servers except for our linux boxes (all in due time). I installed it on two full time remote machines both running WIndows 10 and one reports connectivity issues with mapped drives. Should I be bridging anything? Is there something I am missing?
WLS-ITGuy
-
Also, I currently have IPv6 set to unmanaged. Any reason I should change this?
-
No, you should not be bridging anything that has been mentioned.
-
I did notice that the machines that are having issues are both registering their networks as Public. One was truly at a coffee shop. StarSchmucks to be exact. The other was at his house but for some reason his internet shows up as a public spot. I should be able to fix one of those for sure
-
The actual network as in real physical network should not matter public or not... The ZT network does need to be trusted though, and even that should matter on the client side because you aren't sharing your just accessing.
-
When having a problem open a CMS prompt and ping the severname... Check the ip ita resolving to... It should only use the ZT ip...
-
@Dashrender I just connected and pinging the server results in an IP address that isn't even on my network. ZeroTier or real LAN.
-
@Dashrender said in ZeroTier Question:
The actual network as in real physical network should not matter public or not... The ZT network does need to be trusted though, and even that should matter on the client side because you aren't sharing your just accessing.
Exactly this. The ZeroTier network should be reporting as domain.
-
My LAN is 172.16.x.x
ZeroTier is 192.168.191.x
When I ping the DC I get 198.105.244.130
-
Sounds like you have a DNS issue. You might not be able to use short NetBIOS type names.. you might have to move to FQDN instead.
For example, if you're at StarBucks and the DHCP server gives a suffix of starbucks.com out with the IP, and you ping server1, your system might be pinging server1.starbucks.com instead of server1.yourdomain.com
-
@Dashrender For this machine it does resolve to a FQDN just with the 198.105.244.130 address instead of the ZT IP of the DC
-
@WLS-ITGuy said in ZeroTier Question:
@Dashrender For this machine it does resolve to a FQDN just with the 198.105.244.130 address instead of the ZT IP of the DC
Are you sure your ZeroTier addresses are what you think they are?
-
@JaredBusch I hope so. I was looking at ZT Central when I typed it out
-
man, time to just double check... ipconfig in same session you ping server1. Where could that bizzaro IP could have come from? either ZT or DNS, or Hosts file.
-
@WLS-ITGuy said in ZeroTier Question:
@JaredBusch I hope so. I was looking at ZT Central when I typed it out
Are you sure that you set the auto assign correctly?
-
@Dashrender Hmm - I just ping'd from my laptop (Mac OS X) and got the same address that I got on the other laptop. Here is the screenshot from my ZT Center.
Here is the info from the machine
-
This post is deleted! -
Ok, just tested this a little more.
Laptop off the LAN.
Ping from laptop to DC by name = ping resolves over ZeroTier IP.C:\Users\xxxadmin.xxx>ping xxxdc01 Pinging xxxdc01 [10.202.3.11] with 32 bytes of data: Reply from 10.202.3.11: bytes=32 time=42ms TTL=128 Reply from 10.202.3.11: bytes=32 time=42ms TTL=128 Reply from 10.202.3.11: bytes=32 time=45ms TTL=128 Reply from 10.202.3.11: bytes=32 time=43ms TTL=128 Ping statistics for 10.202.3.11: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 42ms, Maximum = 45ms, Average = 43msBut a ping from the DC to the device returns the devices local IP not the ZeroTier IP.
C:\Users\xxxadmin>ping dt-backup-lapto Pinging dt-backup-lapto [192.168.1.8] with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 192.168.1.8: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),Here is what
ipconfigreturns on the remote laptop.C:\Users\xxxadmin.xxx>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection 2: Connection-specific DNS Suffix . : IPv6 Address. . . . . . . . . . . : fd56:5799:d8f6:3ed4:a199:9336:a36d:9068 Link-local IPv6 Address . . . . . : fe80::e023:2905:284a:b878%24 IPv4 Address. . . . . . . . . . . : 10.202.3.188 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 25.255.255.254 Ethernet adapter Bluetooth Network Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::d90e:714e:228:aafb%12 IPv4 Address. . . . . . . . . . . : 192.168.1.8 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : xxx.local
