ZeroTier: is this a good time to use...
-
@FATeknollogee said:
@scottalanmiller said:
@Breffni-Potter said:
@scottalanmiller said:
Why would you want a terminal server intentionally dropping off of the network?
They want to stop access for over-seas consultants at certain times.
Killing VPN access to the network is not a good way to go about that. Using AD to stop logins would be far better.
I thought we are getting rid of the VPN?
But you are asking about installing a VPN. I'm confused.
-
Are you thinking that ZeroTier is not a VPN? ZeroTier is a VPN, that's what it is.
-
@scottalanmiller said:
@FATeknollogee said:
@scottalanmiller said:
@Breffni-Potter said:
@scottalanmiller said:
Why would you want a terminal server intentionally dropping off of the network?
They want to stop access for over-seas consultants at certain times.
Killing VPN access to the network is not a good way to go about that. Using AD to stop logins would be far better.
I thought we are getting rid of the VPN?
But you are asking about installing a VPN. I'm confused.
Currently, we use a Site to Site VPN & remote users connect using Windows VPN
-
@scottalanmiller Probably meaning the more traditional VPN he is currently using.
-
-
@FATeknollogee said:
@scottalanmiller said:
@FATeknollogee said:
@scottalanmiller said:
@Breffni-Potter said:
@scottalanmiller said:
Why would you want a terminal server intentionally dropping off of the network?
They want to stop access for over-seas consultants at certain times.
Killing VPN access to the network is not a good way to go about that. Using AD to stop logins would be far better.
I thought we are getting rid of the VPN?
But you are asking about installing a VPN. I'm confused.
Currently, we use a Site to Site VPN & remote users connect using Windows VPN
You are just removing your old VPN and looking at a new one. Both are fully VPNs.
-
@FATeknollogee said:
@wrx7m said:
@scottalanmiller Probably meaning the more traditional VPN he is currently using.
Yes
That's a very confusing way to say it. It's just an upgrade to something more modern, not a change of technology.
-
Gateway = bridge mode?
-
@scottalanmiller said:
@FATeknollogee said:
@scottalanmiller said:
@FATeknollogee said:
@scottalanmiller said:
@Breffni-Potter said:
@scottalanmiller said:
Why would you want a terminal server intentionally dropping off of the network?
They want to stop access for over-seas consultants at certain times.
Killing VPN access to the network is not a good way to go about that. Using AD to stop logins would be far better.
I thought we are getting rid of the VPN?
But you are asking about installing a VPN. I'm confused.
Currently, we use a Site to Site VPN & remote users connect using Windows VPN
You are just removing your old VPN and looking at a new one. Both are fully VPNs.
I hear you, that "VPN" moniker is just so yesterday...I much prefer to say ZT
-
But it's still a VPN
-
@Breffni-Potter said:
But it's still a VPN
Yeah, but we need to make it sound like its a really big deal (jk). Like the "cloud"
-
@FATeknollogee said:
@scottalanmiller said:
@FATeknollogee said:
@scottalanmiller said:
@FATeknollogee said:
@scottalanmiller said:
@Breffni-Potter said:
@scottalanmiller said:
Why would you want a terminal server intentionally dropping off of the network?
They want to stop access for over-seas consultants at certain times.
Killing VPN access to the network is not a good way to go about that. Using AD to stop logins would be far better.
I thought we are getting rid of the VPN?
But you are asking about installing a VPN. I'm confused.
Currently, we use a Site to Site VPN & remote users connect using Windows VPN
You are just removing your old VPN and looking at a new one. Both are fully VPNs.
I hear you, that "VPN" moniker is just so yesterday...I much prefer to say ZT
But ones a product, ones a thing. ZT is the brand of VPN you are using.
-
@FATeknollogee said:
@Breffni-Potter said:
But it's still a VPN
Yeah, but we need to make it sound like its a really big deal (jk). Like the "cloud"
then you call it "Software Defined Networking".
-
-
@scottalanmiller said:
But ones a product, ones a thing. ZT is the brand of VPN you are using.
True that
-
@scottalanmiller said:
Yes, at $4 you can't afford not to
I paid the $4 and I am not even over 10 devices yet!
-
@anonymous said:
@scottalanmiller said:
Yes, at $4 you can't afford not to
I paid the $4 and I am not even over 10 devices yet!
Big spender
-
@scottalanmiller said:
Big spender
I support the products I use
Well, when they make it affordable that is..... cough, cough @olivier cough, cough
-
For the really mission critical enterprise bits, they offer support.
https://www.zerotier.com/product-ss.shtml
They are still working on the structure of how they'll do it. But depending on your needs, might be helpful.
-
Wow... 3 pages of replies already, lol.
There's a few things to note... If you install ZeroTier on a device that is part of active directory, by default, it will add the ZeroTier IP address into AD's DNS servers.
To fix that, you go into the Windows Adapters list, and edit the ZT Adapter, and set the IP address, and DNS to "use dhcp" -- they'll just be blank to start with. Then you go in and uncheck the "Register this connection's address in dns" checkbox, and check your DNS server to make sure your ZT IP address is gone.
If you do not do that, any client device has a potential to get the ZT IP address of your server, and that will cause problems.
What I have done is set up my own DNSMasq server on one of my Linux ZT devices, and just add that DNS server to the DNS settings of the NIC in Windows or Linux.