ZeroTier Question
-
@Dashrender said in ZeroTier Question:
@WLS-ITGuy said in ZeroTier Question:
It is quite odd. I have a few machines that are working without static DNS set for the ZeroTier NIC. But most mapped drives do not work unless I have static DNS set but then Exchange doesn't work.
Jeff
Does the FQDN that you use for Outlook/OWA exist the same on your internal and external networks? But first, is your internal domain name the same as your external one? i.e. Spit horizon?
Yes, unfortunately, the domain was set up before I got here. wls.wels.net - I wanted to change it but knew it would be a huge undertaking and wasn't sure I wanted to do that in my first 4 months. I am thinking of redesigning the domain structure from the ground up this summer.
The FQDN internal is wls-exchange.wls.wels.net and the external is mailhost.wls.wels.net
Jeff
-
I would assume that DNS only has a small role in the issue. I have both internal DNS servers set in ZT with FQDNs but I have 3 or 4 that cannot see mapped drives. using the FQDN.
Would it make sense to map the drives using the ZT ip?
Jeff
-
@WLS-ITGuy said in ZeroTier Question:
The FQDN internal is wls-exchange.wls.wels.net and the external is mailhost.wls.wels.net
Are you resolving both of these address internally and externally? If not, that's your problem.
-
@WLS-ITGuy said in ZeroTier Question:
I would assume that DNS only has a small role in the issue. I have both internal DNS servers set in ZT with FQDNs but I have 3 or 4 that cannot see mapped drives. using the FQDN.
Would it make sense to map the drives using the ZT ip?
I wouldn't want to if I could help it.
When you ping the server by hostname that holds the shares, what IP do you get back?
-
off campus
Mailhost.wls.wels.net - 74.62.99.50
wls-dc01.wls.wels.net - does not resolveOn Campus
mailhost.wls.wels.net - 172.16.0.14
wls-dc01.wls.wels.net - 192.168.191.181 (ZT IP) -
@Dashrender
I was and it was being reported that connections were timing out.I don't have access to the machines that were having the issues at this time to further troubleshoot.
-
@WLS-ITGuy said in ZeroTier Question:
off campus
Mailhost.wls.wels.net - 74.62.99.50
wls-dc01.wls.wels.net - does not resolveOn Campus
mailhost.wls.wels.net - 172.16.0.14
wls-dc01.wls.wels.net - 192.168.191.181 (ZT IP)So when you are off campus, what DNS server is your machine using?
Did you change the order of authority for your network adapters? ZT needs to be first. This should make it's DNS servers first also. This way, your computer should always be using the DNS servers of your internal network, not of whatever location you happen to be at that time.
-
@Dashrender said in ZeroTier Question:
@WLS-ITGuy said in ZeroTier Question:
off campus
Mailhost.wls.wels.net - 74.62.99.50
wls-dc01.wls.wels.net - does not resolveOn Campus
mailhost.wls.wels.net - 172.16.0.14
wls-dc01.wls.wels.net - 192.168.191.181 (ZT IP)So when you are off campus, what DNS server is your machine using?
This depends on the user. If the ZT NIC doesn't have a static IP they are using their ISP.
Did you change the order of authority for your network adapters? ZT needs to be first. This should make it's DNS servers first also. This way, your computer should always be using the DNS servers of your internal network, not of whatever location you happen to be at that time.
Yes, ZT is always first.
I will have access to two machines in about 30 minutes. One on campus and at least one off campus.
-
@WLS-ITGuy said in ZeroTier Question:
I would assume that DNS only has a small role in the issue. I have both internal DNS servers set in ZT with FQDNs but I have 3 or 4 that cannot see mapped drives. using the FQDN.
Would it make sense to map the drives using the ZT ip?
Jeff
DNS is completely your issue. There is no problem here except DNS.
-
@JaredBusch said in ZeroTier Question:
@WLS-ITGuy said in ZeroTier Question:
I would assume that DNS only has a small role in the issue. I have both internal DNS servers set in ZT with FQDNs but I have 3 or 4 that cannot see mapped drives. using the FQDN.
Would it make sense to map the drives using the ZT ip?
Jeff
DNS is completely your issue. There is no problem here except DNS.
So then it has nothing to do with Internal domain vs external domain or it has exactly that to do with
-
@WLS-ITGuy said in ZeroTier Question:
@JaredBusch said in ZeroTier Question:
@WLS-ITGuy said in ZeroTier Question:
I would assume that DNS only has a small role in the issue. I have both internal DNS servers set in ZT with FQDNs but I have 3 or 4 that cannot see mapped drives. using the FQDN.
Would it make sense to map the drives using the ZT ip?
Jeff
DNS is completely your issue. There is no problem here except DNS.
So then it has nothing to do with Internal domain vs external domain or it has exactly that to do with
it is related to that, but because of DNS.
What address are your users putting into Outlook (or is auto config using?) Are they using full outlook or OWA? or both?
As for network shares - again, this is definitely a DNS issue.
for the non static IP ZT clients, you need to try to confirm which DNS servers it's using as the first point of contact. it needs to be the internal ones on the ZT network. The ZT adapter should get the ZT IP of the internal DNS servers from the autoassignment from ZT.
-
@WLS-ITGuy said in ZeroTier Question:
@JaredBusch said in ZeroTier Question:
@WLS-ITGuy said in ZeroTier Question:
I would assume that DNS only has a small role in the issue. I have both internal DNS servers set in ZT with FQDNs but I have 3 or 4 that cannot see mapped drives. using the FQDN.
Would it make sense to map the drives using the ZT ip?
Jeff
DNS is completely your issue. There is no problem here except DNS.
So then it has nothing to do with Internal domain vs external domain or it has exactly that to do with
If I'm understanding the problem correctly... The problem here is that your ZT interface looks to the DNS server that it is pointed to. The DNS server has two IP addresses for every device... one an internal LAN IP address, and the other is your ZT IP address.
Regardless of the location of your device (in office, or on the road), the DNS server randomly grabs an IP address and feeds it back to your device... If your device is off-site, and it gets the ZT IP address for the server you are connecting to, then everything is fine.
If your device is off-site and it gets your internal LAN IP address, then it's going to fail, because your computer doesn't have an IP address on your internal LAN if it is off site.
-
@Dashrender said in ZeroTier Question:
@WLS-ITGuy said in ZeroTier Question:
@JaredBusch said in ZeroTier Question:
@WLS-ITGuy said in ZeroTier Question:
I would assume that DNS only has a small role in the issue. I have both internal DNS servers set in ZT with FQDNs but I have 3 or 4 that cannot see mapped drives. using the FQDN.
Would it make sense to map the drives using the ZT ip?
Jeff
DNS is completely your issue. There is no problem here except DNS.
So then it has nothing to do with Internal domain vs external domain or it has exactly that to do with
it is related to that, but because of DNS.
What address are your users putting into Outlook (or is auto config using?) Are they using full outlook or OWA? or both?
As for network shares - again, this is definitely a DNS issue.
for the non static IP ZT clients, you need to try to confirm which DNS servers it's using as the first point of contact. it needs to be the internal ones on the ZT network. The ZT adapter should get the ZT IP of the internal DNS servers from the autoassignment from ZT.
ZT doesn't actually assign the DNS servers to the NIC. That has to be done manually... and technically, any device that gets a ZT IP address is static, as far as I know.
-
OK. Let me preface the next comment by Thanking you all for helping with this.
I have access to 2 machines, both off-campus. What do you need from those machines to assist in this issue?
-
@WLS-ITGuy said in ZeroTier Question:
OK. Let me preface the next comment by Thanking you all for helping with this.
I have access to 2 machines, both off-campus. What do you need from those machines to assist in this issue?
The short answer would be for you to generate a hosts files with the ZT IP addresses of any servers they will need access to... and for you to copy that file to those two machines...
Edit: I would include the AD servers, and any file server or application server that they need access to in the hosts file.
-
@dafyre said in ZeroTier Question:
@WLS-ITGuy said in ZeroTier Question:
OK. Let me preface the next comment by Thanking you all for helping with this.
I have access to 2 machines, both off-campus. What do you need from those machines to assist in this issue?
The short answer would be for you to generate a hosts files with the ZT IP addresses of any servers they will need access to... and for you to copy that file to those two machines...
Edit: I would include the AD servers, and any file server or application server that they need access to in the hosts file.
While I really dislike the lack of elegance of this solution, the dual IP nature of devices almost mandates this to ensure DNS works correctly.
-
@Dashrender said in ZeroTier Question:
@dafyre said in ZeroTier Question:
@WLS-ITGuy said in ZeroTier Question:
OK. Let me preface the next comment by Thanking you all for helping with this.
I have access to 2 machines, both off-campus. What do you need from those machines to assist in this issue?
The short answer would be for you to generate a hosts files with the ZT IP addresses of any servers they will need access to... and for you to copy that file to those two machines...
Edit: I would include the AD servers, and any file server or application server that they need access to in the hosts file.
While I really dislike the lack of elegance of this solution, the dual IP nature of devices almost mandates this to ensure DNS works correctly.
I thought simple trumped elegance?
-
@dafyre said in ZeroTier Question:
@Dashrender said in ZeroTier Question:
@dafyre said in ZeroTier Question:
@WLS-ITGuy said in ZeroTier Question:
OK. Let me preface the next comment by Thanking you all for helping with this.
I have access to 2 machines, both off-campus. What do you need from those machines to assist in this issue?
The short answer would be for you to generate a hosts files with the ZT IP addresses of any servers they will need access to... and for you to copy that file to those two machines...
Edit: I would include the AD servers, and any file server or application server that they need access to in the hosts file.
While I really dislike the lack of elegance of this solution, the dual IP nature of devices almost mandates this to ensure DNS works correctly.
I thought simple trumped elegance?
the problem is scale. This solution doesn't scale well.
-
@Dashrender said in ZeroTier Question:
@dafyre said in ZeroTier Question:
@Dashrender said in ZeroTier Question:
@dafyre said in ZeroTier Question:
@WLS-ITGuy said in ZeroTier Question:
OK. Let me preface the next comment by Thanking you all for helping with this.
I have access to 2 machines, both off-campus. What do you need from those machines to assist in this issue?
The short answer would be for you to generate a hosts files with the ZT IP addresses of any servers they will need access to... and for you to copy that file to those two machines...
Edit: I would include the AD servers, and any file server or application server that they need access to in the hosts file.
While I really dislike the lack of elegance of this solution, the dual IP nature of devices almost mandates this to ensure DNS works correctly.
I thought simple trumped elegance?
the problem is scale. This solution doesn't scale well.
You are quite right about that. Something like PDQ Deploy would help with that though.
-
Just a curiousity question. Is it possible to install ZT on VMWare servers? I have three vsphere servers and it would be nice to be able to connect to those via vsphere client but it is just a "want" more than a need.
