Anyone figured out how to ZeroTier with AD?

krisleslie

Yes guys I know about all that stuff for non-profits been there done that.

krisleslie

@scottalanmiller I would say over the decade Zoho information about their products has greatly improved. I've been following them for as long as I can remember. That being said, it's still one of my companies I keep on a shortlist because it's hard to deny they are good at what they do.

scottalanmiller

@Dashrender said in Anyone figured out how to ZeroTier with AD?:

@krisleslie said in Anyone figured out how to ZeroTier with AD?:

@wirestyle22 Yes, we are in different cities. They are a new office, my office is where the AD is setup at. Potentially, if I can get this to work I would be moving another ROBO to this method for authentication.

Why not setup static VPNs between the sites on the edge devices?

This seems like the way to go.

scottalanmiller

@krisleslie said in Anyone figured out how to ZeroTier with AD?:

I have two remote sites - no servers at them. All authentication is over the site to site VPN between my firewalls.
So what are you using for authentication? So each site just "talks" to each other over vpn, I gotcha there, but authentication is handled by what?

AD

scottalanmiller

@krisleslie said in Anyone figured out how to ZeroTier with AD?:

Nothing spectacular just UBNT Firewalls.

Pretty spectacular.

jmoore

Where is Zoho the company located?

scottalanmiller

@jmoore said in Anyone figured out how to ZeroTier with AD?:

Where is Zoho the company located?

Southern India

scottalanmiller

@jmoore said in Anyone figured out how to ZeroTier with AD?:

Where is Zoho the company located?

You might know them as their subsidiary ManageEngine

black3dynamite

@jmoore said in Anyone figured out how to ZeroTier with AD?:

Where is Zoho the company located?

jmoore

Ok cool thanks. Did not realize they were related to ManageEngine.

scottalanmiller

@jmoore said in Anyone figured out how to ZeroTier with AD?:

Ok cool thanks. Did not realize they were related to ManageEngine.

They are the parent.

jmoore

@scottalanmiller Ok I see. Love their stuff though.

scottalanmiller

@jmoore said in Anyone figured out how to ZeroTier with AD?:

@scottalanmiller Ok I see. Love their stuff though.

oh yeah, Zoho has been amazing. We are so happy with the product and just getting into using more and more features of it.

jmoore

@scottalanmiller said in Anyone figured out how to ZeroTier with AD?:

@jmoore said in Anyone figured out how to ZeroTier with AD?:

@scottalanmiller Ok I see. Love their stuff though.

oh yeah, Zoho has been amazing. We are so happy with the product and just getting into using more and more features of it.

Yes I use their stuff at home, make my family use it so I can see how easy/hard it really is to use.

larsen161

@krisleslie I'm logging into my windows machines with Google credentials and pushing out OMA-URI policies via G Suite. Ideal scenario for us.

krisleslie

@larsen161 can you point me to a link?

krisleslie

@JaredBusch how did you setup your NIC for the workstation that had to remote into the AD via ZeroTier? I'm still trying to figure out exactly what was statically assigned as your post wasn't too clear for me (this is new to me).

JaredBusch

@krisleslie said in Anyone figured out how to ZeroTier with AD?:

@JaredBusch how did you setup your NIC for the workstation that had to remote into the AD via ZeroTier? I'm still trying to figure out exactly what was statically assigned as your post wasn't too clear for me (this is new to me).

Host file on the remote machine

10.230.2.123   domain.local domain server.domain.local server

but exclude the ZeroTier IP from the DNS Server listen on settings on the server.
also remove the ZeotTier IP from the DNS entries on the server.

krisleslie

Ok lets walk through this so I can make sure I'm duplicating what you did. You stated you took the IPv6 of the DC and put it into the IPv6 of the laptop. You put the IPv6 in the AD/DNS server into the DNS settings I'm assuming on the NIC? Did you statically assign your IP of the laptop?

JaredBusch

@krisleslie said in Anyone figured out how to ZeroTier with AD?:

Ok lets walk through this so I can make sure I'm duplicating what you did. You stated you took the IPv6 of the DC and put it into the IPv6 of the laptop. You put the IPv6 in the AD/DNS server into the DNS settings I'm assuming on the NIC? Did you statically assign your IP of the laptop?

I used IPv4 everywhere in ZT.

delete this from the DNS entries.

manually put the the server and domain info in the hosts file of the remote system

10.202.3.21  fsldc02.domain.local domain.local domain fsldc02