Hi @TanakaShunya, welcome to the community and to OpenZiti!
Thanks for providing the .env file... Looking at it, my inital reaction is that the docker example won't support the advertised address and ip overrides being the same thing. So I ended up testing it... It worked fine. (I honestly expected it to fail because the SANS will have both DNS and IP with the IP, which I expected to be a problem)... I was pleasantly surprised to find that not to be a problem:
My guess is that maybe you recreated the identity during testing? The ziti cli has a handy function that I also ran before trying a tunneler that can also help you test to make sure your overlay is setup properly: ziti ops verify traffic --mode both. Please run that and you'll feel better that you're setup is correct and somewhere along the way some sort of unexpected error happened.
Run that command and you'll see something that looks like this:
Here's my full .env file as well if you want to compare what I've done vs yours... It should be pretty much the same:
cat .env
# OpenZiti Variables
ZITI_IMAGE=openziti/quickstart
ZITI_VERSION=latest
# the user and password to use
# Leave password blank to have a unique value generated or set the password explicitly
ZITI_USER=admin
ZITI_PWD=password
ZITI_INTERFACE=0.0.0.0
# controller name, address/port information
ZITI_CTRL_NAME=ziti-controller
ZITI_CTRL_EDGE_ADVERTISED_ADDRESS=3.18.113.172
ZITI_CTRL_ADVERTISED_ADDRESS=3.18.113.172
ZITI_CTRL_EDGE_IP_OVERRIDE=3.18.113.172
ZITI_CTRL_EDGE_ADVERTISED_PORT=8741
ZITI_CTRL_ADVERTISED_PORT=8740
# router address/port information
ZITI_ROUTER_NAME=ziti-edge-router
ZITI_ROUTER_ADVERTISED_ADDRESS=3.18.113.172
ZITI_ROUTER_PORT=8742
ZITI_ROUTER_IP_OVERRIDE=3.18.113.172
ZITI_ROUTER_LISTENER_BIND_PORT=8744
ZITI_ROUTER_ROLES=public
ZAC_CONTROLLER_URLS=https://3.18.113.172:8741