Situation
I am working through a new configuration for the controller that I have not used before.
- Dark ZAC. I have this working on https://n2.zac.ziti:8888/login
with
- Running the Controller Management API on local host.
Problem
After making the necessary changes, I can still access ZAC over a ziti address
However, when I attempt to login, it fails.
My Understanding
Because the management API is now running on 18441… I need to create a new console config.
However… when I enter the new details… I cannot set the controller.
Any tips?
What I believe after thinking through this that it is possible to set this up.
For instance, I could make a new private DNS for the management API… but this would not be enough because I would then need to use the NodeJS SDK to tunnel into the localhost
So… I am a bit stuck with this…
Any tips / comments / suggestions ?
The URL you enter for ZAC on this screen, must be addressable by the ZAC server, not your local client. This is most easily tested by ssh’ing to the machine running ZAC, and then running a curl -sk https://_controller_url_:_port_ - like : curl -sk https://140.238.207.245:18441. If you cannot do that, the ‘set controller’ button won’t work.
Start by ssh’ing to the machine running ZAC and try the curl: curl -sk https://140.238.207.245:18441
If that succeeds (i’ll be shocked, but it’s possible) then post back here. If you are running your ZAC co-located with your controller, you should not use https://140.238.207.245:18441, you should use https://localhost:18441`
Make sense?
My guess is that your web ACL or a local firewall is blocking 18441 - which you probably want anyway, right? That means if it were me, I would not open port 18441, otherwise what you’re doing isn’t worth it :).
1 Like
I can see how why this is not possible.
