I made some changes.. and received this error from the policy advisor
ziti edge policy-advisor identities
ERROR: instance-20220317-1005-edge-router
- Identity does not have access to any services. Adjust service policies.
I dont remember setting up an identity for the edge router... does it matter?
Nope does not matter. You’re in control. It only matters if you try to use that edge router’s identity for “offloading” traffic. The expressInstall makes a bunch of assumptions on your behalf, one of which is that you will perhaps want to use all your routers as points of demarcation for traffic… That might be true - it might not be, but the expressInstall is meant as a learning tool and a quick way to get setup. As such it enables a feature on all the edgeRouters it stands up called “tunneling mode”.
Tunneling mode allows the router to have an identity “automagically” created for you when you enroll and bring that router online.
If you never want to offload traffic from that router - you don’t need to and you leave that one identity with no access to any services.
Hopefully that’s clear
1 Like
Great to know… I will be using this for my next test… to implement a reverse proxy implementation…