My goal here is to just document the snags I faced to help identify areas of improvement moving forward.

So i am trying to set up ziti through the deployment docs on my ubuntu linux server.
i have the controller accessible and router running just fine.
(besides hostname being interpreted as int in the router.conf)

On my server I logged in ziti edge login — Success
I made a new identity ziti edge create identity "NewUser" -o NewUser.jwt
I used scp to get in on to my local computer.

I tried the macOS Tunneler using Ziti Desktop Edge
(VPN setup, all access given) I click Turn On Ziti — Nothing, doesn't work.

I was able to turn it on via the top bar on mac.
I imported the Jwt everything loaded, i try clicking Enroll — Nothing, doesn't work.

I tried this in many variations, I tried using ziti edge create enrollment ott user -o user.enroll.jwt to see if that made a difference. i did lose track of all the variations, i thought it might not be clicking because it was invalid.

Eventually I moved on to try the cli.
ziti-edge-tunnel was not installed with the app.
Maybe i missunderstood.

I got the ziti-darwin-arm64-1.5.4. Got that installed and functional.

ziti edge enroll --jwt user.jwt --out ${identity_config_file}
i am unclear on what type of file this is supposed to be. I guessed JSON from the output.

I couldn't figure out what to do with it.

Eventually decided to download the ziti-edge-tunnel-Darwin_arm64 from github

I ran sudo ziti-edge-tunnel run -i dt.json not too sure what im doing ngl
that worked not sure what i did though.

ok i am very confused but i did get it working some how.
i ended up just logging in after enrolling. smh.
ziti edge login + controller URL, got the certs, user/pass.

Now the controller url and /zac are working.

My brain might just be toasted after a day of docs and cli.
You guys do have a good product and but i cant lie i feel very confused alot of the time.
lots of content, automations and thought i can tell but its just not communicated the best, hard to find or deep in tens of hour long video. I'm not sure if there is a page in the docs that i missed or what.

To conclude

I hope by documenting my process and confusion it might help to make improvements to this process more clear, maybe i'm edge case, if i could get some pointers on where i went wrong and how this is all taught i would appreciate it.

Hi @di-te, welcome to the community and to OpenZiti!

If you're having issues with the MacOS client, it's best to have a look at the logs. From the Z menu goto -> Logging -> Packet Tunnel...

image528×330 39.8 KB

Have a look in there for any ERRORs. Those are generally what you'd want to look for. A very common problem is when people use an advertised address for a controller or a router that is not routable by clients (such as 'localhost' or some private hostname). That's often my first guess as to why something doesn't appear to be working.

After that it's also possible that people simply forget to authorize identities using policies.

I'm not sure if you still have a question, if you do let us know. If not, have fun with OpenZiti!