Hi all, I hope you're all enjoying your weekend time productively ! First of, I am completely new with OpenZiti but I have been reading the documentation on and off for some time now when my work projects and studies(Related to IT for work) aren't first on the list. I've only started back in IT again after years of being in the EE industry so bare with me!
I first got baptized with for the Zero Trust mesh networking and firewall punching with Twingate when I had to access internal hosts through Starlink to a phone system and Security cameras. Since then I have been hooked on the technology and would like to implement it as a foundation leading to all my IT related practices where possible but self hosted and more hands on for learning than the likes of other solutions.
To be honest it's taking me quite some time to get used to all the new terminology and playing with the self hosted setup tutorials, reading the forums, your YouTube channel.
At the moment, I have setup a controller on Hetzner with the quickstart host anywhere quickstart (expressInstall) with ZAC and I have been playing around with it with all the features. While confusing to get it all pictured in my head as I find it the easiest way to understand, so thanks for the diagrams you have on your documentation! While they help, or maybe I am just too green, I still find them hard to understand at times.
I do understand the concept of connecting from Host to Host and only allowing services to people that have the group / access policies / roles attached to them for like internal web services.
Where I am stuck at the moment is actually, just using my Hetzner instance for browsing the web like a VPN while myself and the family are away soon. So we would connect from our devices (Users) to the Hetzner Controller and we can just browse the web tunneled through OpenZiti network if we are on public WiFi etc in our Hotel, Carrier Network etc while Abroad.
Is there a certain setting, or Tunneler that I would have to create on the Hetnzer host that we could assign it to all the Users as a service to allow access to the internet as in like a VPN so to speak?
Any help would be great! Either way, thank you for opening up such a awesome piece of software to me and the abilites, from Zrok, embedding your own applications etc. What great project/s to share and continue to support and develop.
Oh, and I just want to say thanks to "Clint" for his answers to some of the peoples questions here and on Reddit. He's some Information Oracle! No small answers, just full on finely laid out paragraph answers in which I bookmark to come back to.
I forgot to actually say what my layout is like.
OpenZiti Windows / Linux Client on laptop ==> Ziti Controller on Hetzner ===> Private Internet access...
Same layout with Phones and tablets running Android ==> Ziti Controller on Hetzner ===> Private Internet access...
Where at the moment, I can get all of the clients to talk to each other over various networks (Mobile, Lan, etc) I just cant seem to find the switch to enable Outbound to the Internet for general Access as in a VPN style configuration.