Windows Edge Client - DNS not working

STRANGE... This leads me to think it's something to do with the SYSTEM powershell environment... The ZDEW runs the ziti-edge-tunnel as a service on windows. To diagnose a bit more, let's do this...

Turn off the ZDEW using the big green button:
image

Confirm it's off:
image

From that elevated prompt run:

"c:\Program Files (x86)\NetFoundry Inc\Ziti Desktop Edge\ziti-edge-tunnel.exe" run -I C:\Windows\System32\config\systemprofile\AppData\Roaming\NetFoundry

This will emulate how the service executes. After you do that, you'll notice the ZDEW is back "on" and you'll have services:

Test things out. If they work -- well you'll know it's somehow related to your SYSTEM profile, etc. Diagnosing/fixing that -- is gonna be a pain :frowning: It's always "something strange" in my experience and "something windowsy" (i expect you know what i mean).... :slight_smile:

Take note at the first few lines when the process starts:

[2024-02-16T15:29:10.097Z]    INFO ziti-edge-tunnel:ziti-edge-tunnel.c:2003 run() ============================ service begins ================================
[2024-02-16T15:29:10.098Z]    INFO ziti-edge-tunnel:ziti-edge-tunnel.c:2004 run() Logger initialization
[2024-02-16T15:29:10.098Z]    INFO ziti-edge-tunnel:ziti-edge-tunnel.c:2005 run()       - initialized at   : Fri Feb 16 2024, 10:29:10 AM (local time), 2024-02-16T15:29:10 (UTC)
[2024-02-16T15:29:10.098Z]    INFO ziti-edge-tunnel:ziti-edge-tunnel.c:2006 run()       - log file location: c:\Program Files (x86)\NetFoundry Inc\Ziti Desktop Edge\/logs/service/ziti-tunneler.log.202402160000.log
[2024-02-16T15:29:10.098Z]    INFO ziti-edge-tunnel:ziti-edge-tunnel.c:2007 run() ============================================================================
[2024-02-16T15:29:10.099Z]    INFO ziti-sdk:utils.c:200 ziti_log_set_level() set log level: root=3/INFO
[2024-02-16T15:29:10.099Z]    INFO ziti-edge-tunnel:tun.c:171 tun_open() Wintun v0.0 loaded
[2024-02-16T15:29:10.099Z]    INFO ziti-edge-tunnel:tun.c:522 cleanup_adapters() Cleaning up orphan wintun adapters
[2024-02-16T15:29:10.101Z]    INFO ziti-edge-tunnel:tun.c:153 flush_dns() DnsFlushResolverCache succeeded
[2024-02-16T15:29:10.589Z]    INFO ziti-edge-tunnel:tun.c:405 if_change_cb() default route is now via if_idx[9]
[2024-02-16T15:29:10.590Z]    INFO ziti-edge-tunnel:tun.c:411 if_change_cb() updating excluded routes
[2024-02-16T15:29:11.645Z]    INFO ziti-edge-tunnel:windows-scripts.c:469 is_nrpt_policies_effective() NRPT policies are effective in this system
[2024-02-16T15:29:12.068Z]    INFO ziti-edge-tunnel:ziti-edge-tunnel.c:1562 run_tunnel() Setting interface metric to 255
[2024-02-16T15:29:12.075Z]    INFO tunnel-sdk:ziti_tunnel.c:60 create_tunneler_ctx() Ziti Tunneler SDK (v0.22.19)
[2024-02-16T15:29:12.078Z]    INFO tunnel-cbs:ziti_dns.c:171 seed_dns() DNS configured with range 100.64.0.0 - 100.127.255.255 (4194302 ips)

You'll see we probe the NRPT and produce this line:

[2024-02-16T15:29:11.645Z]    INFO ziti-edge-tunnel:windows-scripts.c:469 is_nrpt_policies_effective() NRPT policies are effective in this system

You should be seeing that...

Let's see how far along this gets you. Looking forward to your next response...