Ziti Desktop Edge on WIndows 11 (ARM) VM on Macbook Pro M1 Max Pro

Hello, I am trying to use the Windows Ziti Desktop on Windows 11 (ARM) running in a Parallels VM. This is all on a MacBook Pro M1 MAX Pro

I get the following message after selecting the jwt file.

Code 2Object reference not set to an instance of an object.

And in the log …

[2022-04-26T01:34:24.390Z] e[0;37m INFOe[39m	============================================================================
[2022-04-26T01:34:24.391Z] e[0;37m INFOe[39m	Logger initialization
[2022-04-26T01:34:24.392Z] e[0;37m INFOe[39m		- initialized at   : 2022-04-26 02:34:24.3921419 +0100 BST m=+0.009999701
[2022-04-26T01:34:24.392Z] e[0;37m INFOe[39m		- log file location: C:\Program Files (x86)\NetFoundry, Inc\Ziti Desktop Edge\logs\service\ziti-tunneler.log
[2022-04-26T01:34:24.392Z] e[0;37m INFOe[39m	============================================================================
[2022-04-26T01:34:24.392Z] e[0;37m INFOe[39m	running as service. version: C:\Program Files (x86)\NetFoundry, Inc\Ziti Desktop Edge\ziti-tunnel.exe version: 1.11.5, revision: a13994031f87, branch: main, build-by: , built-on: 2022-04-09T00:00:57Z
[2022-04-26T01:34:24.394Z] e[0;37m INFOe[39m	============================== service begins ==============================
[2022-04-26T01:34:26.217Z] e[0;31mERRORe[39m	ERROR removing all nrpt rules: exit status 1
[2022-04-26T01:34:27.029Z] e[0;37m INFOe[39m	Invoking ZitiTun adapter cleanup script
[2022-04-26T01:34:27.034Z] e[0;37m INFOe[39m	reading config file located at: C:\Windows\system32\config\systemprofile\AppData\Roaming\NetFoundry\config.json
[2022-04-26T01:34:27.034Z] e[0;37m INFOe[39m	creating TUN device: ZitiTUN
[2022-04-26T01:34:27.037Z] e[0;31mPANICe[39m	unexpected err from initialize: error creating TUN device: (Error creating interface: The system cannot find the path specified.)
[2022-04-26T01:34:27.037Z] e[0;33m WARNe[39m	unexpected situation. the TUN was null? 
[2022-04-26T01:34:27.037Z] e[0;37m INFOe[39m	Removing existing interface: ZitiTUN
[2022-04-26T01:34:27.038Z] e[0;37m INFOe[39m	Successfully removed interface: ZitiTUN

What are the expectations of this working?

Best regards
J

Hi @jcox welcome to the community! I think the problem here is that you’re running the ARM version of windows. The binary was not built with support for that unfortunately. Is there any chance you could try a amd64 version of Windows instead?

We use the excellent “wintun” project to provide a TUN for windows. The error makes it look like the program can’t fnid/use/do something it needs the wintun.dll

We’ve never tested in this scenario tbh. I’d go so far as to say it’s not really a supported configuration. Do you need to use Windows? There’s a Ziti Desktop Edge for Mac that you can use that might be a better choice?

Cheers

Hello @dovholuknf,

Thank you for the prompt response.

I have been using the Mac Ziti Desktop but it does not appear to have the same abilities as the Windows version. I am able to access a jump host of mine but client connections are listed with the message ‘FAIL’ under posture checks. I believe this is because they expect MFA to be in use and the mac version of Ziti Desktop does not appear to provide this. I have connected to these clients from a physical windows10 laptop using Ziti Desktop logged in with MFA configured, successfully.

When using VMs (with Parallels) running on an M1 laptop, only ARM versions of operating systems work. It is not possible to install an x86 version of Windows. Windows11 (ARM) can run x86 code and this seems to work for most applications. I note the wintun project you provide a link to provides an ARM64 version on the wintun.dll. I suspect that is only the start of compiling a Windows11 ARM version of Ziti Desktop however.

So, for the moment, Windows11 (ARM) is not currently supported.

Yes, MFA is only deployed to Ziti Desktop Edge for Windows but there’s a MacOS version coming hopefully soon. What you are reporting seems to be aligned with what I would expect. If the service requires MFA due to a policy, you won’t be able to dial that service without passing MFA, which you can’t do in MacOS yet.

I will add a GitHub issue to ZDEW for ARM support

Hello dovholuknf,

The situation with MacOS on M1 hardware.

  1. Mac Ziti Desktop does not support MFA and so can not be used to connect to most clients.
  2. Windows11 (ARM) Ziti Desktop does not exist so it is not possible to use in a VM to access MFA feature and so reach clients. The x86 version does not work on Windows11 (ARM).

Solution for the moment is to access clients via a jump host.

Best regards
j

There was an update to the Ziti Destop Edge today for Apple MacOS (Running natively on ARM M1). It now has MFA. I have installed the update and tested. It works!

Thank you

1 Like

Oh @jcox so sorry nobody responded to you. I’m glad the new update is working! Cheers!