Can only ping one way

Hello. I just installed zerotier and have on it 2 machines, one win10 behind a personal router, and one ubuntu in another location.
If I try to ping the physical IP it works two way
If I try to ping the managed IP, I can ping from Win to Ubuntu but not the reverse.
Given the ping to physical IP works it doesn’t seem to be a windows port issue.

When I check sudo zerotier-cli peers, the windows machine is shown as LEAF / DIRECT.

Also, if I try, from the windows machine, to access services running on ubuntu (for example pgadmin, elastic…), it works if I connect via Chrome using the physical IP for hostname, but when I try using the zerotier managed IP it doesn’t connect (blue wheel, page never loads).

Can you please provide some suggestions ?

Thank you very much in advance

  1. I suspect Windows firewall issue, so you probably need to add a rule.
  2. run sudo netstat -tulpen on Linux to see the listening ports and the corresponding processes/apps. I guess you will not see the apps listening on ZT interface there. The reason for that is the ZT interface was not there or it was down when the app was initially started. If you restart the server app that will probably solve the issue.

Hi @AndrewZ

  1. I’ll look into this - thought I did but will try more
  2. I restarted and still don’t see the apps - though I’ll add they are all dockerized. Checking the command you suggested I see ‘docker-proxy’ listening on the ports, for example for pgadmin:
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode      PID/Program name  
tcp        0      0 0.0.0.0:5050            0.0.0.0:*               LISTEN      0          31413      1820/docker-proxy

but I don’t see any corresponding entry with the same port for zerotier-one.

And after the restart, replacing the physical IP/port in Chrome by the managed one still refuses to connect. To be clear: both computers are authorized and active in the console.

So after reboot, ping between the managed IPs works 2-ways as intended.
If relevant: the zerotier network is using ipv4 auto-assign on 172.24.*.*, and my home network is assigning IPs 192.168.50.xx

When I try to connect to the remote server’s services from my mac (on the same wireless network as my pc) using its managed IP, it works perfect.
When I try from my windows, it doesn’t work, even with firewalls down, even when adding port forwarding between the two managed IPs, even when trying on another browser (edge i/o chrome), even when changing the network profile to Private network // though when I ty to access the service using the physical IP it works => not a firewall rule issue, not a router issue, not a browser issue… some odd setting in windows perhaps?

I looked into the available networks on my PC and I see the ZeroTier. When running a diagnostic on it, it suggests:

Change the TCP/IP settings for the n"ZeroTier One [*******************]" adapter:
The adapter is currently set to use a specific IP address that is incorrect, rather than obtaining an IP address automatically.

And see the full details of the config of the zerotier network on my machine:

Details about network adapter diagnosis:

Network adapter ZeroTier One [**************************] driver information:

Description . . . . . . . . . . : ZeroTier Virtual Port
Manufacturer . . . . . . . . . : ZeroTier
Provider . . . . . . . . . . . : ZeroTier
Version . . . . . . . . . . . : 3.0.0.1
Inf File Name . . . . . . . . . : C:\WINDOWS\INF\oem158.inf
Inf File Date . . . . . . . . . : Tuesday, November 24, 2020 11:46:56 AM
Section Name . . . . . . . . . : zttap300.ndi
Hardware ID . . . . . . . . . . : zttap300
Instance Status Flags . . . . . : 0x180200b
Device Manager Status Code . . : 0
IfType . . . . . . . . . . . . : 6
Physical Media Type . . . . . . : 14

Thanks

I notice this is the exact same issue experienced by someone else last year:

@dme were you able to fix this ?

so no one managed to get these pesky windows10 issues fixed?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.