Hi,
We will be rolling out the Ziti clients to all our Win10/11 laptops, and one of our concerns is the Ziti client auto starting and running inside the LAN, where we have an Edge Router. Ideally, we would want the Ziti to auto start and running when outside the LAN, but be disabled when inside the LAN.
Is this achievable? Appreciate your help.
Hi Shel_zt,
Welcome and thanks for reaching out to NetFoundry.
Currently we don’t have an option on our WDE clint to support your requirements.
If users are often working in the office, we recommend to disable the auto start of WDE by going to the Task Manager >> Startup apps >> right click on ZitiDesktopEdge and disable.
Thanks Girish,
In the instance where the Ziti client is running on a PC in the office on the same subnet as the Edge router, does the traffic go out to the internet and back through the edge router? Or is the traffic direct from the laptop/desktop to the edge router?
Thanks again.
Hi Shel_zt,
If the WDE client is turned on in a laptop/desktop and if any services are assigned to the identity, the traffic will pass through the WDE client >> then the fabric edge routers (not the ER hosted on same subnet) via internet >> destination egress customer edge router or Tunneler. The return traffic is also the same.
If you would like to know more about but the Edge routers, go to Create and Manage Edge Routers
Not quite. The control traffic would still have to go out to the Controller. If there is an Edge Router with an edge listener configured then the actual data plane traffic could remain within the LAN, as the local Edge Router should be the best latency choice. There is a chance it could go out and back in, but shouldn’t under normal circumstances, only some sort of impairment in the local connection between the client and Edge Router. The situation where an Edge Router could successfully host the service and not provide the edge listener to the LAN would be very strange but theoretically possible.
Thanks Mike, Girish.