You can find the files of network in /var/db/zerotier-one/networks.d/<NETWORK-ID>.local.conf edit it with the selected config parameters:
save the file and restart the Zerotier service
Open terminal and do the following (you will need administrator rights on your Mac) cd /opt/cisco/AnyConnect sudo nano AnyConnectLocalPolicy.xml Then edit the field for ExcludeMacNativeCertStore to "true" <ExcludeMacNativeCertStore>true</ExcludeMacNativeCertStore> Quit AnyConnect and start it up again. You will now receive a certificate warning with the option to continue and, if available, install the certificate.
1- Error Chrome NET::ERR_CERT_INVALID (self signed certificate)
There’s a secret passphrase built into the error page (advanced). Just make sure the page is selected (click anywhere on the background), and type `thisisunsafe` and [ENTER]
2- Self Signed Certificate from localhsot
go to url chrome://flags/#allow-insecure-localhost and enable the option
One of the biggest problem with zerotier was the internal dns resolution for the road warrior users.(for Android this problem was fixed by the zerotier team and i think in the near future the team will fix the problem for linux and windows too)
A little workaround for Linux systems
here 2 Simple scripts to connect the linux system to you “internal” DNS server.
Configure an zerotier edge (like an opnsense firewall or a linux system: es. https://support.zerotier.com/knowledgebase.php?entry=show&search-for=&article=ZWFhNWMyMTZjODY1ODcwNmFhZmJjYmRhN2I5MjRhOGQ_ ) as a possible default gateway of your network from the zero tier console on Managed Routes (add a route like 0.0.0.0/0 to <zerotier_edge_ip>
you can use this 2 scripts on your linux system (systemd compatible)
— For start your Session —
zerotier-start.sh:(remember to set the correct network and DNS IP in the script)
#!/bin/bash sudo echo "DNS=<YOUR_PRIVATE_DNS_IP>" >> /etc/systemd/resolved.conf sudo systemctl restart systemd-resolved sudo /etc/init.d/zerotier-one restart sudo zerotier-cli set <network> allowManaged=true sudo zerotier-cli set <network> allowGlobal=true sudo zerotier-cli set <network> allowDefault=true
make the script zerotier-start.sh executable
— For stop your Session —
zerotier-stop.sh:(remember to set the correct network and DNS IP in the script)
#!/bin/bash sudo sed -i "/DNS=<YOUR_PRIVATE_DNS_IP>/d" /etc/systemd/resolved.conf sudo systemctl restart systemd-resolved sudo zerotier-cli set <network> allowManaged=false sudo zerotier-cli set <network> allowGlobal=false sudo zerotier-cli set <network> allowDefault=false sudo /etc/init.d/zerotier-one stop sudo /etc/init.d/networking restart
make the file executable
And Remeber!!!! run the Stop scrtpt every time you have finished your zerotier session.