ZTNA - Deployment
Getting Started with Your ZTNA Service
Identity Provider Usage - Creating Users
- E-mail
- User Name
- Given Name (First Name)
- Family Name (Last Name)
- Check Email Verified (You can setup your own SMTP to enable email invites, password changes, etc You can also integrate an SMS/Phone service via a service like Twillio)
- Check Set Initial Password (You, or in the future your users, will change their password on first login)
Netbird Configuration Role Settings for you new User
- Login to the HOSTS URL (provided in the single use note via email) as user admin and elevate the new user to the role of Admin
- Choose Teams > Users > Click on your new account > Choose Amin > Save
Installing Client Peers (Hosts)
When you have two peers installed, they should be able to ping each other on the local NB network. You can see their IP addresses on the Peers page.
Next Steps
II can give you a more in-depth tour after you have run through the quick setup and had time to digest the Getting Started Documentation. The documentation the full documentation for the product. I suggest reading through their documentation to get a primer on all of the functionality available features. Then we can help you with the advanced settings and fill in any gaps you may have.
Future Improvements
In the not-so-far future, we will be distilling down both the Zitadel (IDP) and Netbird (ZTNA overlay) into API calls that can be managed inside the Uplevel Portal instead of having 3 UIs to log in to. You will always have the advanced control panels with the admin user so you can take full advantage of the features of both the IDP (connect your IDP for SSO such as Entra/Google/Auth0/Active Directory/etc.) and create complex ZTNA configurations in Netbird. We want to make standard, flat deployments very simple to manage from the UL Portal and are working swiftly towards this. You can say we are in the Gamma or Delta stages of the product rollout. It's ready to support production environments but requires a few coats of polish that won't interrupt said production environments when added.
Related Articles
Pre-Deployment Checklist
Pre-Deployment Checklist A Deployment Checklist is attached to this article and should be completed for each new client. This ensures that you have all of the necessary Static IPs, VPN Accounts, and other configurations to either pre-setup your ...Site-to-Site VPN - Non-Uplevel (3rd Party VPN)
Introduction You can quickly set up IPsec tunnels to connect to third-party firewalls and cloud services. We currently have 'pre-configured' configurations for Microsoft Azure, Amazon AWS, etc. to remove the complexity from connecting to those ...Site to Site VPN (Uplevel to Uplevel)
Introduction Configuring site-to-site VPNs between Uplevel Gateways is done with a single click. In addition, routing, switching, firewalling, VLANs are all configured automatically to ensure security with maximum convenience. Configuration From your ...Remove an AP (Access Point) from a Customers Portal
This article describes how to remove an AP from your Customer's site in the Portal. If you require support due to an alert that a "Wi-Fi AP unplugged or not working", please see this support article. If you disconnect or relocate an AP you will see a ...Creating Shares and Mapping Windows Network Drives
Creating Shares and Mapping Windows Network Drives Note: These instructions are for a Non-Domain Services (Active Directory) environment. If using the Uplevel Directory Service, drive mapping is automatically done with GPOs on login. Mapped Drives ...