Articles in this section

See more

ZeroTier VPN Setup and Use

Follow

Module Objective: Users will be able to connect an EditShare system to a ZeroTier VPN account and use ZeroTier VPN with clients to access the system remotely.

1 Setup a ZeroTier Account

2 Use EFS Control EditShare system to create and connect to a ZeroTier network.

3 Install ZeroTier Client on remote workstations.

4 Use EditShare Connect to connect to a remote EditShare site using VPN.
 

Prerequisites

  • All EFS servers updated to 2024.2.0 or later
  • EditShare Connect Clients updated to matching 2024.2.0 or later
  • An "on prem" EFS installation
  • Internet gateway should be set on the Primary 10G NiCs on all servers in a cluster as dual - homed

 

Setting up a ZeroTier Account

In order to work with ZeroTier VPN, the user must set up a paid, ZeroTier account and use the access token to connect the EditShare system.

  1. Use a web browser to navigate to the ZeroTier Website at www.zerotier.com.

  2. Either log in to an existing account or create a new one.

NOTE: A paid account is required for EditShare features to work with ZeroTier.

Screenshot 2025-01-23 144737.png

  1. Once you have logged into the account, navigate to the “Account Tab” and scroll down to the API Access Tokens Section.

If you created a new account, you will be prompted to create a new network. You can ignore this prompt, because EditShare EFS Control will create an network with all of the appropriate settings automatically when you get to that step.

  1. Create a new token by clicking “New Token”. Give it a label, click generate, and then copy the string and click “done”.

The token will be displayed one time and cannot be accessed again after clicking “Done”, so make a copy of it and store it in a secure place like a password vault.

Screenshot 2025-01-23 145657.png

 

Label the Token
Screenshot 2025-01-23 145718 redacted.png
 
 
Copy the entire string and click done.

  1. Initial setup of the ZeroTier account is complete. You will return to this account later to verify the results of the network setup done by EFS Control.

 

Connecting EditShare System to ZeroTier Account and Creating a Network

  1. From the EditShare Landing Page, open EFS Control and navigate to System>VPN, then click Configure ZeroTier network.

Click Configure Zero Tier.png
 

  1. In the settings sidebar, select Enable ZeroTier VPN.

  2. Paste or enter the ZeroTier API token into the token field.

  3. If you have a multi-node cluster, select the gateway server to be used.

  4. Enter a name for your new ZeroTier Network if desired. This will be set automatically if left blank.

  5. If you have a reason to define specific IP ranges, set the CIDR block. Only set this if you understand the purpose and have specific valid reasons for doing so. In most cases, this should be left blank and configured automatically.

  6. Set the Firewall Mode. The default setting is “Allow traffic only on ports used by clients.” This opens up only the ports on the network used by EditShare Connect and other Flow Client Apps. The “Allow traffic on all ports” allows all network traffic to move between the computers on the network.

Screenshot 2025-01-31 120504.png
 
 

  1. When you “Save changes,” if everything succeeded, you should see a summary message with ZeroTier enabled, and details of the network.

Note: This action causes EFS to create an EditShare managed network in the ZeroTier environment, but you should NOT touch or otherwise change its settings from the ZeroTier configuration pages.

 

Screenshot 2025-08-05 104731 highlight.png

 

  1. The new network created by EFS Control will now show up in your ZeroTier Account. No additional settings are needed.

  2. Copy the 16-character Network ID. This Network ID is used in client applications to tell the client what network to connect to. Later, you will use this ID to tell EditShare Connect what ZeroTier Network to connect to.

After configuring the server for ZeroTier VPN, you can start configuring clients.

 

Configuring Client Machines to Connect to EditShare via ZeroTier VPN

  1. Download and install the ZeroTier VPN package on a client machine you wish to join to the VPN from zerotier.com/download

 

  1. Quit EditShare Connect if it is currently running.

  2. Install the ZeroTier Client application.

  3. Then launch EditShare Connect. (You must be using version 2024.2.0 or greater)

  4. You should now see the additional Configure VPN button in the ESC login screen.

 

Screenshot 2025-01-31 120239 w highlight.png

 

  1. Select the “Configure VPN” button and enter the 16 digit network ID you copied in the previous step into the ZeroTier client and click connect. At this point you will now be connected to the VPN but not yet authorized. An EditShare administrator needs authorize your client before you can access the server. Note the “Client ID” which appears on the popup which says “Access Denied”

Screenshot 2025-08-05 124023.png

 

At this point, an EditShare Administrator who has access to EFS Control will need to grant that user access.

  1. Login to EFS Control > System > VPN > Client.

  2. Locate the Client ID from the previous step you wish to grant access to, select them.

  3. In the ZeroTier VPN client settings pane which pops up, enable “Client authorized” and Save the changes. The status which previously showed “Unauthorized” should now show “Offline.”

  4. You can also give the client computer a friendly name which will allow you to more easily identify the computer in the future. This name will also show in the ZeroTier account for the authorized client.

 

Screenshot 2025-08-05 104819.png
 

At this point, you can connect to the EditShare server using EditShare Connect and ZeroTier VPN

 

Connecting to EditShare Remotely Using EditShare Connect and ZeroTier VPN

 

  1. Back on the workstation, launch EditShare Connect

  2. Ensure the “Use ZeroTier VPN” box is checked, then enter the IP of the server you’re going to connect to as well as a valid username and password on that system to login to ESC.

You should now be logged into ESC to the site you just configured ZeroTier VPN for. Mount EFS shares as usual. Your performance and editing experience using Swiftlink will be dictated by the performance of the internet connection and firewalls at the EFS and client locations.

 

Connecting to a Different VPN

There may be times when you want to connect to a different EditShare server over the VPN. At this time, EditShare Connect only support connection to one ZeroTier VPN network at a time. If you want to switch to a different network, you must “Forget the existing network.

  1. In the EditShare Connect login panel, select Configure VPN.

  2. Select “Forget Network”

  3. Click Configure VPN again and enter the Network ID of another ZeroTier VPN network.

  4. Repeat the steps to authorize the client via EFS Control on the new EditShare server.

  5. Connect to the new server as you did previously.

Related articles

Comments

0 comments

Article is closed for comments.