Netbird MFA + Azure MFA bug?
Signed up to Netbird lets say using [email protected], this is the owner. I enabled MFA on this, great.
Now I enable the IdP sync from Azure, sync only users/groups starting with
Netbird-
, this works fine, a handful of users come through.
Lets say [email protected]
is one of those, I make them an admin from the Team/Users page ,and now I try to login, choose Continue with Microsoft Account
, enter bobs Azure username, password, OTP from authenticator(Azure MFA)... But because this MFA option is enabled within Netbird, it redirects me to a second one time code page(see attached image), even though it says in Netbird: Enable NetBird MFA if not configured in your IdP. This setting is global and applies to all users
Is this a bug? I want MFA on this initial owner user, and want to make a couple of extra users admins that use MFA from Azure, so we don't ever get locked out.
...
Android/IOS dns not resolving
Hello i have selfhosted netbird setup in hetzner. I created client and used as exit node. I added recources mostly links "example.com" and created policy and everything is working flawesly. But this setup is not working for android and ios i can open only ip. Can you help me?
iac or config management netbird
how you manage netbird configuration, is there any iac or ansible or custom script api to handle it?
Having an hard time restoring a backup
Hello everyone.
I am experimenting with the ability of making and restoring backups. I did copied the configuration files over the destination, and copied the management database too - after having stopped it, as per instructions. I did also dumped the zitadel's postgres databases and reimported them (after having replaced all the domain strings with the one that will be used in the destination).
Unfortunately despite zitadel does start and I'm able to login, the "/peers" page is stuck forever loading nothing. I was not able to understand what could be wrong by reading the logs. I did find some errors here and there but those are present in a fresh install as well.
Please guide me about how to cherry-pick potential significant error messages to untangle which the culprit of this failing restore might be. Many thanks everyone....

Help with setting up exit node
Hi!
I am looking into how to set up exit node with netbird, and it all works great. The client connects correctly to the exit node . But how do i grant the client internet access via the exit node?
The exit node is a ubuntu vm....
Netbird + Zitadel: All roles in scopes for Device Authorization
Hi all !
I'm currently using Netbird 3.9.1 and an external Zitadel.
I'm having a real security issue with Netbird.
When a user logs in with Netbird, all roles in the Netbird project are displayed in the device authorization request.
The user should only be able to see the roles assigned to them....

Relay STUN/TURN unavailable
Describe the problem
I've been busy trying to fix our netbird self-hosted instance for the last 2 weeks. A lot of troubleshooting and trial&error has been done, and i've reached the point where I can connect to peers again. The (hopefully last) issue left is with STUN/TURN (coturn) and Relay.
#Used Technologies
Netbird, Authentik, Nginx Proxy Manager, Cloudflare...

Mobile IOS not working with self hosted NetBird
Hi there I have a problem to trying to Connect my iphone to a server with NetBird.
Actually I use the self hosted version installed on docker with their script. The connection work perfectly with a Windows computer but not on iphone and not on iPad using the iOS app
That’s really strange because the app say that it is connected to the server but it’s actually impossible to reach the host or the web services...

is it possible to setup DoH in netbird?
i host my own adguard instance which i only want to accessable though https. so is it possible to force clients to use a https dns server? cant set it in the interface.

netbird and traefik
i have a traefik instance running currently with ports 80 and 443 forwarded. now i want to close those ports and only be able to access it while on my netbird network (while still keeping the domain with ssl) so in short i want it only to be accessable when i use netbird but not using its netbird domain (traefik.netbird.cloud) but traefik.example.com. is this possible? i am using the could version right now. for more info about my infrastructure.
Its a proxmox server with lxc-containers. all containers have access to the traefik container (every container has the ip 10.10.10.(lxc-id)) and traefik has a netbird client running. my idea is to have traefik listen on the netbird id. and somehow tell traefik to route *.example.com to the traefik netbird ip...
Stuck on "Add new device to your network" page after account registration
Cannot get past this (see first image) page. I've tried adding clients, both my own machine running Debian with Gnome as well as 6 others with and without a desktop environment. Everything works, the devices get added and can ping each other, but I cannot get past that page and onto the dashboard. I've truly tried everything (famous last words) and I'm definitely no novice when it comes to IT/networking. Even when explicitely nagivating to other dashboard pages via the links found in the docs, I...

NetBird Clients Stuck on Relay – Unable to Establish Direct P2P Connections
I have a NetBird server running inside Docker on an Ubuntu VM. Clients are unable to establish direct peer-to-peer (P2P) connections and are instead routing all traffic through relays. This is causing significant performance issues, especially when using an exit node, where clients experience only 20% of expected speed.
What I Have Checked So Far:
✅ UDP is open and working – Confirmed via tcpdump, showing UDP traffic on port 3478.
✅ Coturn is running inside Docker – It is configured via /home/netbird/turnserver.conf....