Overview
ZeroTier creates a private network between approved computers. After both the QBM Server computer and QBM Client computer join the same ZeroTier network, the client can use the server's ZeroTier Managed IP address as the QBM server address.
Typical QBM flow: QBM Client -> QBM Server Windows Service -> Microsoft SQL Server.
ZeroTier does not change how QBM works internally. It only provides a private network path between the computers.
| QBM Field | What To Enter When Using ZeroTier |
|---|---|
| Server / IP | The QBM Server computer's ZeroTier Managed IP address, for example 10.147.17.101. |
| Port | The normal QBM Server port. In a standard QBM setup this is 8050. |
| Instance Name | The SQL Server instance used by the QBM company database, for example 10.147.17.101\SQLEXPRESS or the existing value provided by the QBM installer/support team. |
No QBM code change is required. Do not add ZeroTier Network ID or ZeroTier Node ID fields to QBM Client. Those values belong to ZeroTier administration only.
When To Use ZeroTier
ZeroTier is useful when a customer needs QBM Client computers outside the office to connect to the QBM Server computer privately.
| Scenario | Recommended Use |
|---|---|
| Remote branch or remote accountant | Install ZeroTier on the QBM Server computer and on the approved remote QBM Client computers. |
| Temporary support access | Authorize the support computer only while support is needed, then remove it from the ZeroTier network. |
| Same office LAN only | ZeroTier is optional. Normal local IP or server name may be enough. |
| Public browser access to QSalesView or QClock | Use a web publishing approach such as Cloudflare Tunnel or a hosted URL. ZeroTier is better for private device-to-device access, not public customer web pages. |
Advantages Compared With Hamachi
Both ZeroTier and Hamachi can create private networks. For QBM deployments, ZeroTier is usually the cleaner option when the goal is private access to QBM Server from approved computers.
| Area | ZeroTier Advantage For QBM |
|---|---|
| Private managed network | Devices must join the selected network and be authorized before they can communicate. |
| Clear IP addressing | Each approved device receives a Managed IP that can be used directly in QBM Client settings. |
| Modern administration | Networks and members are managed from ZeroTier Central, making it easier to name, approve, remove, and audit devices. |
| No public QBM Server exposure | QBM Server can stay private. The customer does not need to publish QBM port 8050 to the public internet. |
| Remote support control | Support devices can be authorized when needed and removed after the work is complete. |
| Scalability planning | ZeroTier has plans for small teams and larger deployments. Check the current vendor pricing before committing a customer deployment. |
Licensing note: Vendor plan limits can change. Confirm the current ZeroTier and Hamachi pricing/subscription pages before promising a device count or commercial plan to a customer.
Important ZeroTier Terms
| Term | Meaning | Use In QBM? |
|---|---|---|
| Node ID / My Address | The unique ID of one ZeroTier-installed computer, such as 03b4a1b62d. |
No. Use it only to identify the device in ZeroTier Central. |
| Network ID | The ID of the ZeroTier private network. It is pasted into ZeroTier when joining a network. | No. QBM Client does not need this value. |
| Managed IP | The private IP assigned to a device inside the ZeroTier network. | Yes. Enter the QBM Server computer's Managed IP in QBM Client's Server/IP field. |
| Authorize | Admin approval that allows a joined device to communicate on the private network. | No QBM field, but this must be done before QBM Client can connect. |
Before You Begin
Prepare the following information before installing ZeroTier for a customer.
- Access to the QBM Server computer.
- Access to each QBM Client computer that must connect remotely.
- A ZeroTier Central account owned by the customer or by the responsible IT administrator.
- The QBM Server port, normally
8050. - The correct SQL Server instance name used by the QBM company database.
- Permission to adjust Windows Firewall on the QBM Server computer.
Do not use a personal employee account as the only owner of a customer network. The network should be managed by the business owner, IT administrator, or approved support account.
Install And Join On The QBM Server Computer
- Open the ZeroTier download page and install ZeroTier on the computer that runs QBM Server.
- Open ZeroTier Central and create a private network for the customer.
- Use a clear network name, for example
CustomerName-QBM-Private. - Copy the ZeroTier Network ID from ZeroTier Central.
- On the QBM Server computer, right-click the ZeroTier tray icon.
- Select Join New Network.
- Paste the Network ID and join.
- Return to ZeroTier Central, find the server computer in the Members list, and authorize it.
- Give the server member a clear name, for example
CustomerName-QBMServer. - Record the server's ZeroTier Managed IP. This is the IP that QBM Client will use.
- Keep Start UI at Login enabled if the customer wants the tray UI available after sign-in. Confirm that the ZeroTier service itself starts with Windows.
Example: If the server Managed IP is
10.147.17.101, the QBM Client Server/IP value will normally be 10.147.17.101.
Install And Join On Each QBM Client Computer
- Install ZeroTier on the QBM Client computer.
- Right-click the ZeroTier tray icon and select Join New Network.
- Paste the same ZeroTier Network ID used by the QBM Server computer.
- Return to ZeroTier Central and authorize the client computer.
- Name the client clearly, for example
CustomerName-Accounts-PC01. - Wait until the client shows the network as connected.
- Test connection from the client computer to the QBM Server Managed IP.
Best practice: Authorize only the devices that need QBM access. Remove old laptops, temporary support computers, and employees who no longer need access.
QBM Client Connection Settings
After ZeroTier is connected on both computers, open QBM Client and enter the normal QBM connection settings using the server's ZeroTier Managed IP.
| Field | Example | Notes |
|---|---|---|
| Server / IP | 10.147.17.101 |
Use the QBM Server computer's ZeroTier Managed IP. |
| Port | 8050 |
Use the same QBM Server port already used by the customer. |
| Instance Name | 10.147.17.101\SQLEXPRESS |
Use the customer's real SQL Server instance name. If support previously supplied a different value, keep that approved value. |
| Database | Customer company database name | The database must exist and the QBM user must have access. |
| User ID / Password | Customer QBM login | ZeroTier does not replace QBM authentication. |
Do not enter the ZeroTier Node ID in QBM Client. A value such as
03b4a1b62d is only a device identifier inside ZeroTier. QBM Client needs the server's Managed IP address.
Testing Checklist
Run these checks from the QBM Client computer after both devices are authorized in ZeroTier Central.
| Test | Command Or Action | Expected Result |
|---|---|---|
| Ping the server | ping 10.147.17.101 |
Replies from the server Managed IP. |
| Check QBM Server port | Test-NetConnection 10.147.17.101 -Port 8050 |
TcpTestSucceeded : True |
| Open QBM Client | Enter Server/IP, Port, Instance Name, database, and login. | QBM Client connects and opens the company database. |
Replace
10.147.17.101 with the real ZeroTier Managed IP of the customer's QBM Server computer.
Firewall And Security
ZeroTier provides the private network path, but Windows Firewall still controls what services can be reached on the QBM Server computer.
- Allow inbound TCP
8050on the QBM Server computer for the ZeroTier network adapter. - Confirm the QBM Server Windows Service is running.
- Confirm SQL Server is running on the correct instance.
- If SQL connectivity is required through the network, allow the correct SQL Server port or SQL Browser configuration according to the customer's SQL setup.
- Do not open QBM Server port
8050to the public internet unless a separate approved hosting/security design exists. - Keep QBM usernames, passwords, permissions, and company access controls active. ZeroTier is network access, not application authorization.
Ongoing Administration
Use these rules to keep the customer deployment clean and supportable.
| Task | Recommended Practice |
|---|---|
| Network naming | Use a clear name such as CustomerName-QBM-Private. |
| Device naming | Name each member by customer, role, and computer, such as CustomerName-QBMServer or CustomerName-Accounts-PC01. |
| Access review | Review authorized devices regularly and remove devices that no longer need QBM access. |
| Support access | Authorize support devices only when needed. Remove them after the support session. |
| Documentation | Record the customer network name, server Managed IP, QBM port, SQL instance name, and authorized device list. |
Troubleshooting
| Problem | Likely Cause | What To Check |
|---|---|---|
| ZeroTier shows no network joined | The server or client has not joined the ZeroTier network. | Join the correct Network ID from the ZeroTier tray icon. |
| ZeroTier shows access denied | The device joined but was not authorized. | Authorize the device in ZeroTier Central. |
| Ping fails | Wrong Managed IP, device offline, network not authorized, or local firewall issue. | Confirm both devices are online, authorized, and using the correct Managed IP. |
Test-NetConnection to port 8050 fails |
QBM Server service is stopped, wrong port, or firewall is blocking. | Restart QBM Server service and allow inbound TCP 8050 on the server. |
| QBM opens but database login fails | Wrong database, wrong user/password, or SQL instance issue. | Verify the QBM database name, login, and SQL Server instance name. |
| Connection works but is slow | Internet latency, poor upload speed at the server site, or unstable connection. | Check both internet connections and test outside peak hours. |
FAQ
Do we need to change QBM code for ZeroTier?
No. QBM Client already accepts Server/IP, Port, and Instance Name. Use the QBM Server computer's ZeroTier Managed IP in the Server/IP field.
Should QBM Client store the ZeroTier Network ID?
No. The Network ID is only used by ZeroTier to join a network. It is not part of the QBM connection.
Should QBM Client store the ZeroTier Node ID?
No. The Node ID identifies a device inside ZeroTier Central. QBM Client cannot connect to QBM Server by using that value.
Can one QBM Server support multiple remote clients through ZeroTier?
Yes, if all client computers are authorized in the same ZeroTier network, QBM Server is running, the firewall allows the required ports, and the customer's internet connection is strong enough.
Can ZeroTier replace QBM user security?
No. ZeroTier only controls private network access. QBM users, passwords, database permissions, and QBM security groups must still be managed normally.