Difference between revisions of "Connector"

From Airangel Wiki
Jump to: navigation, search
Line 120: Line 120:
====Step 2 - Web Based Login and Licensing====
====Step 2 - Web Based Login and Licensing====
Open a webbrowser and point it to the IP of the newly installed machine (use HTTPS)
Open a webbrowser and point it to the IP of the newly installed machine (use HTTPS)
[[File:FinishedConnector.jpg|200px|thumb|right|A fully configured Connector Menu]]
*Login using Username: Admin/ Password: Admin
*Login using Username: Admin/ Password: Admin
Line 134: Line 136:
When properly licensed the settings menu will look like:
When properly licensed the settings menu will look like:
[[File:FinishedConnector.jpg|200px|thumb|right|A fully configured Connector Menu]]

Revision as of 15:41, 20 March 2019


Image of the Connector/PMS setup wizard.

The connector is used for any task where some elements of the system must be run locally on-premise. It acts as a local agent/proxy for the cloud services.

Examples of services using the connector are:

  • FIAS / Opera PMS
  • NMS
  • Radius for 802.1x

Minimum Requirements

It is typically installed on any standard x86 hardware as a software package on CentOS 7. The recommended route is to use a CentOS 7 Minimal installation and add the package.

Cloud-Hosted Connector

It is technically possible to run the connector in a public cloud (e.g. AWS) and tunnel traffic to the local site, but some elements may be adversely affected, such as increased latency for RADIUS and NMS. It may also breach license agreements for some PMS software.

For AWS use, a t2.micro instance is typically more than sufficient to perform the necessary tasks for one site.

OS Configuration

Notes about suitable configurations of the underlying OS.

Firewall (if required)

Typically, a firewall is not required on the connector itself, since it is already shielded from the Internet by the gateway, and it should sit in a secured network (no direct guest access) given that it is likely to have access to the PMS.

However, if firewall configuration is required, the CentOS 7 standard of firewalld should be used. The installer for the Connector software will open port 443 using firewalld if it is installed.

The simplest command-set for adding firewall rules is, for example:

~# firewall-cmd --permanent --zone=public --add-port=22/tcp
~# firewall-cmd --reload

For further reading see the original documentation or this short guide.

Future Topics


  • Licensing
  • Plugin regsitration
  • PMS configuration
    • FIAS
    • PROTEL
    • ONQ
  • Field policies



Install Command
bash <(curl -s https://repo.captive.net/connector)


[root@localhost ~]# bash <(curl -s https://repo.captive.net/connector)

Welcome to the Captive.net Connector installer

This installer installs all required packages for Captive.net's connector and will provide you basic configuration to get a functional system.

The goal of the initial configuration is to get you up and running quickly and is under no circomstances a replacement for a system administrator that configures and maintains the services or the operating system

The proposed configuration may break or malfunction any existing configuration on the system so DO NOT install this on a production server that is used for other purposes

This installer assumes that this system is freshly installed CENTOS7 MINIMAL

Please enter your instalation key:

  • enter the captive.net installation key

Installing Captive.net repository...

Loaded plugins: fastestmirror

captive-rpm-repo | 2.9 kB 00:00:00

captive-rpm-repo/primary_db | 17 kB 00:00:01

Loading mirror speeds from cached hostfile

base: mirror.kinamo.be

extras: mirror.kinamo.be

  • Now system will install all dependencies for the project
  • After installing you'll see the complete and the request to configure the webserver


Do you want to configure the apache webserver for installed packages? (Y/n):

  • Press Y to configure the webserver

Https port for (captive-connector) [443]:

  • We recommend to keep it on port 433 (just press enter to accept the default)

Web path for (captive-connector) [/connector]: /

  • Set the path to/to avoid having to enter/connector on each web request

Security-Enhanced Linux (SELinux) is enabled.

Enabling SELinux means you need to set proper context for files and folders and write policies to allow proper runtime of the system.

Please enable this if you are familiar with SELinux and are capable to manage the SELinux rules.

Do you want to keep SELinux enabled? (Y/n):

  • Press N unless you are capable of configuring selinux

Do you want to configure the firewall for the required ports? (Y/n):

  • Press Y, installer will open port 433 to the world


Instalation completed

Step 2 - Web Based Login and Licensing

Open a webbrowser and point it to the IP of the newly installed machine (use HTTPS)

A fully configured Connector Menu
  • Login using Username: Admin/ Password: Admin
  • Go to Settings at the top right
  • Go to Connector Settings
  • Enter the Captive.net license key, and press save, on success the connector will be licensed to this IP. IMPORTANT, since this IP (or it's URL) will be licensed it's important to use the production IP's or domains. If not, old ones will need to be removed from the license in order to free up licenses for others.
  • Configure a new, more secure password
  • In case applying the license returns invalid license, please contact Captive support with the URL you are licensing and the license key. Possibly the amount of licensed are used up.

When properly licensed the settings menu will look like: