Skip to content

Configuration Wizard

Configuration Wizard

When browsing to Mideye Web GUI for the first time the configuration wizard will be presented. Follow the steps to get started with a basic configuration.

The Web GUI can usually be reached at https://<hostname/IP-address>:<port> with the port that was set during the installation process (usually 443 or 8443).

New installation

The following section will show a new installation of Mideye Server 6.

Before proceeding, make sure to have the customer-specific TCP port available. Contact support@mideye.com for further information.

Begin the configuration

Begin the configuration by clicking "Start".

Setup challenge

To protect the web interface from unauthorized access, a challenge from the Mideye Server logs must be fetched before proceeding. This challenge can only be accessed by local administrators and is by default located in:

C:\Program Files (x86)\Mideye Server 6\log\mideyeserver.log

/opt/mideyeserver6/log/mideyeserver.log

Copy the SETUP CHALLENGE from the Mideye Server log:

2022-05-20 09:18:45.201Z INFO  [main] RadiusServerService: loaded
2022-05-20 09:18:45.498Z WARN  [main] SetupService: ************************************
2022-05-20 09:18:45.498Z WARN  [main] SetupService: ******* SETUP CHALLENGE: mmnsMuGFjJ
2022-05-20 09:18:45.498Z WARN  [main] SetupService: ************************************
2022-05-20 09:18:45.498Z INFO  [main] AuthenticationLogCleanupService: OnLoaded: cronExpression: [0 0 * * * *]
2022-05-20 09:18:45.498Z INFO  [main] AuthenticationLogCleanupService: OnLoaded: retentionInDaysForAuthenticationLog: [365]
2022-05-20 09:18:45.498Z INFO  [main] AuthenticationLogCleanupService: OnLoaded: retentionInDaysForAuthenticationLogEntries: [30]
2022-05-20 09:18:45.498Z INFO  [main] AuthenticationLogCleanupService: OnLoaded: clusterLeader: [true]
2022-05-20 09:18:46.920Z INFO  [main] UndertowSSLConfiguration: Setting user cipher suite order to true
2022-05-20 09:18:47.311Z INFO  [main] threads: JBoss Threads version 3.1.0.Final
2022-05-20 09:18:47.455Z INFO  [main] MideyeServerApp: Started MideyeServerApp in 31.623 seconds (JVM running for 32.483)
2022-05-20 09:18:47.471Z INFO  [main] MideyeServerApp:
----------------------------------------------------------
    Application 'MideyeServer' is running! Access URLs:
    Local:      https://localhost:443/
    External:   https://10.240.1.10:443/
    Profile(s):     [prod]
----------------------------------------------------------

Paste it into the Setup Challenge window.

Root password

Create a strong password for the root user.

Switch Connection

Enter the customer-specific TCP port obtained from Mideye Support. Click "Next" and the Web GUI will automatically try to connect to Secondary Mideye Switch based on the TCP port provided. The connection must be established before proceeding with the configuration.

Info

For new customers the Mideye Server will only be able to contact secondary.mideye.com. After a few days, when the connection has been tested and verified, access will automatically be granted to primary.mideye.com.

If the switch connection fails an error message appears on screen:

DNS records are used for accessing the switch (secondary.mideye.com), and if no DNS is available to the Mideye Server the IP address can be added manually using the “Show advanced settings”. Replace the hostnames with the following IP addresses:

  • primary.mideye.com : 217.151.192.84
  • secondary.mideye.com: 79.136.112.54

If no connection can be established, make sure that no firewalls are blocking the TCP-traffic between the Mideye Server and Mideye’s public secondary service. For further troubleshooting, contact support@mideye.com.

LDAP profile

The next step of the initial server configuration will be to add an LDAP profile for looking uo user accounts. This step is optional and by clicking “Skip” this step can be ignored.

  • Give the LDAP profile a friendly name.
  • Choose “LDAP Server Type”.
  • Add the IP or the hostname of the LDAP server. If LDAPS is to be used the address needs to be the hostname.
  • Specify which port to use.
  • The Mideye server needs a service account with read permissions to the LDAP catalog. The account can be specified with DN or with UPN.
  • Check the LDAPS box if TLS protection should be used. Make sure to select the correct port if enabled. Click “Fetch certificate” to import the certificate.
  • Add the search base of the LDAP directory manually or use the "Fetch Searchbase" button. This must be specified in DN-format.
  • As an option, user search can be restricted to certain groups by adding group names (DN format) in the Group(s) field.

Click “Continue” when done.

RADIUS Client

Final step is to add a RADIUS client. This step is optional and can also be done later.

  • Give the RADIUS client a friendly name.
  • Specify an IP or hostname of the client.
  • Add a shared secret for the RADIUS client.

Review and apply configuration

Review the information added during the configuration and click "Finish" to proceed.

Proceed to login

Now that the configuration is done, click "Proceed to login" to go to the Web Admin GUI and login with the credentials of the root user that was created during configuration.

For further configuration of the Mideye Server, see the Reference Guide.

Offline installation

The server can be used completely offline with On-premise TOTP tokens. To install the server without any connection to MideyeSwitch central service. Please contact the support.