Preinstall checklist
Hardware Requirements¶
- Mideye server RAM requirements:
– Linux: 4 GB – Windows: 8 GB - 10 GB free disk space
- Physical or virtual server platform
Network Requirements¶
The following ports are used for communication with the Mideye Server and needs to be open for traffic in the network. If sharing platform with other applications, verify that the following ports are not in use:
Standard ports for reaching Mideye Server Web GUI
- TCP/443 or TCP/8443 - Mideye Server Web GUI port is configurable during installation
Standard RADIUS ports between client and Mideye Server
- UDP/1812 (two-way) - standard RADIUS authentication
- UDP/1813 (two-way) - if using RADIUS accounting
- UDP/3799 (two-way) - for clients that support RADIUS Disconnect Message
Standard ports between Mideye Server and database
- TCP/3306 - if using MySQL on remote server.
- TCP/1433 - if using SQL server from Microsoft on remote server.
Ports between Mideye Server and user repository
- TCP/636 - if binding to LDAP with TLS (LDAPS)
- TCP/389 - if binding to LDAP (not recommended)
Mideye Server to central Mideye Switch communication
- Open for outgoing traffic on assigned customer specific port
Mideye Server needs to reach DNS server if:
- using LDAPS
- using FQDN in the Switch Configuration
- using Assisted Login with RADIUS disconnect message
Software Requirements¶
Operating System¶
A user account with administrator rights is required to install the software, restart services and reboot the operating system.
Supported Windows Operating Systems¶
Windows Server 2012 R2 (64bit) (EOL - October 10, 2023)- Windows Server 2016 (64bit)
- Windows Server 2019 (64bit)
- Windows Server 2022 (64bit)
Supported Linux Operating Systems¶
- Ubuntu 16.04-LTS
- Ubuntu 18.04-LTS
- Ubuntu 20.04-LTS
- Ubuntu 24.04-LTS
RHEL/CentOS 7 (EOL - June 30, 2024)- RHEL/Rocky/Alma 8
- RHEL/Rocky/Alma 9
Other supported systems¶
- Docker
- Podman
Database¶
The database is not included in the installation package and needs to be created before proceeding with the installation.
Database Encryption¶
When the Mideye Server 6 connects to a clean database it will populate it. When RADIUS Shared Sercrets are added the Mideye Server will encrypt them in the database. Make sure to have the keystore and the keystore key backed up in case they need to be retrieved at some point. Read more about this in the Database section of the Reference Manual.
Database Clusters¶
Several Mideye Servers can be connected to a database cluster and share the database. This brings up two concerns:
- One of the servers must be made Cluster Leader.
- The RADIUS Shared Secrets stored in the database are encrypted. Because of this the keystore and the keystore key needs to be replicated to all Mideye Servers.
Read more about this in the Shared Database section of the Reference Manual.
Supported Databases¶
- Microsoft SQL Server 2014
- Microsoft SQL Server 2016
- Microsoft SQL Server 2017
- Microsoft SQL Server 2019
- Microsoft SQL Server 2022
- Mariadb 5.5.63+ or 10.0+
- MySQL 5.5.3 or greater
*The express version is also supported and most common in multiple single server setups.
Checklist¶
Database¶
Note the following:
- Host name / IP address.
- Database type (Microsoft SQL or MySQL).
- SQL account name and password.
- Database name (default: mideye).
- Instance name (if applicable).
Note
Installing and upgrading Mideye Server requires a database account with rights to ALTER, CREATE and DELETE tables in the Mideye database.
The database can be installed locally or be hosted remotely on another server. If two or more Mideye Server 6 is connected to the same database one of them needs to be set as Cluster Leader.
LDAP Server (if applicable)¶
Note the following:
- LDAP service account with read-rights for Mideye Server user search.
RADIUS clients¶
Integration manuals for the RADIUS client (e.g. VPN-concentrator, Citrix portal etc) can be found under the Intergraions menu.
Note the following:
- IP Address
- RADIUS port
- RADIUS shared secret
- If PAP or MS-CHAPv2 is used. Note: For MS-CHAPv2, a Microsoft Network Policy Server (NPS) is required.
Firewall¶
- Ensure the firewall is open for two-way communication between RADIUS client and Mideye Server on the selected RADIUS port (default: udp/1812). If installing on Windows the installation package will automatically add firewall rules for RADIUS and the TCP-port that is being used by the web-interface. Note that these firewall rules by default will only allow traffic on the Ethernet port if its “Network profile” is set to “Private”. These firewall openings must be added manually when installing on Linux-based operating systems.
- Note the public IP used by the Mideye Server when communicating with the Mideye Switch on a customer-specific TCP port assigned by Mideye.
- Request a firewall opening and customer specific TCP port from support@mideye.com.
-
Verify that the firewall is open for outgoing TCP traffic from the Mideye Server to 217.151.192.84 and 79.136.112.54 on the customer-specific port.
Note
Be advised, that during a new installation, the Mideye Server will only be able to contact secondary.mideye.com. The firewall opening to primary.mideye.com will take place after traffic has been sent from the customers Mideye Server to secondary.mideye.com. This will take a few days to complete. During this time, the installation can be completed and traffic will be handled by secondary.mideye.com.
-
For simplified Mideye+ activation, the Mideye Server also needs access to the following URLs: https://activate01.mideye.com:443 https://activate02.mideye.com:443 https://activate01.mideye.com/health
Proxy server (if applicable)¶
Note the following:
- Proxy server IP address
- Port number
- SOCKS version
Installation package¶
Request login credentials to https://downloads.mideye.com from support@mideye.com. Include your mobile number in the request, since login is protected with two-factor authentication.