The Web interface is based on Cockpit project
¶ How to access
Web interface can be reached using gateway hostname or from a local fixed IP address.
¶ Hostname URL
Wirnet™ gateways hostnames are deduced from their board ID, with XXXXXX replaced by the six hexadecimal digits from the serial number (Board_ID or EUI):
| Gateway model | URL template |
|---|---|
| Wirnet™ iFemtoCell | https://klk-wifc-XXXXXX.local |
| Wirnet™ iStation | https://klk-wiis-XXXXXX.local |
| Wirnet™ iFemtoCell-evolution | https://klk-fevo-XXXXXX.local |
| Wirnet™ iZeptoCell Ethernet | https://klk-zeth-XXXXXX.local |
| Wirnet™ iZeptoCell Cellular | https://klk-zcel-XXXXXX.local |
Example:
- A Wirnet™ iFemtoCell has a board ID of 704BEc1234AB (and 7276FF00391234AB as EUI64)
- Its hostname URL is https://klk-wifc-1234AB.local
The Wirnet™ iZeptoCell Cellular web interface is only available using a direct connection by USB. You may need to have a look to this section (USB tab)
¶ Local fixed IP address
When using local (direct) connection to the gateway (in USB or WiFi AP), you may access the local interface with https://192.168.120.1.
¶ HTTPs
HTTPS ensures that all communications between your web browser and the local web interface are completely encrypted.
The SSL certificate which is configured in the gateway is a self-signed SSL certificate.
A security warning may be displayed by your web-browser. It is actually letting you know that the SSL certificate is self-signed.
In the case of accessing your own gateway this is perfectly fine: you can simply tell your web-browser to accept the self-signed SSL certificate and continue.
More details about the security exception
¶ Login
¶ First connection
You must use the admin user and set your password.
By default the password of the
adminuser is empty.
More details about the first connection flow
You will be prompted to change your password, but first you need to confirm your current password (empty).
You will then be prompted to set and confirm a (new) password.
By default, the gateway will check the strength of the password using pam_pwquality rules.
These checks are:
- Dictionnary checks: check if the password is part of a dictionary
- Palindrome: Is the new password a palindrome?
- Case Change Only: Is the new password the old one with only a change of case?
- Similar: Is the new password too much like the old one?
- Simple: Is the new password too short?
- Rotated: Is the new password a rotated version of the old password?
- Same consecutive characters: Optional check for same consecutive characters.
- Contains user name: Optional check whether the password contains the user name in some form.
These checks are configurable by modifying the
/etc/security/pwquality.confconfiguration file. See pam_pwquality documentation.
For security reasons, it is strongly recommended to choose a strong password.
You may also deactivate password-based authentication after setting up an public key authentication. See ssh
¶ Next connections
You may login with any existing local account (excepting root). Each account will already be associated to a specific password.
¶ Service deactivation
If no password have been set during the first hour after the gateway was powered up, the Web interface is deactivated. The following message is displayed :
This service has been deactivated for security reason.
Please reboot the gateway, and restart the enrollment process.
In this case, the only way to retrieve the Web interface is to reboot the gateway
¶ Features
- Account management: Create/modify/delete local user accounts, manage authorized SSH Keys, etc.
- Services management: Inspect/start/stop all (systemd) services.
- Logs: Access to journald logs with easy filtering.
- Diagnostic report: Generate report tarball for later analysis.
- Terminal: Shell terminal for basic operations.
¶
You are now ready to explore the full potential of our Wirnet™ gateways ! Eventually refer to our use cases section to quickly reach a demo level.