Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Network Requirements

            Modified on Tue, 12 Nov at 12:31 PM

            Network Requirements

            Access to the license server

            The server must be able to access the URL https://licensing.svc.frontlineworker.com/app, which resolves to IP 13.69.62.84. You may need to whitelist this IP in your corporate firewall. A timeout would indicate that the connection is blocked.

            Note: Without a connection to the license server, you will not be able to use the server.

            If you are testing this using a browser on the server, please ensure that either no proxy is required or that our application server is configured to use an appropriate proxy. Available options regarding proxy configuration when invoking the Java VM can be found here: https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html

            The application server must be reachable (from the Frontline Clients and other machines that will be accessing the web interface) by a fully qualified host name (which could also be an IP address that does not change).

            SSL

            Note: SSL is mandatory for Frontline

            The use of SSL encrypted web traffic (HTTPS) is a requirement for Frontline.

            For cloud installations, the required trust is established through the use of certificates issued by a trusted root CA.

            For an on-premises installation, this trust must be established by the local infrastructure, e.g. the local server requires a certificate that is trusted by all local users. The local IT needs to issue a certificate for the server that can be used by the Frontline Command Center. We need a standard X509 certificate as used in other web services. There are two common scenarios for obtaining this:

            • Customer supplied keystore: In this scenario, the customer provides a private key and certificate for the server in the form of a password-protected PKCS12 (PFX) keystore. The password (for the keystore and private key) is either given to TeamViewer during setup or configured by the local IT department in the configured server.
            • Customer signed certificate: In this scenario, TeamViewer will provide a standard X509 Certificate Signing Request (CSR) using the provided hostname for the server. The local IT will sign this request and provide TeamViewer with the resulting certificate in either DER or PEM format. TeamViewer will then configure the server to use this certificate.

            In both cases, it is the customer's responsibility to configure the user machines to trust the resulting certificate in the browser.

            Our software requires the following communication ports. Alternative ports can be configured if required:

            PurposeDirectionProtocolPortRequired

            HTTPS/WWS

            Inbound

            TCP + Websocket

            443 (can be configured)

            Yes

            Wi-Fi connectivity

            Note: DHCP required. Android does not officially support static IP addresses. Please obtain IP addresses via DHCP.

            Supported Wi-Fi features

            TopicChoiceRemarks

            Network Type

            • 2.4GHz
            • 5Ghz

            Security

            • Open
            • WEP
            • WPA/WPA 2
            • WPA-EAP
            • IEEE802.1X

            Networks that rely on a portal page to get access (e.g. entering credentials on a web form) are not supported. 

            EAP/IEEE802.1X Security

            EAP Method 

            • PEAP
            • Password
            • TLS
            • TTLS

            EAP Phase Method 2

            • GTC
            • MSCHAP
            • MSCHAPV2
            • PAP

            Certificate Requirements 

            • Client Certificate 
            • Server Certificate 
            • <= 2048 Bit
            • <= 3072 Bit 
            • <= 4096 Bit 
            • >4096 Bit 

            Some devices do not support client certificates above 3072 Bit strength.

            Identity Settings 

            • User Identity
            • User Password
            • Anonymous Identity

            FaaS

            Frontline Command Center (FCC) uses the concept of Function-as-a-Service (FaaS) to support functionalities used in various parts of the product. This reduces the individual server maintenance efforts and centralizes processing components. These components do not store any data.

            For Frontline cloud services, we use OpenFaaS, which is a serverless framework that can be delivered within Kubernetes Cluster. There are currently three components in use, Proglove, PDFMake, and Imagemagick.

            Proglove is an image generator used to create QR pairing codes and bar codes. These codes can then be used, to connect ProGlove devices to the Frontline Workplace.

            PDFMake is a JavaScript library used to generate PDF files. An application of this is when creating a Service Report in Assist.

            ImageMagick is a software suite used for image manipulation. It is mainly used to scale images from one size to another.

            Note: By default, the URL https://functions.svc.frontlineworker.com/function/ should be accessible for the use of these features.

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0