3.1.1. Overview
After deploying the ON Core (mandatory) and all its components (optional), we have to connect to the OpenNAC Administration Portal -a web interface that allows us to operate and administrate OpenNAC Enterprise technologies.
We have to use the IP just configured during deployment and our favorite browser as an agent.
Open your favorite browser and type https://<ON_Principal_ip_management>/admin. It is important to use /admin to reach the right logon page.
Important
If you are starting from a fresh installation and the SSL certificates have not been configured, OpenNAC Enterprise defaults to using self-signed certificates. This means that on the first access to the Web Portal Administration, you will have to trust the website from your browser as it will be shown as “Not Secure”. To configure your SSL certificates, see Certificates.
The default credentials created when the product is being installed are:
Username: admin
Password: opennac
Note
You should change the password as soon as you are done with the initial configuration. See Password Management.
You will need your credentials to login to the Administration Portal. In the Portal field, choose Default to access the Default Administration Portal version. The second option called NextGen, will redirect you to the NextGen Administration Portal version that is currently only available for the VPN use case.
The login is protected with the Captcha security control. This feature is placed to make sure that login attempts are made by humans, therefore reducing the risk of DoS/DDoS, or bruteforce attacks. The Login page will require Captcha if you fail to introduce your credentials correctly:
In case you forgot your password, click on the Forgot Password? option:”
Once connected to the Administration Portal, you will find the main navigation menu on the left side, featuring various sections and subsections that offer different capabilities.
The interface is fast and intuitive for the user. It features sections as tabs to improve user experience and efficient administration.
3.1.1.1. Administration Portal Settings
You can locate the Administration Portal settings at the upper-right corner:
The user status shows the following options:
Admin: Displays the user currently logged.
Settings: Allows to change the Administration Portal settings.
Table Settings: Here you can customize the settings of the tables of the openNAC Administration portal. For example, the “Default page length” allows you to define the number of rows per page.
Change password: Allows you to change your password only if you are a localdb user. If you are logged in from an LDAP you will not be able to change your password here.
User Setting: The platform will be displayed in Spanish or English depending on the language of your browser, but you can define the default language for the Administration Portal display independently from the web browser language in this field.
User notes: Here you can create, edit and delete user notes specifying their level (low, normal, or high) and privacy status.
Theme: Allows you to customize the interface theme. You can previsualize the customized settings, change the upper left logo, the login logo, the “About” logo, among other theme configurations (upper bar color, font color, etc.)
Go to NextGen Portal: By clicking on it, you will be redirected to the NextGen Portal version.
For a detailed view of this portal, see the NextGen overview section.
Logout: Allows you to log out of the current user session.
The Web Administration Portal allows reviewing all the changes that have been made during the current user session.
Is possible to review this activity and also the activity for all the users. To view it, go to Status > File Log Viewer > Audit
The product’s current version is shown as soon as the OpenNAC Enterprise is deployed, updated, and also after troubleshooting or bug findings. The current version is also featured at the bottom left side of the interface.
Clicking on About will open a window that shows the current version and the service license information.
To improve screen space and visibility, the web administration interface can be contracted and expanded by clicking on the squared button located on the upper-left corner. This feature affects only the main menu.
This feature is also available for business profiles at ON NAC -> Business Profiles. With the show/hide button, you can show or hide the Business Profiles to have a wider screen.
If we right-click on an OpenNAC Enterprise tab, we will see three options:
Close: Close the selected tab.
Close Others: Close all tabs except the selected tab.
Close all: Close all tabs.
3.1.1.2. Healthcheck
ON Core includes an internal service monitoring feature called Healthcheck which provides real-time status updates on OpenNAC Services, as shown in the picture below.
The Healthcheck dropdown displays the component along with its IP address, facilitating the retrieval of information for SSH access when needed.
These monitoring checks are customizable, allowing users to disable or enable them, and make internal modifications such as adjusting check intervals, specifying the process to be monitored, setting thresholds, and more.
There are a few default services under this monitoring feature (ON Core related). You can see the details by clicking on See full status of onNAC infrastructure:
Consult the complete list of the Healthchecks performed by the system in the Platform Administration section.
From the /usr/share/opennac/healthcheck/healthcheck.ini path you can change monitoring parameters and its options on every server. Monitoring checks are based on API queries. ON Core includes an API RESTfull that allows monitoring the main components from outside of the product OpenNAC API.
By clicking on the + icon, you can expand the information and see more details about each service.
Note
If you are opening a support case, please attach the expanded information from the healthcheck, as it provides the most detailed explanation of the alert.
