Setting Up the Mobile Client

Introduction

This section explains the prerequisites and requirements for setting up AdvanceGuard® or ClearWay™ Mobile Clients.

Contents



Prerequisites

Supported Browsers

There are two web browsers that the AdvanceGuard® and ClearWay™ Mobile Clients support:

 

Browser

 

Browser

Google Chrome

Microsoft Edge Chromium (codenamed Anaheim)

Configuration Requirements

Default Access Details

The default port number is 8443.

The default Mobile Server IP Address is the same as the Management Server Address.

How to Change A Mobile Server Port

Whilst the default port is 8443, you can change it by following these steps:

  1. Open the Topology page and navigate to the Integration Services tab and click on the Mobile Server:

     

  2. Click the Edit button:

     

  3. You can then amend the port number as required and then click Save to save the change:

Certificate Replacement Procedure

The self signed certificate for the Mobile Server is located here: %ProgramData%\Navtech\MobileServer and it is called MobileServer.pfx.

You can replace it with your own certificate provided it is stored as a PFX with the appropriate password. Please contact Navtech Radar Customer Support for details on the required password.

Remote Network Access Suggested Examples

Example 1

This is a simplest scenario with a local network where the Mobile Client is on the same network as the Mobile Server. This assumes that all Witness services are installed on the local network:

Example 2

This example has a private network that spans two different sites but is connected via a VPN. In practical terms this is the same as the first option because the VPN is transparent to the Client PC.

It assumes that all Witness services are installed on the Site A network and that both sites have access to the same internal DNS Server or name resolution system, so that the Mobile Server hostname can be used by the Client:

Example 3

The last suggested example has a mobile device remotely accessing the Mobile Server across the internet. In this scenario the Mobile Server has to be exposed to the internet.

The following assumptions have been made:

  • All Witness services, except the Mobile Server, are on the local secure network.

  • The internet connected firewall / router has one or more public static IP address.

  • There is a public domain that can be configured with a DNS A record for one of the public static IP addresses.

  • The firewall can be configured with appropriate security rules and NAT configuration to allow the incoming client requests to be forwarded to the Mobile Server.

  • The default port of 8443 is used, however, externally any port could be used, including 443 as long as this is mapped internally to the port configured on the Mobile Server.

Mobile Server Resilience

For Mobile Server resilience you could deploy more than one Mobile Server as illustrated in this example and then utilise the DNS Round Robin mechanism to ensure the clients load balance and always connect to an available server:

Note that the Mobile Server resilience is based on an Active-Active configuration. A client can use any of the installed servers.

Using the Round Robin DNS approach means the DNS server would provide alternate IP addresses from all of the Mobile Server entries configured for a common domain name.

  1. The first request from a client gives the first IP address which means that the client will connect to the first mobile server.

  2. The next client requests an IP address for the same name but it now gets the second IP address in the list so it will connect to the second mobile server.

This provides load balancing because you share clients between the available servers. More importantly it gives you resilience because if a mobile server goes down and a client tries to connect to it and fails, when it tries again it will be given the address of the next available mobile server in the list which it can then connect to.

Configuration of the site network is outside the scope of the documentation and is not the responsibility of Navtech.

Web Access Requirements

If the web UI client (the user’s PC) is behind a firewall then the mobile client must have access to the Google Maps API to work. You will need to set up your firewall to allow going connections the relevant domains / IP addresses. Please refer to: https://developers.google.com/maps/domains for this list, and you will need to regularly check to ensure that it is up to date (due to Google stating that this list is not definitive). The Mobile Server does not need access to the internet.


Related Information

Safety is everything.