I have a server that has some inbound IP restrictions for port 22 etc, is there an IP address I can whitelist for the Otto Console??
I have create an API key manually (as it failed from the setup form) and when trying to use it I am getting an error message
It is set to allow all to 80,443,5003
Just tried again from scratch
I can log into the Otto console, so all good there
Made an API key
Went to the OCC console to add the server.
It can see that it is 20.3.1 with Otto 4.06 installed
Give it a friendly name, and paste in the AdminAPI key from above, click connect and I get the above error
Restarted Otto, same result
Hi John,
The console only needs access over port 80/443.
You might be hitting an issue we are tracking with Admin sessions getting used up.
Could you try restarting the Admin Server?
Let us know what happens.
Thanks
Todd
Hey John,
I don’t think it is the Admin Sessions, since you restarted Otto with the same result. We are going to look in the logs a bit more. We’ll get back to you with some questions if we need to.
Todd
Hey John
It looks like Ottomatic can’t connect to the server. It could be something wrong with the SSL cert or it could be the FileMaker Server License is epxired. Any chance it is one of those.
Thanks
Tocd
SSL is valid till the summer, licence was renewed in about November 2023…
I might however have put an IP restriction on the admin console, but now I’m out of the office and about to head over to your side I can’t check anymore… .will circle back to this when I get back from Austin…
the error we are getting back suggest that we just can’t get to the server. So that could be it.
Todd
OK
I can confirm that if you have an IP restriction on your admin console then Otto can not see the server or connect to it. Turning off the restriction allows Otto console to connect to the admin console and so set up the server
Now it has connected I have turned the restriction back on, and will wait to see what happens when the admin key refreshes, for now it is functioning as expected.
I think that’s because we hit an admin api to ping your server. But once connected we may not need to do that again.
We need to look at this more.
Thanks
Todd
Once the token has died then the Console now shows that Server is not connected.
Because you are pinging that from an address which is not specifically allowed, then that will fail. Understand the issue, and on days when I am in the office (the only IP allowed - their InfoSec requirement) then I can just turn the restriction off easily enough, use Otto stuff of the day then put it back on.
Good to know where the edges are, maybe a line in the docs??
We investigated this further. White listing cuts off Ottomatic, and since Ottomatic runs on Lamda functions and other ethereal run times it doesn’t have a static IP Address that you can add to your white list. So at this time Ottomatic is not compatible with white listing.
We do have plan for addressing this with a couple of features that we will be adding to Ottomatic in the coming months.
We’ll update the docs.
Thanks
Todd
