proxmox/docs/04-configuration/OMADA_CONNECTION_STATUS.md

Omada Controller Connection Status

Last Updated: 2025-01-20
Status: ✅ Connected & Authenticated

---

Connection Summary

✅ Controller Accessible: https://192.168.11.8:8043
✅ Authentication: Successful with admin credentials
✅ Credentials Configured: Admin username/password in ~/.env

---

Current Configuration

Controller Details

• URL: https://192.168.11.8:8043
• Site ID: 090862bebcb1997bb263eea9364957fe
• Admin Username: tp-link_admin
• Admin Password: L@ker$2010 (configured in ~/.env)
• SSL Verification: Disabled (self-signed certificate)

Environment Variables (~/.env)

OMADA_CONTROLLER_URL=https://192.168.11.8:8043
OMADA_ADMIN_USERNAME=tp-link_admin
OMADA_ADMIN_PASSWORD=L@ker$2010
OMADA_SITE_ID=090862bebcb1997bb263eea9364957fe
OMADA_VERIFY_SSL=false

---

Authentication Status

✅ Login Endpoint: /api/v2/login
✅ Token Generation: Working
✅ Authentication Method: Admin username/password

Test Result:

{
  "errorCode": 0,
  "msg": "Log in successfully.",
  "result": {
    "omadacId": "090862bebcb1997bb263eea9364957fe",
    "token": "<token>"
  }
}

---

API Access Methods

Option 1: Web Interface (Recommended)

URL: https://192.168.11.8:8043

Steps:

1. Open browser and navigate to the URL above
2. Accept the SSL certificate warning (self-signed certificate)
3. Login with:
   • Username: tp-link_admin
   • Password: L@ker$2010

From the web interface, you can:

• View all devices (routers, switches, access points)
• Check device adoption status
• View and configure VLANs
• Manage network settings
• Export configurations
• Monitor device status and statistics

Option 2: API Access (Limited)

Status: Authentication works, but API endpoints return redirects

Working:

• ✅ /api/v2/login - Authentication endpoint
• ✅ Token generation

Redirects/Issues:

• ⚠️ /api/v2/sites - Returns 302 redirect
• ⚠️ /api/v2/sites/{siteId}/devices - Returns 302 redirect
• ⚠️ /api/v2/sites/{siteId}/vlans - Returns 302 redirect

Possible Causes:

1. API endpoints may require different URL structure
2. Token authentication may need different format/headers
3. Some endpoints may only be accessible via web interface
4. API version differences

Note: The redirect location includes the site ID: /090862bebcb1997bb263eea9364957fe/login, suggesting the API might use the site ID in the URL path.

---

Next Steps

Immediate Actions

1. Access Web Interface

   • Open https://192.168.11.8:8043 in browser
   • Login with credentials above
   • Document actual device inventory (routers, switches)
   • Document current VLAN configuration
   • Document device adoption status

2. Verify Hardware Inventory

   • Check if ER605-A and ER605-B are adopted
   • Check if ES216G switches (1, 2, 3) are adopted
   • Document device names, IPs, and firmware versions

3. Document Current Configuration

   • Export router configuration
   • Export switch configurations
   • Document VLAN setup (if any)
   • Document network settings

API Integration (Future)

1. Investigate API Structure

   • Check Omada Controller API documentation
   • Test different endpoint URL formats
   • Verify token usage in API requests
   • Consider using web interface for device queries until API structure is resolved

2. Update API Library

   • If API structure differs, update omada-api library
   • Fix endpoint URLs if needed
   • Update authentication/token handling if required

---

Test Scripts

Direct Connection Test

cd /home/intlc/projects/proxmox
node test-omada-direct.js

Status: ✅ Authentication successful
Output: Token generated, but API endpoints return redirects

Manual API Test (curl)

# Test login
curl -k -X POST https://192.168.11.8:8043/api/v2/login \
  -H "Content-Type: application/json" \
  -d '{"username":"tp-link_admin","password":"L@ker$2010"}'

Expected Response:

{
  "errorCode": 0,
  "msg": "Log in successfully.",
  "result": {
    "omadacId": "090862bebcb1997bb263eea9364957fe",
    "token": "<token>"
  }
}

---

Security Notes

1. Credentials: Admin credentials are stored in ~/.env (local file, not in git)
2. SSL Certificate: Self-signed certificate in use (verification disabled)
3. Network Access: Controller accessible on local network (192.168.11.8)
4. Recommendation: For production, consider:
   • Using valid SSL certificates
   • Enabling SSL verification
   • Implementing OAuth/API keys instead of admin credentials
   • Restricting network access to controller

---

Related Documentation

• OMADA_HARDWARE_CONFIGURATION_REVIEW.md - Comprehensive hardware and configuration review
• OMADA_CONNECTION_GUIDE.md - Connection troubleshooting guide
• OMADA_API_SETUP.md - API integration setup guide
• ER605_ROUTER_CONFIGURATION.md - Router configuration guide

---

Document Status: Active
Connection Status: ✅ Connected
Authentication Status: ✅ Authenticated
API Access: ⚠️ Limited (redirects on endpoints)
Last Updated: 2025-01-20