A DropPoint is a Windows Service that is installed on to a Windows server or workstation in order to enable Flowgear to access data sources that are not exposed to the Internet.
The DropPoint creates creates a secured connection between our Cloud environment and a server which then enables integration requests to be routed through it.
DropPoints should be used to integrate on-premise applications and services.
To make use of a DropPoint, select it in the Flowgear Connection for the on-premise application or service.
Installation & Registration
You can download a DropPoint from the DropPoints pane in the Flowgear Console by clicking the '+' icon. Use the 64bit installer unless the Connector that you need to route through the DropPoint specifically advises that you use 32bit.
Once installed, you can launch the DropPoint from the start menu. Sign in with your Flowgear credentials and then select the Site you would like to register the DropPoint to. You will then be able to use the DropPoint on any Connection within that Site.
Your Flowgear credentials are not stored at the DropPoint and the DropPoint does not use these credentials once it has been registered.
Renaming a DropPoint
To rename a DropPoint, launch the DropPoint app from the Start menu, click
Identity and specify a new name, then click
Update. Click the
Register tab and re-register the DropPoint against each Site it is used within.
Upgrading an existing DropPoint
Warning: Before upgrading a DropPoint in production use, ensure the appropriate .NET framework version is installed on the server. Although the DropPoint installer will handle installation of the required .NET framework version, it is recommended that any .NET framework installation is done outside of business hours to ensure there is no disruption should a server restart be required. The current .NET framework version required by the DropPoint is 4.6.1
Don't upgrade a DropPoint while it is busy processing production workloads.
You can upgrade a DropPoint manually by uninstalling the current version and re-installing the latest version from the Console.
You can upgrade a DropPoint remotely by locating it in the DropPoints Pane.
☐button at the bottom of the Pane to add checkboxes to the DropPoints
Select the DropPoint you want to upgrade
↑button to commence upgrade.
Warning: Remote upgrades may fail if connectivity is lost or if the filesystem or user account permissions have changed since the last time the DropPoint was started.
Running Multiple DropPoint Instances on the Same Machine
It is possible to run multiple DropPoint instances on a single machine. The steps for configuring this are shown at 13:21 in our video on the DropPoint Security help article page.
DropPoints create an outbound HTTPS connection (using TLS 1.2) in to our Cloud environment. Once the connection has been established, it is upgraded to WebSockets over HTTPS and will also be able to connect through most proxy servers.
Because this session is identical to browsing a secure website, there is seldom any need to modify firewall rules.
All data sent across the DropPoint transport is compressed (10:1 compression ratios are typically achieved) and an application-layer package validation transparently handles re-transmits of unacknowledged packets. This also means that data is re-transmitted following a disruption in connectivity, provided the DropPoint Timeout and Timeout on the relevant Connection is high enough.
DropPoints are initially registered to one or more Flowgear Sites via a user account. Note that the user account is for an initial validation only and the DropPoint does not hold on to the credentials of the user.
We strongly recommend that the DropPoint is configured to use a client-side certificate. Once this is in place, it is not possible for an actor to impersonate a DropPoint unless they are in possession of the client side certificate. For more information about client-side certificates, see DropPoint Security.
Supported Operating Systems:
Windows Server 2008 (not recommended)
Windows Server 2012 or later
Windows 8 or later
Cloned Virtual Machines
The DropPoint identity is retained in a file on the machine it's installed on. When a virtual machine is cloned, the DropPoint on both the original and the clone will identify as the same DropPoint which will cause transactions to route unpredictably. To prevent this problem, follow these steps:
Stop and disable the DropPoint service on the original machine
After cloning the machine, re-enable and start the DropPoint service on the original machine
On the cloned machine, delete the config.xml file in %ProgramData%\Flowgear\FlowgearDropPoint or %ProgramData%Flowgear\FlowgearDropPoint (x86)
Re-enable the DropPoint service
Launch the Flowgear DropPoint and register a new DropPoint (a new config.xml file will be generated)
A 32bit version of the DropPoint is available to support integration with applications that run in a 32bit environment (eg. SYSPRO). In all other scenarios, the 64bit version should be used.
When to use a DropPoint
The data source (such as an SQL database) is not exposed through the company firewall to the Internet
The Node being used requires a DropPoint
The API for the service or product being integrated is not a web API (eg. COM)
The required data source is exposed to the Internet but not in a secured manner (eg. exposed as HTTP and not HTTPS).
When registering a DropPoint, you may receive the error
You do not have permission to register this DropPoint. This error occurs if the DropPoint is already registered into a different Flowgear Site and the user who is attempting to register the DropPoint does not have administrative permissions on to the other Site.
To resolve this, ensure that the user account you are using to register the DropPoint has administrative permissions on all other Sites in to which the DropPoint is already registered.
The first step in troubleshooting connectivity is to make sure you have the latest DropPoint version. This can be downloaded from the DropPoints page in the Flowgear console.
Flowgear DropPoints require access to Flowgear's REST API at https://api.flowgear.net.
Depending on where the DropPoint and Site are registered, other API endpoints may be accessed. To determine the endpoint needed for your Site, sign in to Flowgear and click on your Site name in the left-hand panel, then Edit this Site. Under the Pod label, look at the Pod number shown. For example, if you see Europe (Pod 3), then the DropPoint needs to be able to connect to https://api.flowgear.net and https://api3.flowgear.net.
If the DropPoint is unable to connect to Flowgear, first check whether you are able to access one of these URL's in a browser from the same machine.
The DropPoint application/service uses port 443 to communicate to Flowgear. Please ensure that this port is open to the DropPoint.
DropPoint Activity Logs
If the DropPoint is the latest version and you are able to access the REST API, the next step is to review review the DropPoint log file (located in %ProgramFiles%\Flowgear\Flowgear DropPoint or %ProgramFiles(x86)%\Flowgear\Flowgear DropPoint) to determine whether there is a connectivity issue. The file is named activityLog.txt.
Named User Accounts
If you are able to access the endpoint in a browser but the DropPoint is not able to, try running the DropPoint under a named user account. If this resolves the problem, consider whether a firewall could be blocking access based on user account.
A simple way to determine your user account name is by opening Powershell and typing in the command "whoami".
User Accounts Permissions
Named user accounts running DropPoint services must be granted Read/Write permissions for the %ProgramFiles%\Flowgear folder or in the case of 32-bit DropPoints, the (x86) equivalent.
Additionally, the user account must have read permissions on the private key used by the DropPoint. The private key read permissions can be set as follows:
Open up the run prompt <Windows + R> and enter certlm.msc
Identify the certificate ID you are using in the DropPoint application.
Follow the images below to grant read permissions:
Note: Both of the aforementioned permissions must be granted from an administrator account.
Unable to register site: You do not have permission to register this DropPoint
This error means that the DropPoint is registered on a site where the user who is trying to register the DropPoint does not have administrator access.
If you have worked through the above Troubleshooting sections and are still unable to get the DropPoint running, please reach out to our Support team, who will assist further.
As of V4, Flowgear DropPoints use WebSockets for communication and is secured over HTTPS. Additionally, all data is compressed and application-level transaction chunking and acknowledgement is applied enabling recovery of data when Internet connectivity has been disrupted.