====== Administration page ======

The Administration page is controlling many administrative functions of the Internet Gate.

===== Backup/Restore Settings =====
By saving the settings to a [[settings_and_administration:backup_files|backup file]] on your computer you will have a good backup. Should you loose your settings you can later restore from that file.

:!: Do a backup of your settings **now**. Yes now. You never know when you need them later.

**Backup to file** - Save unit's settings to a [[settings_and_administration:backup_files|backup file]] on your PC.

**Restore from file** - Get settings from a [[settings_and_administration:backup_files|backup file]], previously stored with "Backup to file".

<if ver gt 5.31 or !is_box>
**Password** - Enter any password to encrypt entire backup file, to be able to load it into other units. See [[Administration Page#Encryption]] below.
</if>

{{ :web_gui:administration_page.png?255|Administration page in rel 5.30}}

<if ver lt 5.32>
:!: You **must** perform a **reset to factory defaults** before restoring backup from file, and **save permanently** and **reboot** afterwards! Correct sequence for a restore:
  - Open Administration page from [[main menu]]
  - Click Factory Reset at bottom of page
  - After unit has rebooted reopen Administration page again
  - Select file to restore settings from and click Go
  - After file has been loaded click Save permanently at top of page
  - After save permanently has finished (no more rotating bars in unit's front panel display) turn power off and then on again
</if>

==== Encryption ====
Starting from firmware release 5.32 passwords in the backup file are encrypted for safety reasons.

<if ver lt 5.32>
| :!: Your Internet Gate uses older firmware, without encryption. This description is thus not applicable to it |
</if>

The encryption key is unique for each unit. Therefore you must consider where you want to use your settings:
  * A backup file saved **without password** can only be restored back to the same unit. Loading such a backup file into some other unit will load all configuration except the passwords.
  * A backup file saved **with password** can be restored back to any unit, provided you enter the same password when restoring it.
Thus you need to enter a password to create backup files loadable into other units. Backup files created with password are entirely encrypted and are not human readable.

You cannot read back a backup file created with firmware release 5.32 or higher into a unit with firmware release 5.31 or lower or vice versa.
=====  =====
Read more about backup files [[settings_and_administration:backup_files|here]].

===== Debug =====
If an error occurs [[settings and administration:debug file|debug information]] is collected automatically in the Internet Gate.

Using the Administrator page you can save collected debug information to PC file or report it to support.

**Description** - Type a short text here about the error you have encountered, what you tried to do and what happened instead.

If no debug information has been collected a **Collect debug info now** button is shown. If debug information //has// ben collected a **Save to file** button is shown instead.

:!: You **must wait 20 seconds** after clicking "Save to file" button before the "Save to file" window opens. Exporting the debug information is a slow process. **Do not do anything** during that time. Only after you have saved the file to your PC may you refresh the page and continue working.

==== Report errors ====
You can send debug files to product support either manually or automatically. Reporting your problems might help correcting functionality of future firmware releases.

=== Manually ===
Save to file, then e-mail that debug-file, with an error description, to technical support of the Internet Gate. Consult the documentation delivered with your unit for e-mail address to send error reports to.

=== Semi-automatically ===
If you have specified an SMTP server on the [[e-mail page]] you can report errors to the manufacturer of it directly. Fill in the description field about the error you have encountered, and click **Send Report**. Your Internet Gate will e-mail the error report by itself.

:!: You **must wait 30 seconds** after clicking "Send Report" button. Error reporting is a slow process. **Do not do anything** during that time.

:!: As reporting is anonymous you can not get any answer back from the manufacturer.

=== Fully automatically ===
If you have specified an SMTP server on the [[e-mail page]] you can configure Internet Gate to send error reports to the manufacturer of it fully automatically. As soon as debug info has been collected it is sent to the manufacturer.

Enable checkboxes:

**Debug files** - if any debug information has been collected manually (using button on Administration page or unit's front panel) it is automatically e-mailed to the manufacturer.

** Exception files** - if any debug information has been collected automatically (certain malfunctions are detected by the unit itself resulting in automatic reboot) it is e-mailed to the manufacturer.

===== Passwords and User Access Rights =====
To be allowed to access the [[web GUI:start|configuration webpages]] you must log in using a password.

When delivered from factory Internet Gate has one user definied: **admin**, with password **admin**.
^ :!: SECURITY RISK! ^
| You are **strongly recommended** to change user admin's password to a password known only by you immediately after unpacking the unit! |

The admin user can add additional users, with any name desired, and any passwords. Other users can only change their own password (rest of the fields are not visible for them).

==== Allow/Deny pages ====
The admin user can determine what [[web GUI:main menu|configuration webpages]] other users are allowed to access. You can enter either what pages they are //not// allowed to access, or specify exactly what pages they are allowed to access. Access means both view and edit settings.

Multiple pages can be specified, comma-separated. The page names are as in the page URL, without the .html ending.\\ 
For example **"if,adsl,admin"** prohibits the user from visiting the configuration pages if.html ([[Network page]]), adsl.html ([[ADSL page]]), and admin.html (the [[Administration page]]). She is allowed to see all other webpages but those. The prohibited pages are removed from the [[main menu]] and the dropdown menu bar too.

Some pages have special **subpages**, parts of the page that can be allowed access to separately.\\
Specifying "if:wan" the user is allowed to see the whole [[web GUI:Network page|Network config page]], but is only able to edit the LAN interfaces.\\
"profile:Hi", "profile:Lo" and "profile:AC" prohibits the user to edit those security profiles, but is allowed to edit others.\\
"netstat:ava" hides the advanced Network Status page (but user can still view the normal Network Status page).

If you want the user to only see just a few configuration webpages then it is too difficult to enter prohibited pages. Then you can start the list with **"allow:"** and instead specify the list of configuration pages the user is //allowed// to access.\\
For example "allow:frontpage,if,adsl,admin" allows the user to access only those configuration pages, but no other. (Remember to include frontpage to allow users access to the main menu page!)

Some special webpages control certain activities. You can allow/deny those webpages to allow/deny user to perform such tasks:
  * webpage "saveperm" allows user to save permanently
  * webpage "logoff" allows user to log off (return to login page and enter new username)
So for example you must explicitly specify "allow:frontpage,if,adsl,//saveperm//" to allow user to save permanently her changes.

The admin user is always allowed to access all configuration webpages.

===== Language =====
Select the language used on the configuration webpages. You can currently select between:
  * English
  * Svenska (Swedish)
  * Deutsch (German)

Select the language of your preference and click "Change".

===== Time =====
The Internet Gate uses SNTP to obtain current date and exact time from [[wp>SNTP]] servers.

SNTP servers however deliver time in [[wp>Greenwich Mean Time]]. If you live in another [[wp>time zone]] you need to select the correct **time zone** from the dropdown list.

If you specify an **SNTP server** time will be fetched from that server. If you leave the field empty time will be fetched from a random SNTP server from [[http://www.pool.ntp.org/en/|pool.ntp.org]].

===== Front Panel Buttons =====
You can disable certain functions of the unit's front panel buttons to limit what users can do.

==== ALT button ====
The ALT button is used to change between [[firewall:security profiles]], and open up the unit for [[remote config]]. You can disable those actions here.

Disabling **Outside access** disables [[remote config]].

Disabling a **Security profile** skips that profile when sequencing through profiles using the ALT button. (Profile is however still selectable through web GUI.) E.g. disabling "AC" and "blo" makes ALT button presses only cycle between "Hi" and "Lo".

All four profiles disabled disables the possibility to change security profile using the ALT button altogether.

==== SEL button ====
Holding SEL button pressed for 10 seconds enables/disables the unit's [[:wireless:start|Wireless Access Point]].
You can disable that action here.

==== SET button ====
<if ver lt 5.32>
//(Not available in releases prior 5.32)//
</if>
Holding SET button pressed for 5 seconds enters [[settings_and_administration:front_panel_configuration|setup mode]], there user can view and edit the unit's configuration.

By default both view and edit are enabled, allowed. Disabling edit stops user from selecting CFG, DHP and RST in the 
[[settings_and_administration:front_panel_configuration|setup mode]]. Disabling view stops user from selecting AD. Disabling both edit and view stops user from entering [[settings_and_administration:front_panel_configuration|setup mode]] at all.

===== SNMP =====
Certain configuration parameters can be monitored and/or edited using an [[:settings and administration:SNMP]] server.

  * **Read-only access** - parameters can only be read but not edited.
  * **Read-write access** - parameters can both be read and edited.
  * **Community** - the SNMP community of the connection. Community must be set to same password on both SNMP server and this unit.
  * **IP address** - if specified only SNMP requests from that address are accepted. If left empty all SNMP requests, regardless of what SNMP server they originate from, are accepted and answered.

:!: In order to use SNMP you also must open up the firewall to allow reception of SNMP requests. Go to the currently active [[security profile]] page and enable either "Remote configuration (SNMP)" for remote WAN access, or "Administration (SNMP)" for local LAN access.

Read more about SNMP [[:settings and administration:SNMP|here]] and on [[wp>SNMP|Wikipedia]].

===== WAN Access Setup (Operator Selection) =====
**Setup for operator/service:** Preconfigured settings, "profiles", suitable for listed operators. 
Select name as instructed by your Internet (or other service) provider and click "Apply" to reconfigure your unit.\\
:!: Your settings will be lost (unless checking the **Keep other settings** checkbox, see below).

**Firewall/SIParator** Select the operating mode that the unit shall use, see also [[:network:operational modes|operational mode]].

**Last selected: ** This reports the "profile" that was last selected.\\
:!: A [[#Factory Reset|factory reset]] action by the button on this page will return to this profile (after cleaning settings done by the user manually). However, see the explanation of the [[#Factory Reset|Also reset operator selection]] checkbox.\\
:!: This is not a statement that //all// settings currently reflect the ones typical to the profile, some may have been changed by the user manually (or by a remote configuration system) after the selection once was made.

**Keep other settings**
  * Unchecked: A necessary factory reset is executed before the selected profile settings are written. This typically leads to a two stage procedure, the unit restarts twice.
  * Checked: All current settings are kept, the WAN access settings are merely imposed upon the present configuration. In some cases this may lead to conflicts.
:!: Avoid checking this box if you are not an advanced user. 

===== Scheduler =====
Using the [[scheduler]] you can automatically alter the configuration of your Internet Gate depending on the time of day.

===== New bootloader =====
If you see a message about there is a new bootloader then the firmware you have currently installed contain a newer bootloader image than the bootloader installed in your unit. By clicking Install you replace the old bootloader in your unit with the new one in the firmware.

:!: Extremely dangerous. Do not turn power off while the new bootloader is being installed (rotating bars in display) as then your unit will become damaged beyond repair!

===== Reboot =====

Click the "Reboot" button to restart the unit. Same behaviour as turning power off and then on again.

:!: Changes not [[settings and administration:apply and save permanently|saved permanently]] will be lost!

===== Save Permanently =====

To ensure your settings survive power off you must save them [[settings and administration:apply and save permanently|permanently]].

Click the "Save Permanently" button to save made changes permanently so they survive power off. The button has the same effect as the "Click here to save permanently" message appearing at top of each page when you have unsaved changes.

===== Factory Reset =====

Performing a factory reset (also called "reset to factory defaults") changes all settings in the unit to the same values they had when unit was delivered from factory. 
Your configurations are deleted. However, any profile that has been chosen under [[#WAN Access Setup (Operator Selection)|"WAN Access Setup (Operator Selection)"]] will be kept, along with its typical settings.

**Also reset operator selection** Check this box if you have chosen any profile under [[#WAN Access Setup (Operator Selection)|"WAN Access Setup (Operator Selection)"]] that you don't want to keep (check the "Last selected:" text), but instead you want to return to the settings as delivered (some units may have a special WAN access profile already at delivery). 
Then click **Factory Reset**.