In access control you can add administrators for the gateway. The person logging on will have access to certain parts of the system depending on the username that they log on with. In this section you can choose how users can authenticate.
Note: The LDAP configuration should be done in Periphery - LDAP settings.
This is a list of internal administrators. You can add an administrator by clicking the add icon. To change or delete an administrator you can use the commands in the action column. There are two different administrators, regular administrators and POS users:
These users will have access to the normal interface and all pages which are selected in their profile. To enable all pages you can simply use the superuser checkbox.
POS users have a limited login, they can only add users and manage their own created user profiles. When a POS administrator creates an account, a ticket will automatically be opened in a popup so that this can be printed. You can configure the type, billing packages, required fields, pos content and rights of a POS user by clicking the add button and enabling the POS checkbox. It's also possible to link an administrator to a group profile. The rights of the group profile will then be triggered instead of the rights of the individual users.
Administrator groups contain a preconfiguration for an admin account. When an admin account is linked to a group it will take over the group properties, this makes it is easy to quickly add an
administrator based on a group. These groups are also used to link LDAP administrators to their properties (see LDAP rules).
This is a list of users that connected with the LDAP plugin.
The factory reset module allow you to reset the HSMX to factory standard. The factory reset can be done partially so for example if you do the factory reset you do not lose IP connectivity after the reset.
To change the language, click on the language of your choice. The gateway gives you the ability to create your own language, every page can be translated separately which makes it possible to just translate the pages that you need and leave everything else standard (English). To enable this feature you have to enable the language update.
If you enable this functionality a globe will appear on every page in the actions menu. You can also go directly to the translation page by clicking on the language name.
On this page you can see the license and the enabled modules. It is possible to request a 30day demo automatically by clicking the link next to the module you want to demo. In case you bought a module or user upgrade, you need to renew your license. Just press the “get license key” button to get your license key.
Enter license key manually, is only needed when support gave you a big license string to recover your license because no access to our license server is possible.
Here you can update the layout of the admin login screen of the gateway. You can also add a partner image (jpg only) that will be shown above the login box.
The performance module of the HSMX allows you to tweak system services / settings to achieve better performance. The defaults provided are fine in almost any case but in some circumstances (very large
networks / many portal redirects) some of these settings can be changed to achieve better response times.
In this section you can tweak settings related to the portal redirect. The portal redirect is one of the most CPU intensive tasks there is, mainly because it gets bombarded with queries. Each HTTP request from a pending client is forwarded to the portal, this section is really important if you have many devices in your network that are pending (not logged in). The problem is that 90% of the redirects are generated by background services; not clients opening their browser. All these background services create HTTP requests to update a service on the Internet. Some examples of these services are virus scanner updates, OS updates, toolbars, viruses, social media apps, … Disabling unneeded services can help deal with the large number of portal redirects.
Here you can tweak the web server settings, this is also important when the system is put under load with many portal redirects. If the system becomes too slow it may be needed to set the max server processes to a lower value, this means the web server will accept fewer connections. But setting it too low may cause the web server to respond slowly because all connections are used up before the CPU hits 100%. Best to check CPU load before changing this setting (system ⇒ task manager). The keep alive and max server processes setting also have a big impact on the HSMX gateway. Keep alive means that a connection is kept open to transfer multiple files quicker rather than opening a new connection for each file. When there is no load, keep alive can speed up portal display. Just make sure that you also increase the
max server processes because much more connections will be open all the time. When the system is under a lot of load by many pending users, it is recommended to disable the keep alive because almost 90% of the redirects are background services, they will use up all the available connections because they are kept open for as long as the keep alive timeout.
You can tweak the memory consumption and the amount of connections that can be setup to the database. Giving the database more resources can be interesting when the user database becomes big. It is possible to verify memory usage of the system via the health widget in the home screen. Based on this information it is possible to give the database more memory. Do this only when the system becomes slow.
In this section you can change the upload file size. if you have to upload large portal pages or large system backups it may be needed to increase these values.
Here you can tweak settings related to TCP/IP handling. Only change these values when you know what they mean or when instructed by support. When using multiple public IP addresses for NAT, it is recommended to increase the nf_conntrack_max value to 64000 times the amount of public IP addresses.
In this section you can adjust the content filter (if licensed). It's best to increase the amount of maxchildren to the amount of licensed subscribers. Maintain roughly the same ratio between the values as they had with their default values.
This are the settings the system will use to send e-mails (welcome e-mails, status alerts…). SMS settings have their own SMTP settings.
Sends a status of the system health in case the system went changed state (healthy/unhealthy). A threshold can be configured so the gateway will only send an e-mail when the device has the same critical/warning status a few times in a row.
Some features have been replaced by other functionalities. You can hide all depreciated features by disabling this feature. Some replaced features are:
The web management interface will throw a message if it doesn't detect any activity from the logged in administrator. The administrator will then be logged out after 10 seconds if he chooses to ignore the message.
Show the submenu based on hover or click.
System backup is a set of tools to backup / restore / clean (log files) / remote backup the system.
The gateway can perform an automated backup on the requested interval. The gateway doesn't store more than ten backups, older ones will be removed. If a FTP server is configured, you can upload the backup to the external FTP and choose how many backups are kept. By clicking the backup now, the system will start to backup right now.
The second tab 'backups' provides an overview of previously made backups. You can download the backup file, choose to restore the system or delete it. It's possible to upload a backup file and restore the system state from there, very useful when doing a rollback or system upgrade.
In log handling you can clear out older log files. Log files are stored in a archived format (for download) and in a text format for review via the GUI. The log files in text format take up a lot of space so it is important to remove the log files regularly (e.g. every 4 weeks). The log archives can be stored a bit longer but should eventually also be removed. There is always the option to upload the log files to an external FTP server.
In case you want to upload your backup to an external FTP server configure a FTP location.
The upload log is useful to make sure the backup is successfully performed. Since 5.1.09 the upload-log was merged into the general log under Tools > Logging > Syslog.
When an update is available, the system will prompt the user about the upgrade when the administrator logs in. To check manually, go to system ⇒ updates and click check updates now. When an update is available, click on install and the new firmware will be installed (it is never a wrong idea to take a backup beforehand).
The gateway syncs with NTP time servers to keep the time up to date. Enter the correct time-servers, timezone and apply to confirm and synchronize the time.