Cisco Cisco Web Security Appliance S670 Troubleshooting Guide
How do I provide Cisco TAC with remote access or
support tunnel to a Cisco Email or Web Security
Appliance?
support tunnel to a Cisco Email or Web Security
Appliance?
Document ID: 118485
Contributed by Jerry Orona and Siddharth Rajpathak, Cisco TAC
Engineers.
Engineers.
Oct 14, 2014
Contents
Question
Environment
From the CLI
From the GUI
Environment
From the CLI
From the GUI
Question
How do I provide Cisco TAC with remote access or support tunnel to a Cisco Email or Web Security
Appliance?
Appliance?
Environment
Cisco Email Security Appliance (ESA), Cisco Web Security Appliance(WSA)
The Cisco Email / Web Security Appliances can utilize a secure SSH tunnel in order to allow Cisco TAC to
gain access to the appliances' operating system. By default, the appliance does not allow this type of
connection (meaning remote access is disabled by default).
gain access to the appliances' operating system. By default, the appliance does not allow this type of
connection (meaning remote access is disabled by default).
You can enable this via the CLI or the GUI. Please see the instructions below:
From the CLI
ESA.example.com> techsupport
Service Access currently disabled.
Serial Number: <S/N of the appliance>
Choose the operation you want to perform:
SSHACCESS − Allow a customer service representative to remotely access your system,
without establishing a tunnel.
without establishing a tunnel.
•
TUNNEL − Allow a customer service representative to remotely access your system,
and establish a secure tunnel for communication.
and establish a secure tunnel for communication.
•
STATUS − Display the current techsupport status.
[]> tunnel
[]> tunnel
•