Cisco Cisco Web Security Appliance S170 Guía Del Usuario
P A C K E T C A P T U R E
C H A P T E R 2 2 : S Y S T E M A D M I N I S T R A T I O N
491
Figure 22-2 Remote Access Page
By enabling Remote Access you are activating a special account used by IronPort Customer
Support for debugging and general access to the system. This is used by IronPort Customer
Support for tasks such as assisting customers in configuring their systems, understanding
configurations, and investigating problem reports. You can also use the
Support for debugging and general access to the system. This is used by IronPort Customer
Support for tasks such as assisting customers in configuring their systems, understanding
configurations, and investigating problem reports. You can also use the
techsupport
command in the CLI.
When enabling the “Secure Tunnel,” the appliance creates an SSH tunnel over the specified
port to the server upgrades.ironport.com. By default this connection is over port 443, which
will work in most environments. Once a connection is made to upgrades.ironport.com,
IronPort Customer Support is able to use the SSH tunnel to obtain access to the appliance. As
long as the connection over port 443 is allowed, this will bypass most firewall restrictions.
You can also use the
port to the server upgrades.ironport.com. By default this connection is over port 443, which
will work in most environments. Once a connection is made to upgrades.ironport.com,
IronPort Customer Support is able to use the SSH tunnel to obtain access to the appliance. As
long as the connection over port 443 is allowed, this will bypass most firewall restrictions.
You can also use the
techsupport tunnel
command in the CLI.
In both the “Remote Access” and “Tunnel” modes, a password is required. It is important to
understand that this is not the password that will be used to access the system. Once that
password and the system serial number are provided to your Customer Support
representative, a password used to access the appliance is generated.
understand that this is not the password that will be used to access the system. Once that
password and the system serial number are provided to your Customer Support
representative, a password used to access the appliance is generated.
Once the techsupport tunnel is enabled, it will remain connected to
upgrades.ironport.com
for 7 days. After 7 days, no new connections can be made using
the techsupport tunnel. If there are any existing connections using the tunnel after 7 days,
those connections will continue to exist and work. However, once those connections are
closed, they will not be able to open again because the techsupport tunnel will have closed
after 7 days. The timeout set on the SSH tunnel connection does not apply to the Remote
Access account; it will remain active until specifically deactivated.
those connections will continue to exist and work. However, once those connections are
closed, they will not be able to open again because the techsupport tunnel will have closed
after 7 days. The timeout set on the SSH tunnel connection does not apply to the Remote
Access account; it will remain active until specifically deactivated.
Packet Capture
Sometimes when you contact IronPort Customer Support with an issue, you may be asked to
provide insight into the network activity going into and out of the Web Security appliance.
The appliance provides the ability to intercept and display TCP/IP and other packets being
transmitted or received over the network to which the appliance is attached.
provide insight into the network activity going into and out of the Web Security appliance.
The appliance provides the ability to intercept and display TCP/IP and other packets being
transmitted or received over the network to which the appliance is attached.
You might want to run a packet capture to debug the network setup and to discover what
network traffic is reaching the appliance or leaving the appliance.
network traffic is reaching the appliance or leaving the appliance.