PDF(6.9 KB) View with Adobe Reader on a variety of devices
ePub(75.0 KB) View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle)(69.7 KB) View on Kindle device or Kindle app on multiple devices
Updated:October 17, 2017
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This document describes how to use the enablediag user to connect and administer a Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), or Cisco Security Management Appliance (SMA).
Enable service account on the ESA/WSA/SMA
The ESA, WSA, and SMA have a service account named enablediag. This account is usually accessed via the the appliance using the serial console, but can also be accessed via standard SSH access to the appliance. This account can be used in the event that an appliance is not accessible remotely. Use of accessing the appliance via enablediag is usually done in conjunction with Cisco Support and an open support case.
In order to use, enter enablediag at the console login prompt for the login and use the appliance's admin password.
The enablediag user has several options that may also be used to resolve issues, including the ability to enable service access or re-configure the management interface. Below is an example of what is displayed when logging in with enablediag:
login: enablediag Password: Last login: Tue Jul 28 13:59:23 2015 from 192.168.42.43 AsyncOS 9.7.0 for Cisco C100V build 041
Welcome to the Cisco C100V Email Security Virtual Appliance
Available Commands: help -- View this text. quit -- Log out. service -- Enable or disable access to the service system. network -- Perform emergency configuration of the diagnostic network interface. clearnet -- Resets configuration of the diagnostic network interface. ssh -- Configure emergency SSH daemon on the diagnostic network interface. clearssh -- Stop emergency SSH daemon on the diagnostic network interface. tunnel -- Start up tech support tunnel to IronPort. print -- Print status of the diagnostic network interface. reboot -- Reboot the appliance.
S/N 564D4A052936E4280000-BA98DA08AAAA Service Access currently ENABLED (0 current service logins)
Note: If you are opening a support tunnel to the appliance via this method, please be sure to provide the full serial number presented to your Cisco Support Engineer.