The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This guide provides the following topics:
Before you use the Remote Troubleshooter application, ensure that you have internet connectivity, with at least one of the following ports enabled for outgoing SSH connections: 22, 25, 53, 80, 443, and 4766.
This Cisco APIC-EM release supports the new Remote Troubleshooter application. This application uses the Cisco IronPort infrastructure to create a tunnel that enables a support engineer to connect to an APIC-EM cluster and troubleshoot issues with your system. The app uses outbound SSH to create a secure connection with the cluster through this tunnel.
As an administrator, you can use the Remote Troubleshooter application to control when a support engineer has access to a particular cluster and for how long (since a support engineer cannot establish a secure tunnel on their own). The app will indicate whenever a support engineer establishes a remote access session, and you can end a session at any time by disabling the tunnel they are using.
By default, a technical support tunnel remains open for 24 hours, but you can extend its duration beyond 24 hours (if necessary). However, we recommend that you or the support engineer close the tunnel as soon as all of the troubleshooting work is complete.
The following procedure describes how to enable the Remote Troubleshooter app and use it to manage access to a particular APIC-EM cluster: