Cisco Secure Equipment Access Quick Start Guide for Industrial Routers

Configure remote sessions

Updated: June 13, 2025

Want to summarize with AI?

Overview

Set up remote sessions using Quick Wizard.

Set up OT sessions using Secure Equipment Access (SEA) so authorized users can manage operational technology (OT) assets remotely.

Authorized users can access and manage remote OT devices with improved operational efficiency.

Before you begin

SEA Agent must be installed on the industrial router associated with the OT assets you want to manage.
Requested access control groups must be created.

Procedure

	1.	Navigate to Secure Equipment Access > Quick Wizard.
	2.	Under Connect to Asset, click Start Configuration. All network devices onboarded to the IoT Operations Dashboard appear in the Select Network Device area.
	3.	In the Select Network Device area, select a industrial router from the list and then click Next.
	4.	To configure an OT asset, in the Configure Connected Asset area, enter the required details, and click Next.
	5.	To configure an access method, complete these steps: Select an access method from the Choose Access Method drop-down list. An SEA user can access the asset using the access method you select. The available options are RDP, SSH, Telnet, VNC, and Web App. Depending on the access method you select, additional fields are populated. Select an access control group from the Assign to an Access Control Group drop-down list and click Finish. Only users who are added to the access control group can remotely access the assets within the group.
	6.	To test the remote connection, click Test Access Method, then click Done.

The configured remote sessions appear on the Remote Sessions page.

What to do next

If the test fails, perform the following troubleshooting steps before proceeding:

Verify Agent Status: Ensure the SEA Agent on the industrial router or IE switch is Online and has a stable connection to the IoT Operations Dashboard.
Check Asset Connectivity: Confirm the industrial router can "ping" or reach the OT asset's IP address within the local network.
Validate Port Settings: Ensure the port associated with your chosen access method (e.g., Port 3389 for RDP, Port 22 for SSH) is open on the OT asset and not blocked by a local firewall.

Need help?

Open a support case

(Requires a Cisco Service Contract)

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.