Cisco Terminal Services (TS) Agent Guide, Version 1.4

PDF

Configure the TS Agent

Updated: February 24, 2026

Want to summarize with AI?

Log in

Overview

Configure the TS Agent to connect with a Cloud-Delivered Firewall Management Center or On-Prem Firewall Management Center, synchronize server time, and test the REST API connection to support secure user monitoring and seamless integration.

Use the TS Agent interface to configure the TS Agent. You must save your changes and reboot the server for your changes to take effect.

Before you begin

  • If you are connecting to the Cloud-Delivered Firewall Management Center or On-Prem Firewall Management Center, configure and enable one or more Active Directory realms targeting the users your server is monitoring, as described in the Cisco Secure Firewall Management Center Device Configuration Guide.

  • If you are connecting to an On-Prem Firewall Management Center, configure a user account with REST VDI privileges.

    You must create the REST VDI role in the Firepower Management Center as discussed in Creating the REST VDI Role.

  • If you are already connected to the Cloud-Delivered Firewall Management Center or On-Prem Firewall Management Center and you are updating your TS Agent configuration to connect to a different Cloud-Delivered Firewall Management Center or On-Prem Firewall Management Center, you must end all current user sessions before saving the new configuration. For more information, see Ending a Current User Session .

  • Synchronize the time on your TS Agent server with the time on your Cloud-Delivered Firewall Management Center or On-Prem Firewall Management Center.

  • Cloud-Delivered Firewall Management Center only, get an API token as discussed in Get an API Token

  • Review and understand the configuration fields, as described in TS Agent Configuration Fields.

Procedure

1.

On the server where you installed the TS Agent, start the TS Agent as described in Start the TS Agent Configuration Interface.

2.

Click the Configure tab.

3.

Cloud-Delivered Firewall Management Center only: Click the Cloud tab at the bottom of the page.
4.

On-Prem Firewall Management Center only: Click the On-Prem tab tab at the bottom of the page.

5.

See TS Agent Configuration Fields.
6.

After you have configured the TS Agent, click Test to test the REST API connection between the TS Agent and the system.

If you have a primary and secondary On-Prem Firewall Management Center configured, the test connection to the secondary fails. This is expected behavior. The TS Agent communicates with the active On-Prem Firewall Management Center at all times. If the primary fails over and becomes the inactive On-Prem Firewall Management Center, the TS Agent communicates with the secondary (now active) On-Prem Firewall Management Center.
7.

Click Save and confirm that you want to reboot the server.