-
Cisco CallManager Serviceability System Guide, Release 4.0(1)
-
Preface
-
Introduction
-
Performance Objects and Counters
-
Cisco CallManager Services
-
Tools Overview
-
Service Activation
-
Control Center
-
Alarms
-
Trace
-
Real-Time Monitoring Tool
-
Quality Report Tool
-
Serviceability Reports Archive
-
Microsoft Performance
-
Bulk Trace Analysis
-
CDR Analysis and Reporting
-
Remote Serviceability Overview
-
Cisco Secure Telnet
-
Show Command Line Interface
-
Simple Network Management Protocol
-
CiscoWorks2000
-
Path Analysis
-
System Log Management
-
Cisco Discovery Protocol Support
-
Cisco CallManager Performance Counters, RTMT, and CISCO-CCM-MIB
-
Trace Examples
-
Performance Objects and Counters
-
Index
-
Feedback
Table Of Contents
Cisco Secure Telnet Configuration Checklist
Where to Find More Information
Cisco Secure Telnet
This chapter provides information about Cisco Secure Telnet and contains the following topics:
•
Cisco Secure Telnet Structure
•
Cisco Secure Telnet offers Cisco Service Engineers (CSE) transparent firewall access to Cisco CallManager servers on your site.
Cisco Secure Telnet works by enabling a Telnet client inside the Cisco Systems firewall to connect to a Telnet daemon behind your firewall. This secure connection allows remote monitoring and maintenance of your Cisco CallManager servers without requiring firewall modifications.
Note
System Design
The Cisco Secure Telnet system design provides the basis for communication with any Cisco CallManager installations on your site.
These paragraphs describe each component and application, along with a scenario outlining how you can use them.
Remote Access Methodology
CSEs can use techniques other than Cisco Secure Telnet to provide remote connectivity to a customer site, but using other methods may impose unacceptable conditions.
Dial-in access requires installation of a dedicated phone line and modem at your site, so dial-in access may be impractical. Using Telnet directly can establish a TCP/IP connection, but it requires opening your firewall, which can compromise security and cause delays in service.
Firewall Protection
Virtually all internal networks use firewall applications to restrict outside access to internal host systems. These applications protect your network by restricting IP connections between the network and the public internet.
Firewalls work by automatically blocking TCP/IP connections that are initiated from the outside, unless the software is reconfigured to allow such access.
Corporate networks normally permit communication with the public Internet but only if connections directed to outside hosts originate from inside the firewall.
Cisco Secure Telnet Design
Cisco Secure Telnet takes advantage of the fact that Telnet connections can easily be initiated from behind a firewall. Using an external proxy machine, the system relays TCP/IP communications from behind your firewall to a host behind another firewall at the Cisco Technical Assistance Center (TAC).
Using this relay server maintains the integrity of both firewalls while supporting secure communication between the shielded remote systems. (See Figure 16-1.)
Figure 16-1 Cisco Secure Telnet System
Cisco Secure Telnet Structure
The external relay server establishes the connection between your network and Cisco Systems by building a Telnet tunnel. This enables you to transmit the IP address and password identifier of your Cisco CallManager server to your CSE.
Note
Your administrator starts the process by initiating the Telnet tunnel, which establishes a TCP connection from inside your firewall out to the relay server on the public Internet. The Telnet tunnel then establishes another connection to your local Telnet server, creating a two-way link between the entities.
Note
After the Cisco CallManager at your site accepts the password, the Telnet client that is running at the Cisco TAC connects to the Telnet daemon that is running behind your firewall. The resulting transparent connection allows the same access as if the machine were being used locally.
After the Telnet connection is stable, the CSE can implement all remote serviceability functionality to perform maintenance, diagnostic, and troubleshooting tasks on your Cisco CallManager server.
You can view the commands sent by the CSE and the responses issued by your Cisco CallManager server, but the commands and responses may not always be completely formatted.
Cisco Secure Telnet Configuration Checklist
Table 16-1 provides an overview of the steps for configuring Cisco Secure Telnet.
Table 16-1 Cisco Secure Telnet Configuration Checklist
Step 1
Obtain the Cisco Secure Telnet components.
Cisco Secure Telnet Components, Cisco CallManager Serviceability Administration Guide
Step 2
Obtain the Cisco Secure Telnet applications.
Cisco Secure Telnet Applications, Cisco CallManager Serviceability Administration Guide
Step 3
Invoke the tndconnect program.
Cisco Secure Telnet Executables, Cisco CallManager Serviceability Administration Guide
Step 4
Use the tndconnect commands to access the Cisco CallManager servers.
Command Line Syntax for tndconnect, Cisco CallManager Serviceability Administration Guide
Where to Find More Information
Related Topic
•
Additional Cisco Documentation
•
