Our community includes Cisco experts to answer your questions about the Smart Net Total Care (SNTC) portal and CSP-Collector. Click the navigation links below to access materials for using our service and supported collectors.
I've been trying to access the CSPC CLI without success, and it appears that our Nessus scanning appliance has locked all CLI accounts. I can reinstall the appliance, but I would like to know how to transition these accounts so that, 1) the root can only be used locally and not for remote login to prevent it from being locked out, 2) how to create an alternate account that would not be used by Nessus for scanning access, 3) how to prevent a permanent lockout for the admin account (which is what appears to have happened).
GUI access is working fine.
Trying to work in a world of balancing security awareness and get stuff done. By that I mean, it's impractical for me to ask the security team to not scan this appliance because it could lock the accounts; these systems need to be monitored. It also isn't practical for me to redeploy when one of these lockout events occur; major waste of time. [Sorry for the rant!]
The CLI accounts will remain locked for only 30 minutes if too many failed authentication attempts have been made. However direct root access via SSH to the CSPC appliances is disabled by default on the images. To remotely access root, you can use the "collectorlogin" CLI account and change users over to root using "su -". Unfortunately there is no way to add new accounts for CLI or change the security settings at this time.
If scanning from Nessus application can be scheduled, you may be able to have it run during a window where CSPC is not being used for up to 30 minutes in case of CLI account lockout.
I have tried logging back into the device, with the last known 'admin' password, but I get another message that the account is locked, "Account locked due to XXX failed logins". The Nessus has not attempted to scan the device in over 24 hours. Will the admin account password revert to another password after too many attempts (seems that I have seen mention of something like this in another discussion)?
Also, thank you for clarification of the root account and remote access.
The password for the 'admin' account will not be changed during lockout. However, if after 30 minutes you are still seeing the lockout message, it may indicate that the password being used is no longer correct.
If you have access to collectorlogin and root, you can try to login and set a new password for admin using "passwd admin" command.
Hi guys. Our customer is trying to access its Smart Portal for the first time (services.cisco.com) in order to register a collector, but the page "jump" to another page (attached). He tried to use another browser without success. Do you have an idea ...
Does anyone know how long it takes to add a new administrator to the Cisco Services Access Management tool, so that this administrator can start using the SNTC portal? I am the Delegated Administrator and have added a colleague in the Cisco...
Smart Net Total Care Comprehensive View will be Removed
Due to changes in architecture, the ability to set report preferences to “comprehensive view” will no longer be available in the Smart Net Total Care portal after April 5, 2019.
In the ...
Announcing Cisco Services API Availability!
The Smart Net Total Care Services APIs are now available to all customers and partners. The Customer, Alerts, and Inventory APIs are now in our production environment for you to use.
What’s available for ...
If you experience the below Sign On Error when accessing CSAM, SNTC portal or other Cisco sites, please reach out to email@example.com with:
details of the error, i.e., url(s) being accessed
your CCO ID