Manage RADKit Service Authorization

You can manage authorizations by enabling the TAC engineers to access the devices remotely for troubleshooting. You can also grant access to remote users to either access all the devices' inventory or only of selected devices for a specific duration.

Note

The authorizations can be added and viewed only from the Global domain.

Before you begin

Enroll to RADKit service. For information about the procedure to enroll, see Enroll RADKit Service.

Procedure

Step 1

Choose Devices > Troubleshoot > Remote Diagnostics.

The Remote Diagnostics page lists the current authorizations. Ensure that you have enrolled to the RADKit service.

Step 2

To create a new authorization, click Create New Authorization.

Step 3

Under Setup Authorization, enter the support engineer's email address. The Email address must not exceed 40 characters.

Note

  • The support engineer's email address is unique to an authorization record. Hence, you cannot modify this value after creating authorization.

  • You cannot create an authorization account for the same email address.

Step 4

Click Next.

Step 5

Under Device Selection, specify the devices and the Firewall Management Center that the support engineer can access. Select the relevant option:

  • Grant access to all devices: Click this radio button, and then check the I agree to provide access to all devices check box to agree for granting access to all devices and the Firewall Management Center.

  • Grant access to specific devices: Click this radio button, and then from the Select Devices drop-down list, choose the device IP addresses and the Firewall Management Center that the support engineer can access. Ensure to check the I agree to provide access to the selected devices check box.

    Note

    Only devices running Version 7.7 and later are supported and are available for selection.

Step 6

Click Next.

Step 7

Under Schedule the Access, specify the timeline during which the support engineer can access the devices:

  • Now: Click this radio button, and then under Duration fields, specify the time duration for granting access. To set the duration preset, click the Time presets links, namely, 1 hour, 6 hours, 12 hours, 1 day, or 1 week.

  • Grant access until revoke: Click this radio button to grant perpetual access to the devices.

    Note

    To revoke access, in the Current Authorizations grid, click the respective revoke icon under the Actions column.

Step 8

Under Summary, preview the selections you have made for the authorization account. To modify the choices made, click the Edit icon and make the corresponding changes.

Note

The support engineer's email address is unique to an authorization record. Hence, you cannot modify the email address.

Step 9

Click Create.

In the subsequent window, a confirmation message for the new authorization with the user email address and the RADKit service id used in the RADKit client is displayed.

Step 10

(Optional) To create another authorization, click Create Another Authorization.

Step 11

To exit, click Close.

What to do next

The Remote Diagnostics window displays a list of current authorizations. You can perform the following actions:

  • Edit the settings.

  • Revoke the authorization.

  • Enable sudo access for the devices and Firewall Management Center.