The AIM manager has a remote support feature that allows technical support to connect should the need arise. It works by establishing a secure SSL connection with a managed secure server hosted on the internet. Using a reverse tunnel, technical support can connect to the manager via the secure server. Each support representative has their own unique SSL keys for full traceability when making a remote connection. To protect the manager against unauthorised access, Remote Support is disabled by default. Access is only granted by Enabling Support and giving the support representative a unique one-time password which is automatically generated each time it is enabled.
Below is a diagram that shows how the feature works:
- The manager must be connected to a network which has internet access using Ethernet Port 2.
- On the manager, navigate to Dashboard -> Settings -> Network. You will need to configure an IP address, gateway and DNS for Ethernet Port 2.
- For managers running firmware versions 4.4 and below, the manager connects to the remote server over port 22. You will need to ensure that outbound port 22 is not blocked by the firewall or router to the internet. Managers running 4.5 and above, you can choose other ports such as 80, 443, 53, 2222, 1022.
- Navigate to the Dashboard -> Remote Support tab on the AIM admin Web UI and click on the Enable Remote Support button.
- NOTE: AIM firmware versions 4.0, 4.1 and 4.2 do not show the port number or password when enabling Remote Support.
- The AIM will show a port number and one-time password (OTP) which are required to remotely access the manager.
- If the port number changes after 1 minute, this means that either 1) The port is used by another Remote session or 2) The manager has been unable to access the remote server. If port number continues to change, please check your network and firewall settings.
- Please contact support firstname.lastname@example.org, stating the port number and one-time password that you have been given. If you have changed the admin password from the default, then please could you create a temporary administrator account so that we can access the web interface if required.
During the Remote Support session, we may need access to the AIM's web interface. So that you do not need to reveal or change your Admin password, please could you create a temporary user and set it as an AIM Administrator. Please let us know the user and password that you have created.
In the event that you do not see a port number when running AIM 4.3 and above then check the following:-
- You have outbound port enabled on your firewall, typically 22 or on 4.5 it can be 443, 53, 2222, 1022.
- There is only one gateway on the AIM Manager, make sure that the gateway is correct. If you set the Ethernet port 2 to DHCP, the gateway from the DHCP server is not used.
- Try manually assigning an IP address, subnet mask, gateway and DNS Setting to Ethernet Port 2.