Remote Support Agent

Concepts and Customer Usage Guide

NetApp, Inc.
495 East Java Drive
Sunnyvale, CA 94089 USA
Telephone: +1 (408) 822-6000
Fax: +1 (408) 822-4501
Support telephone: +1 (888) 4-NETAPP
Information Web: http://www.netapp.com
Part Number 215-04037_A0
July, 2008
Copyright and trademark information

Copyright Copyright © 1994–2008 NetApp, Inc. All rights reserved. Printed in the U.S.A.
information No part of this file covered by copyright may be reproduced in any form or by any means—graphic,
electronic, or mechanical, including photocopying, recording, taping, or storage in an electronic
retrieval system—without prior written permission of the copyright owner.

Software derived from copyrighted material of NetApp, Inc. is subject to the following license and
disclaimer:

THIS SOFTWARE IS PROVIDED BY NETAPP “AS IS” AND WITHOUT ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE,
WHICH ARE HEREBY DISCLAIMED. IN NO EVENT SHALL NETAPP BE LIABLE FOR ANY
DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.

NetApp reserves the right to change any products described herein at any time, and without notice.
NetApp assumes no responsibility or liability arising from the use of products described herein,
except as expressly agreed to in writing by NetApp. The use or purchase of this product does not
convey a license under any patent rights, trademark rights, or any other intellectual property rights of
NetApp.

The product described in this manual may be protected by one or more U.S.A. patents, foreign
patents, or pending applications.

Copyright (c) 2005-2007 Network Appliance, Inc. and Copyright (c) 2008 NetApp, Inc. All rights
reserved. Specifications are subject to change without notice. Other product names or slogans
mentioned herein may be trademarks or registered trademarks of their respective companies.

Additional copyright information for third-party code provided with the product is set forth in the
NetApp Customer Software License Agreement

RESTRICTED RIGHTS LEGEND: Use, duplication or disclosure by the government is subject to

restrictions set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer
Software clause at DFARS 252.277-7103 (October 1988) and FAR 52-227-19 (June 1987).

Trademark NetApp, the Network Appliance logo, the bolt design, NetApp—the Network Appliance Company,
information Cryptainer, Cryptoshred, DataFabric, DataFort, Data ONTAP, Decru, FAServer, FilerView,
FlexClone, FlexVol, Manage ONTAP, MultiStore, NearStore, NetCache, NOW NetApp on the Web,
SANscreen, SecureShare, SnapDrive, SnapLock, SnapManager, SnapMirror, SnapMover,
SnapRestore, SnapValidator, SnapVault, Spinnaker Networks, SpinCluster, SpinFS, SpinHA,
SpinMove, SpinServer, StoreVault, SyncMirror, Topio, VFM, and WAFL are registered trademarks of
NetApp, Inc. in the U.S.A. and/or other countries. gFiler, Network Appliance, SnapCopy, Snapshot,
and The evolution of storage are trademarks of NetApp, Inc. in the U.S.A. and/or other countries and
registered trademarks in some other countries. The NetApp arch logo; the StoreVault logo;
ApplianceWatch; BareMetal; Camera-to-Viewer; ComplianceClock; ComplianceJournal;

ii Copyright and trademark information

 ContentDirector; ContentFabric; EdgeFiler; FlexShare; FPolicy; Go Further, Faster; HyperSAN;
InfoFabric; Lifetime Key Management, LockVault; NOW; ONTAPI; OpenKey, RAID-DP;
ReplicatorX; RoboCache; RoboFiler; SecureAdmin; Serving Data by Design; SharedStorage;
Simplicore; Simulate ONTAP; Smart SAN; SnapCache; SnapDirector; SnapFilter; SnapMigrator;
SnapSuite; SohoFiler; SpinMirror; SpinRestore; SpinShot; SpinStor; vFiler; VFM Virtual File
Manager; VPolicy; and Web Filer are trademarks of NetApp, Inc. in the U.S.A. and other countries.
NetApp Availability Assurance and NetApp ProTech Expert are service marks of NetApp, Inc. in the
U.S.A.

IBM, the IBM logo, AIX, and System Storage are trademarks and/or registered trademarks of
International Business Machines Corporation.

Apple is a registered trademark and QuickTime is a trademark of Apple, Inc. in the U.S.A. and/or
other countries. Microsoft is a registered trademark and Windows Media is a trademark of Microsoft
Corporation in the U.S.A. and/or other countries. RealAudio, RealNetworks, RealPlayer,
RealSystem, RealText, and RealVideo are registered trademarks and RealMedia, RealProxy, and
SureStream are trademarks of RealNetworks, Inc. in the U.S.A. and/or other countries.

All other brands or products are trademarks or registered trademarks of their respective holders and
should be treated as such.

NetApp, Inc. is a licensee of the CompactFlash and CF Logo trademarks. NetApp, Inc. NetCache is
certified RealSystem compatible.

Copyright and trademark information iii

iv Copyright and trademark information
Table of Contents

Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
More documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x

Chapter 1 Introduction to Remote Support Agent . . . . . . . . . . . . . . . . . . . . 1

Terminology related to Remote Support Agent . . . . . . . . . . . . . . . . . 2
About Remote Support Agent . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Remote Support Agent features . . . . . . . . . . . . . . . . . . . . . . . . . 5
Remote Support Architecture. . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Key security features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Chapter 2 Installing and configuring Remote Support Agent . . . . . . . . . . . . . 13

Remote Support Agent requirements . . . . . . . . . . . . . . . . . . . . . . 14
Remote Support Agent configuration overview . . . . . . . . . . . . . . . . 16
Preparing Storage Controller for Remote Support Agent . . . . . . . . . . . 18
Configuring Remote Support Agent . . . . . . . . . . . . . . . . . . . . . . 22

Chapter 3 Remote Support Enterprise User Interface . . . . . . . . . . . . . . . . . 29

Accessing and using the Remote Support Enterprise portal . . . . . . . . . . 30

Chapter 4 Remote Support Agent Advanced Commands . . . . . . . . . . . . . . . 39

Chapter 5 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

Appendix A Disabling Remote Support Agent . . . . . . . . . . . . . . . . . . . . . . 63

Appendix B Remote Support Agent Quick Start . . . . . . . . . . . . . . . . . . . . . 65

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

Table of Contents v
vi Table of Contents
Preface

About this guide This document explains the function, installation, and basic customer use of the
NetApp® Remote Support Agent.

Audience This guide is for customers who are familiar with the NetApp® storage systems
and who have the NetApp’s SupportEdge Premium. It also assumes that you are
familiar with working with Data ONTAP.

Commadn You can enter the Data ONTAP commands on the system console. You can enter
conventions RLM commands for configuring the Remote Support Agent at the RLM CLI.
The RLM CLI is available using Secure Shell (SSH) connection to the RLM.

Command Line Data ONTAP commands in this document are represented with a hostname or the
Interface (CLI) word toaster before the prompt, such as toaster>.
convention
RLM commands are represented with RLM shown before the hostname, such as
RLM toaster>.

Terminology This guide uses the following terms:

◆ NetApp storage products (storage systems, FAS appliances, and NearStore®
systems) are all storage systems—also sometimes called storage controllers.
◆ The term type means pressing one or more keys on the keyboard.

Formatting The following table lists the kinds of formatting this guide uses to identify special
conventions information.

Preface vii
 Formatting
Type of information
convention

Italic font ◆ Words or characters that require special attention.

◆ Placeholders for information you must supply.
For example, if the guide requires you to enter the
fctest adaptername command, you enter the
characters fctest followed by the actual name of
the adapter.
◆ Book titles in cross-references.

Monospaced font ◆ Command and daemon names.

◆ Information displayed on the system console or
other computer monitors.
◆ The contents of files.

Bold monospaced Words or characters you type. What you type is

font always shown in lowercase letters, unless you must
type it in uppercase letters for it to work properly.

Keyboard This guide uses capitalization and some abbreviations to refer to the keys on the
conventions keyboard. The keys on your keyboard might not be labeled exactly as they are in
this guide.

What is in this guide... What it means...

hyphen (-) Used to separate individual keys.

For example: Ctrl-D means holding down the

Ctrl key while pressing the D key.

Enter Used to refer to the key that generates a carriage

return, although the key is named Return on some
keyboards.

type Used to mean pressing one or more keys on the

keyboard.

enter Used to mean pressing one or more keys and then

pressing the Enter key.

viii
Special messages This guide contains special messages that are described as follows.

Note
A note contains important information that helps you install or operate the
system efficiently.

Caution
A caution contains instructions that you must follow to avoid damage to the
equipment, a system crash, or loss of data.

Preface ix
More documentation

NOW (NetApp on The Remote Support Agent section of the NOW site contains useful background
the Web) site information. For more information, see http://now.netapp.com/

The NOW site includes the following topics:

◆ This guide: Remote Support Agent Concepts and Customer Usage Guide
◆ Remote Support Agent Quick Start
◆ RLM firmware download and upgrade page on the NOW site.
◆ Remote Support Agent Security Assessment by Symantec Corporation
◆ Remote Support Agent General FAQ
◆ Remote LAN Module (RLM) documentation in the Data ONTAP System
Administration Guide.

x More documentation
Introduction to Remote Support Agent 1
About this chapter This chapter introduces you to Remote Support Agent. The chapter describes the
various features, architecture, and security policies related to Remote Support
Agent.

Topics in this This chapter includes the following topics:

chapter ◆ “Terminology related to Remote Support Agent” on page 2
◆ “About Remote Support Agent” on page 3
◆ “Remote Support Agent features” on page 5
◆ “Remote Support Architecture” on page 6
◆ “Remote Support Agent security policies” on page 9

Chapter 1: Introduction to Remote Support Agent 1

Terminology related to Remote Support Agent

Terms you need to This section defines the terms and technologies that you come across while
know reading this document.

Remote Support Agent: The NetApp monitoring software installed on a

NetApp storage controller that sends configuration, diagnostics, and
environmental information back to Remote Support Enterprise at NetApp
headquarters.

Remote Support Enterprise: The enterprise application residing at NetApp

headquarters which receives data from the Remote Support Agent and requests it
to perform actions.

Remote LAN Module (RLM): The service processor that is embedded into the
FAS3000, FAS6000, V3000, and V6000 series of NetApp controllers. The RLM
provides remote platform management capabilities including remote access,
monitoring, troubleshooting, logging, and alerting features. Remote Support
Agent is a part of RLM firmware.

NOW (NetApp on the Web): The NetApp support Web site. You can view a
history of all the actions performed by Remote Support Agent at a special place
on the NOW site.

NetApp Technical Support Engineer (TSE): A member of the NetApp

technical support team dedicated to supporting and diagnosing customer issues.

NetApp Professional Service Engineer (PSE): A member of NetApp

professional services.

2 Terminology related to Remote Support Agent

About Remote Support Agent

What Remote Remote Support Agent is a remote diagnostics data collector that is embedded
Support Agent is directly into the NetApp controller. Remote Support Agent is simple to install
and use. It reduces your manual involvement in a case diagnostic session by
automating the uploading of the core files and diagnostic data to NetApp
Support. Through Remote Support Agent, the NetApp Support Engineer can
remotely access log files and trigger an AutoSupport on demand

Remote Support Agent is provided as a firmware upgrade to the RLM card. The
RLM card is currently supported on NetApp's FAS3000, FAS6000, V3000, and
V6000 controller series. Remote Support Agent allows remote data collection
and intelligent core handling. Remote Support Agent works with your security
policies. The data collected by Remote Support Agent is stored in a highly secure
environment.

Note
You can access and use the basic RLM features independently of Remote Support
Agent.

What Remote Remote support automation ensures faster case resolution and minimizes your
Support Agent system downtime. If NetApp support has access to diagnostic data such as log
benefits are files, and AutoSupport, the chances of faster case resolution are much higher.

Chapter 1: Introduction to Remote Support Agent 3

 The following graph shows the amount of lost revenue, in dollars due to
downtime.

Downtime is expensive

Retail 1.1

Insurance 1.2

Information technology 1.3

Financial institutions 1.5

Manufacturing 1.6

Call location 1.6

Telecommunications 2

Credit card services 2.6

Energy 2.8

Retail brokerage 6.5

$M/Hour
(Millions of dollars per hour in lost revenue)
[source: IDC]

By using Remote Support Agent your case resolution time will greatly improve.
This is by reducing the time needed to upload various diagnostic files and
reducing the number of e-mail and phone communications with NetApp Support.

4 About Remote Support Agent

Remote Support Agent features

Remote Support Agent has three major features. The following sections describe
these features in detail.

Remote data Remote Support Agent enables NetApp Support to remotely collect files from the
collection /etc/log and /etc/crash directories and their sub-directories. These two
directories contain only NetApp storage controller environmental and debugging
information and does not contain any customer sensitive data. Multiple files can
be uploaded from these directories as required during case triage. Remote
Support Agent will also allow NetApp Support to remotely trigger an
AutoSupport on your NetApp controller and have a complete AutoSupport log
returned by using Data ONTAP AutoSupport mechanism.

Intelligent core file When a system panics, Remote Support Agent automatically uploads the core
handling file to NetApp Support without your intervention. Remote Support Agent
uploads a core file only if it is not corrupted and the panic signature does not
match any known panic message in NetApp's panic message database. In such a
condition, the case is updated with the latest information.

Remote Support Agent handles core file upload failure in the following way:
◆ If during core file collection there is a failure on the NetApp controller,
Remote Support Agent retries core file collection. If unsuccessful, Remote
Support Agent terminates the retry and sends a failure alarm to the Remote
Support Enterprise. When Remote Support Enterprise receives the alarm, it
notifies NetApp Support that auto core upload has failed. A NetApp TSE
will contact the customer to perform a manual core upload.
◆ In the event of a Remote Support Enterprise fault or network outage during a
file transmission, Remote Support Agent retries file upload several times.

Notification of down When RLM detects a NetApp controller is down, for example, due to an
storage controller abnormal reboot, it automatically triggers an AutoSupport message to NetApp
Support. A P1 case is created and the user is contacted. AutoSupport must be
configured on the RLM and enabled for this to work.

Chapter 1: Introduction to Remote Support Agent 5

Remote Support Architecture

The Remote Support Agent architecture is made up of the following components:

1. Remote Support Agent that is installed on the RLM card within your
NetApp storage controller.

2. The Remote Support Enterprise infrastructure, which resides at NetApp

Headquarters.

The following diagram illustrates the architecture of Remote Support Agent.

Remote Support Remote Support Agent running on the RLM card initiates a secure, authenticated
Agent connection to Remote Support Enterprise and provides NetApp technical support
remote access to logs, core files, and other diagnostic information stored in the
NetApp controller. The NetApp TSE apply various back-end support tools
against the data collected by Remote Support Agent to assist in case resolution.

6 Remote Support Architecture

Remote Support The Remote Support Enterprise infrastructure helps in automatic uploading of
Enterprise core files and allows NetApp Support to access log files and other diagnostic data
remotely to solve your issues.

Chapter 1: Introduction to Remote Support Agent 7

Key security features

Overview NetApp has taken an end-to-end approach which provides a secure, trusted and
verifiable infrastructure for Remote Support Agent. You have full control and
visibility over all remote access events and activities. You can disable the
connection to NetApp and all Remote Support Agent features via a single
command line setting.

Outbound-only Connection between Remote Support Agent and Remote Support Enterprise is
connection always initiated by Remote Support Agent. This is a key security feature of the
network communication between Remote Support Agent and Remote Support
Enterprise. This ensures only an outbound connection from your site to NetApp.

Remote Support Agent does not allow NetApp to dial into your system. Remote
Support Agent periodically connects to Remote Support Enterprise, downloads
any action requests and uploads the system status and results of previous requests
to Remote Support Enterprise.

The connection interval is every 5 minutes for SupportEdge Premium entitled

storage controllers that are not being actively used by a TSE. The connection
interval changes to every 10 seconds if a TSE is performing remote data
collection on this storage controller. If a storage controller no longer has a
SupportEdge Premium entitlement, the connection interval changes to once every
24 hours. These heart beat checking intervals are set at the Remote Support
Enterprise and cannot be configured at the Remote Support Agent level.

Authenticated Communication between Remote Support Agent and Remote Support Enterprise
communication is encrypted using128-bit VeriSign signed Secure Socket Layer (SSL)
certificates. Remote Support Agent retains a copy of Remote Support Enterprise
public certificate to ensure that communication occurs only with NetApp. If the
authentication fails, the connection is broken and no data is sent.

Secure storage of Data from Remote Support Agent is stored in a highly secure Oracle® database
your data behind the NetApp corporate firewall. Access to this data is restricted to
authorized NetApp Support personnel. All actions taken by TSE using the
Remote Support Enterprise are recorded and can be audited. You can view all

8 Key security features

 past events and actions performed on your system by going to the NOW site
http://now.netapp.com. Follow the link to My Installed Products and then click
Remote Support link to access the NetApp Remote Support Enterprise audit
page.

Security assurance NetApp has partnered with Symantec to assess the security of Remote Support
Agent. This is to ensure that Remote Support Agent conforms to industry best
practices for protecting your data. Symantec was chosen because of its leadership
position in the security solution space. After a detailed analysis of Remote
Support Agent, Symantec concluded that it provides a secure framework for data
protection and meets the industry security best practices. For more information,
see the Network Appliance Remote LAN Module Security Assessment white paper
by Symantec at http://now.netapp.com/NOW/download/tools/rsa/. To ensure
continued adherence to security best practices, NetApp intends to perform
security assessments on a regular basis for each update of Remote Support
Agent.

Remote Support You have full control over the actions of the Remote Support Agent. Through a
Agent security simple CLI command, you can enable or disable all of Remote Support Agent's
policies features. You can see a configuration summary of the Remote Support Agent by
running the rsa show command.

The policies are checked at start up, and Remote Support Agent is notified
whenever the security policies change. The following table summarizes how
Remote Support Agent handles changes in the security policies.

If... Then...

At startup the basic policy disallows Remote Support Agent does not
contacting Remote Support connect to Remote Support
Enterprise server Enterprise. All Remote Support
Agent features including remote data
collection, core upload, and
AutoSupport generation, are disabled

During normal processing the policy Remote Support Agent reports the
is changed from allowing contact to new policy to Remote Support
disallowing contact Enterprise and stops any subsequent
contact with Remote Support
Enterprise

Chapter 1: Introduction to Remote Support Agent 9

 For more information about enabling and disabling Remote Support Agent, see
“Configuring Remote Support Agent” on page 22.

Security on the RLM The security of your data and networks are of prime importance to NetApp.
Following are a few of the points which have been taken into consideration:
◆ The only external interface on the RLM is its single Ethernet connection.
The RLM firewall is programmed to prevent incoming connections from
outside your network. It allows only the connections from within your
network by the Data ONTAP administration accounts (inbound SSH only).
◆ Other rules allow outgoing connections only to NetApp using port 443.
These rules also allow data collection from the /etc/crash and /etc/log
directories and the ability to remotely trigger an AutoSupport.
◆ The administrator user ID and password should be configured on RLM so
that the agent can use them to gain access to the storage system. There is no
requirement for a special account; you are free to use any account as long as
it is in the Data ONTAP Administrators group. As a best practice, NetApp
recommends that if multiple administrator are sharing the account, then you
create a special account for Remote Support Agent usage.
◆ The RLM does not have any open ports that accept connections other than
SSH (port 22). The only outbound ports allowed are for SMTP (port 25),
SNMP (trap port 162), and SSL (port 443).

Controlled access Remote Support Agent connects to the NetApp server periodically to transfer
to diagnostic data information and respond to service requests. After data exchange, if no session
(such as a file transfer) is active, the connection is closed.

Remote Support Agent does not have access to your data. Only the root volume
of the storage system is configured to be accessed from the RLM.

Remote Support Agent does not have direct access to the root volume on the
storage controller. It makes use of the FilerView® HTTP or HTTPS interface to
request diagnostic data and core files from Data ONTAP. FilerView only allows
access to /etc/log and /etc/crash directories and sub-directories on the root
volume. Remote Support Agent also checks and rejects any requests originating
from Remote Support Enterprise if they fall outside these two directories

10 Key security features

Nondisruptive The RLM firmware for Remote Support Agent can be upgraded at runtime in a
upgrade nondisruptive manner. You can download the latest versions of RLM firmware
for Remote Support Agent from NetApp's NOW site. There is no downtime of
Data ONTAP during the RLM upgrade process. The RLM firmware update
mechanism supports all versions of Data ONTAP on FAS 3000, FAS 6000,
V3000, and V6000.

Generating Remote Support Agent uses the Telnet interface of Data ONTAP to issue a
AutoSupport command to trigger an AutoSupport. This message is uniquely identified by a
Subject line of Remote Support Agent triggered ASUP.

The AutoSupport triggered by Remote Support Agent uses existing AutoSupport

preferences set up on that controller. For example, all users who subscribe to
AutoSupport notifications will also receive this Remote Support Agent triggered
AutoSupport.

Chapter 1: Introduction to Remote Support Agent 11

12 Key security features
Installing and configuring Remote Support Agent 2
About this chapter This chapter provides an overview of installing and configuring the Remote
Support Agent.

Topics in this This chapter includes the following topics:

chapter ◆ “Remote Support Agent requirements” on page 14
◆ “Remote Support Agent configuration overview” on page 16
◆ “Preparing Storage Controller for Remote Support Agent” on page 18
◆ “Configuring Remote Support Agent” on page 22

Chapter 2: Installing and configuring Remote Support Agent 13

Remote Support Agent requirements

Licensing The Remote Support Agent is a component of NetApp SupportEdge Premium

requirements service offering and can monitor only NetApp controllers with SupportEdge
Premium entitlement. All data uploads from storage controllers that do not have
SupportEdge Premium entitlement are rejected by the Remote Support Enterprise
at NetApp.

Hardware Remote Support Agent is an extension of the RLM firmware and can only
requirements support NetApp controllers from the FAS3000, FAS6000 series, V3000, and
V6000. For more information about hardware compatibility, see the NOW site.

Outbound Refer the following table for Remote Support Agent access to Remote Support
connection to Enterprise. The Remote Support Agent accesses to Remote Support Enterprise
NetApp using the https://remotesupportagent.netapp.com/emessage URL.

Remote Support Agent Access to Remote Support Enterprise

Entity Protocol Port

Remote Support HTTPS 443

Enterprise

Firewall rules Remote Support Agent requires a change in your firewall rules to allow an
outbound HTTPS connection from your site to NetApp on port 443.

Proxyservers Remote Support Agent can be configured to use a proxy server to connect to the
Remote Support Enterprise. It supports both HTTP and SOCKS proxies

14 Remote Support Agent requirements

Communication The Remote Support Agent uses various networking protocols and port numbers
with storage to communicate with NetApp storage controller, as described in the following
controller table.

Communication with storage controller

Entity Protocol Port

Storage Controller HTTPS/HTTP Customer specified

Storage Controller Telnet Customer specified

Password Remote Support Agent needs the following account information to communicate
requirements with the storage controller.

Account or password Required for...

An administrator account on NetApp Accessing the monitored NetApp

storage controller monitored by storage controller from Remote
Remote Support Agent. Support Agent. NetApp recommends
that you create a unique account for
Remote Support Agent.

Site administrators who need access to Remote Support Enterprise on the

NetApp NOW website need the following account information.

Account or password Required for...

A login name and password for the Accessing your NOW site to
NetApp NOW site ◆ View and audit the actions
(https://now.netapp.com) performed by Remote Support
Agent
◆ Find documentation related to
the Remote Support Agent and
other NetApp storage controllers

Chapter 2: Installing and configuring Remote Support Agent 15

Remote Support Agent configuration overview

Configuring Remote The following table provides an overview of the tasks involved in configuring
Support Agent Remote Support Agent.

Note
Before you install Remote Support Agent, meet with your security team to obtain
their clearances.

Step Action

1 Upgrade the RLM software.

Note
Remote Support Agent is installed as a part of the RLM installation.
Do not use a Data ONTAP telnet or rsh session to upgrade RLM
firmware.

Download the latest RLM firmware from NOW:

http://now.netapp.com/NOW/download/tools/rlm_fw/

Upgrade RLM using the Data ONTAP console or RLM CLI.

2 Set up the RLM.

Verify the following:
◆ That your RLM card can send a test AutoSupport message
◆ That you can communicate using SSH to RLM

For more information, see Data ONTAP System Administration

Guide on the NOW site http://now.netapp.com/

16 Remote Support Agent configuration overview

 Step Action

3 Configure the storage system for Remote Support Agent.

◆ Enable AutoSupport
◆ Configure the RLM
◆ Configure HTTP or HTTPS for administrative access
◆ Configure SecureAdmin for SSL
◆ Configure Telnet
◆ Create a user in the administrators group
◆ Configure Domain Name System (DNS)
For more information, see Data ONTAP System Administration
Guide on the NOW site http://now.netapp.com

4 Configure Remote Support Agent.

For more information, see “Configuring Remote Support Agent” on
page 22.

Chapter 2: Installing and configuring Remote Support Agent 17

Preparing Storage Controller for Remote Support Agent

About configuring The Remote Support Agent communicates with the storage controller using
the storage Telnet and HTTP/HTTPS. For Remote Support Agent to function properly, you
controller must properly configure AutoSupport, Telnet, and FilerView® on the storage
controller.

Preparing for Before Remote Support Agent can be installed, you need to ensure that the
Remote Support following requirements are met:
Agent installation ◆ The storage controller must have SupportEdge Premium entitlement.
◆ The storage controller’s AutoSupport must be enabled.
◆ An RLM card must be installed in the storage controller and have an
outbound connection to the Internet.

For a new NetApp storage controller, SupportEdge Premium entitlement is

verified at the time of storage controller registration, and notification email is
sent to the storage administrator and also to the NetApp Professional Service
Engineer. Remote Support Agent can detect the change of an existing non-
SupportEdge Premium NetApp controller elevated to SupportEdge Premium
entitlement.

Configuring AutoSupport provides information about the system's configuration and current
AutoSupport state. This information is critical for NetApp TSE when solving a case.
AutoSupport on the NetApp storage controller should be enabled to
communicate with NetApp through HTTP or SMTP.

Remote Support Agent enables the NetApp Support Engineer to remotely trigger
an AutoSupport on demand on the controller and have the AutoSupport data sent
back to NetApp. This enables NetApp Support to begin problem diagnostics
immediately without waiting for the customer to send an updated AutoSupport. It
also allows NetApp Support to effectively troubleshoot cases that occur during
off hours when the customer is not available to send an AutoSupport. If
AutoSupport is not configured on the storage controller, the NetApp TSE cannot
trigger the AutoSupport. Therefore, it is important to configure and enable
AutoSupport.

The RLM sends event notifications based on the following AutoSupport settings:

18 Preparing Storage Controller for Remote Support Agent

 option autosupport.to e-mail_addresses

option autosupport.mailhost { name | IP_address_of_outbound_SMTP }

Ensure that the autosupport.to option has been set properly before you
configure the RLM. You must enter the name or the IP address of the
AutoSupport mail host when you configure the RLM.

For information about enabling AutoSupport, see the Data ONTAP System
Administration Guide at
http://now.netapp.com/NOW/knowledge/docs/ontap/ontap_index.shtml. For
more information about AutoSupport, see http://now.netapp.com/autosupport/

Upgrading the RLM Remote Support Agent is installed as a part of the RLM firmware installation. To
firmware have the Remote Support Agent features, you may need to upgrade your RLM
firmware to RLM 3.0 or above.

The RLM firmware for Remote Support Agent can be upgraded at runtime in a
manner nondisruptive to Data ONTAP. You can download the latest versions of
RLM firmware for Remote Support Agent from the NOW site. Data ONTAP
downtime is not required for the RLM upgrade process. The RLM firmware
update mechanism supports all versions of Data ONTAP.

For more information, see the RLM installation instructions in the Data ONTAP
System Administration Guide at http://now.netapp.com/

Note
Upgrade RLM using the Data ONTAP console or RLM CLI. Do not use a Data
ONTAP telnet or rsh session to upgrade RLM firmware.

Configuring the Before you can use the RLM, you must configure it for your storage controller
RLM and network. You can configure the RLM at the following times:
◆ When setting up a new storage controller with the RLM already installed
◆ When you add an RLM to an existing storage system

To set up the RLM, run the following command:

toaster> rlm setup

An interactive session for configuration is started.

Chapter 2: Installing and configuring Remote Support Agent 19

 For more information about setting up the RLM, see the Data ONTAP System
Administration Guide at
http://now.netapp.com/NOW/knowledge/docs/ontap/ontap_index.shtml

Configuring HTTP System logs and core files residing within the Data ONTAP root volume are often
or HTTPS for required by NetApp technical support during case triage. Remote Support Agent
administrative does not have direct hardware access to these files. It uses HTTP or HTTPS to
access request these files from Data ONTAP, and then sends these files back to NetApp
technical support. This remote data collection is limited to files within the
/etc/crash and /etc/log directories. Make sure that HTTP or HTTPS is
enabled on your system. This remote data collection is limited to files within the
/etc/crash, /etc/log and their sub-directories.

Using HTTP enables the Remote Support Agent’s faster access to the diagnostics
data on the NetApp controller. Using HTTPS enables enhanced security on data
flow between the Remote Support Agent and the NetApp controller within the
customer's intranet. You should select the best transport option based on
performance and security considerations.

Refer the following table for HTTP administrator access.

Option Value

httpd.admin.enable on

httpd.autoindex.enable on

If options httpd.admin.access, or trusted.hosts are used to control access,

add the RLM’s IP address to allow access from RLM.

For information on enabling the HTTP or HTTPS sessions, see the Data ONTAP
File Access and Protocol Management Guide at the NOW site at
http://now.netapp.com/

Configuring Telnet Remote Support Agent logs into Data ONTAP using a Telnet session to issue the
commands for triggering an AutoSupport. Therefore, it is essential to have
AutoSupport and Telnet access enabled on the NetApp system.

20 Preparing Storage Controller for Remote Support Agent

 Refer the following table for configuring Telnet.

Option Value

telnet.enable on

telnet.distinct.enable on

If options telnet.access, or trusted.hosts are used to control access, add the

RLM’s IP address to allow access from RLM.

For information on enabling Telnet sessions, see the Data ONTAP File Access
and Protocol Management Guide at
http://now.netapp.com/NOW/knowledge/docs/ontap/ontap_index.shtml.

Creating a user NetApp recommends that you should have an unique account for use by Remote
Support Agent to access Data ONTAP.

To create a new user, run the following command:

toaster> useradmin user add <uname> -g Administrators

A valid administrator account is required for Remote Support Agent to

communicate with Data ONTAP. This user name and password is required for
configuring Remote Support Agent.

Note
NetApp recommends using strong passwords for all accounts.

For more information about creating users, see the Data ONTAP System
Administration Guide at
http://now.netapp.com/NOW/knowledge/docs/ontap/ontap_index.shtml

Chapter 2: Installing and configuring Remote Support Agent 21

Configuring Remote Support Agent

Overview Remote Support Agent has to be configured properly to be able to connect to

Remote Support Enterprise and the storage controller. You can configure Remote
Support Agent using the RLM command-line interface.

About the RLM The Remote Support Agent settings can be configured using the RLM command-
command-line line interface.
interface
You access the RLM command-line interface only through an SSH session to the
RLM IP address.

The command-line interface lets you configure Remote Support Agent

interactively. You can use an interactive session for the following tasks:
◆ To enable or disable Remote Support Agent
◆ To optionally set up proxy configuration for Remote Support Agent to
connect to NetApp
◆ To configure the Telnet and HTTP/HTTPS settings for use by the Remote
Support Agent

At the end of the interactive session, you can test the Remote Support Agent
configuration parameters by using the rsa test command. The test result
summary helps you resolve any configuration errors on Remote Support Agent.
If any test cases fails, specific error messages help you with troubleshooting.

You can also use the command-line interface to view the current configuration
settings for Remote Support Agent.

Additional Remote Support Agent commands give you access to optional and advanced
command options configuration features through the command-line interface. These options are
helpful in the following situations:
◆ You may need to update a specific configuration parameter.
◆ You may want to automate the configuration process by writing some scripts
that connect to the service processor over an SSH connection. In this case
non-interactive configuration options are helpful.
◆ You may want to test a particular function of Remote Support Agent and
skip the other tests.

22 Configuring Remote Support Agent

 ◆ Some parameters such as Remote Support Enterprise URL, are not
commonly modified. Their default values are expected to work most of the
time. However, there could be situations in which you would need to change
this configuration.

Additional command options provide a way to individually configure every

configuration parameter.

To get usage information about the other commands, run the following
command:

RLM fas6070> rsa help

For more information about the entire set of command options and their usage,
see “Command Reference” on page 41.

Configuring Remote To configure Remote Support Agent, access the RLM command-line interface
Support Agent and run the rsa setup command. The rsa setup command prompts you for all
necessary information. Follow the messages at the prompt to complete the
configuration.

To configure Remote Support Agent, complete the following steps.

Step Action

1 At the RLM prompt, enter the following command:

RLM fas6070> rsa setup

Result: This command starts an interactive session that prompts you for the necessary
information required for configuration. After you commit the configuration changes, the
command also prompts to test the configurations.

Note
If you want to set proxy connections, you can specify the proxy parameters during the setup.

To see the sample output of the rsa setup command, see “Sample outputs of rsa setup
command” on page 24

Chapter 2: Installing and configuring Remote Support Agent 23

 Step Action

2 To view the current remote support configuration, enter the following command:

RLM fas6070> rsa show

Result: The current remote support configuration settings are displayed.

To see the sample output of the rsa show command, see “Sample output of rsa show
command” on page 26

3 You can test the remote support configuration at the end of setup or any time after the setup is
complete.

To test the configurations, enter the following command:

RLM fas6070> rsa test

Result: The command tests HTTP, Telnet, and proxy or enterprise connections.

In case of a failure, an error message describing the specific error situation is displayed.

Example: If the agent passes all tests, the following output is displayed:
RLM fas6070> rsa test
Testing storage controller telnet connection........................... ok
Testing storage controller HTTP connection............................. ok
Testing storage Remote Support Enterprise connection................... ok
Remote Support Agent tests passed.
RLM fas6070>

4 To check the status of Remote Support Agent, run the following command:
RLM toaster> rsa status

Sample outputs of Example 1: A sample session when the no proxy support is needed, Here the
rsa setup command HTTP and telnet credentials are not the same.
RLM or-321>
The Remote Support Agent improves your case resolution time and
minimizes your manual support overhead.

Would you like to enable Remote Support Agent? [yes]:

Do you use a proxy to connect to the internet? [no]:

Enter the telnet host name or ip-address of your storage controller

[]: or-321.lab.netapp.com
Enter telnet port number [23]:

24 Configuring Remote Support Agent

 Enter telnet username []: rsa-telnet
Enter telnet password:
Enter the HTTP host name or ip-address of your storage controller
[]: or-321.lab.netapp.com
Do you want to use HTTP with SSL? [yes]:
Enter HTTPS port number [443]:
Use telnet credentials for HTTP access also? [yes]: no
Enter HTTP username []: rsa-http
Enter HTTP password:
Do you want to commit configuration changes entered above? [yes]:
Committing configuration changes... done
Remote Support Agent is enabled.
Do you want to test current configuration? [yes]:
Testing storage controller telnet connection ................... ok
Testing storage controller HTTP connection ..................... ok
Testing Remote Support Enterprise connection ................... ok
All configuration tests passed.
RLM or-321>

Example 2: A sample session output when proxy support is required and the
HTTP and telnet credentials are not the same.
RLM or-321> rsa setup
The Remote Support Agent improves your case resolution time and
minimizes your manual support overhead.

Would you like to enable Remote Support Agent? [yes]:

Do you use a proxy to connect to the internet? [no]: yes
Choose proxy protocol (HTTP or SOCKS) [http]:
Enter proxy host name or ip-address []: proxy.lab.netapp.com
Enter proxy port number [9999]: 8080
Does the proxy require a username and password? [no]:
Enter the telnet host name or ip-address of your storage controller
[]: or-321.lab.netapp.com
Enter telnet port number [23]:
Enter telnet username []: rsa-telnet
Enter telnet password:
Enter the HTTP host name or ip-address of your storage controller
[]: or-321.lab.netapp.com
Do you want to use HTTP with SSL? [yes]:
Enter HTTPS port number [443]:
Use telnet credentials for HTTP access also? [yes]: no
Enter HTTP username []: rsa-http
Enter HTTP password:
Do you want to commit configuration changes entered above? [yes]:
Committing configuration changes... done
Remote Support Agent is enabled.

Chapter 2: Installing and configuring Remote Support Agent 25

 Do you want to test current configuration? [yes]:
Testing storage controller telnet connect....................... ok
Testing storage controller HTTP connection...................... ok
Testing Remote Support Enterprise connection.................... ok
All configuration tests passed.
RLM or-321>

Sample output of Example 1: rsa show command is used to print out the current remote support
rsa show command configuration. A sample output is as follows:
RLM or-321> rsa show
Remote Support Agent is enabled.

Remote Support Enterprise URL:

https://remotesupportagent.netapp.com/eMessage

Use proxy: yes

Proxy protocol: HTTP
Proxy host: proxy.netapp.com
Proxy port: 8080
Use username/password for proxy authentication: yes
Proxy username: proxyuser

Storage controller telnet host: or-321.lab.netapp.com

Storage controller telnet port: 23
Storage controller telnet username: rsa321

Storage controller HTTP host: or-321.lab.netapp.com

HTTP with SSL enabled: no
Storage controller HTTP port: 80
Storage controller HTTP username: rsa321
RLM or-321>

Example 2: If proxies are not enabled, then the output of remote support
command will not show proxy configuration details. A sample output is as
follows:
RLM or-321> rsa show
Remote Support Agent is enabled.

Remote Support Enterprise URL:

https://remotesupportagent.netapp.com/eMessage

Use proxy: no

26 Configuring Remote Support Agent

 Storage controller telnet host: or-231.lab.netapp.com
Storage controller telnet port: 23
Storage controller telnet username: rsa321

Storage controller HTTP host: or-321.lab.netapp.com

HTTP with SSL enabled: no
Storage controller HTTP port: 80
Storage controller HTTP username: rsa321
RLM or-063>

Displaying the You can use the rsa status command to print a status report for Remote
status report Support Agent.

Example: The following is sample output of the rsa status command.

RLM or-321> rsa status
Remote Support Agent is enabled.

Connection status:
Telnet : ok
HTTP : ok
RSE : ok

Support Information:
System ID : 0118041496
SEP entitlement : Entitled
Heartbeat check : every 5 minutes
RLM or-321>

You can use the -v option with the rsa status. This option is used for the
verbose mode. A sample output is as follows:
RLM or-321> rsa status -v
Remote Support Agent is enabled.

Connection status:
Telnet:
Status : ok
Last checked : 23:11 Apr 30 2008

HTTP:
Status : ok
Last checked : 23:11 Apr 30 2008

RSE:
Status : ok
Last checked : 23:11 Apr 30 2008

Chapter 2: Installing and configuring Remote Support Agent 27

 Support Information:
System ID : 0118041496
SEP entitlement : Entitled
Heartbeat check : every 5 minutes

Recent activity:
Directory listing:
Status : Success
Start : 23:11 Apr 30 2008
Completion : 23:11 Apr 30 2008

Note
You should run the rsa status command each time you make a configuration
change in Remote Support Agent to make sure everything is working correctly.

For more information about the command usage and options, see “Command
Reference” on page 41.

28 Configuring Remote Support Agent

Remote Support Enterprise User Interface 3
About this chapter This chapter describes how you can view your Remote Support Agent monitored
storage controllers using the NOW site.

Topics in this This chapter includes the following topics:

chapter ◆ “Accessing and using the Remote Support Enterprise portal” on page 30

Chapter 3: Remote Support Enterprise User Interface 29

Accessing and using the Remote Support Enterprise portal

Remote Support The Remote Support Enterprise UI provides status information of your Remote
Enterprise user Support Agent monitored storage controllers. It also provides an audit history of
interface the actions performed on these storage controllers by the NetApp support.

Accessing the You can access the Remote Support Enterprise UI from the portal on the NOW
Remote Enterprise site.
portal

30 Accessing and using the Remote Support Enterprise portal

 As a customer you have access to the read only view of the Remote Support
Enterprise using the NOW site. The read only view allows you to view all your
storage controllers that are registered with the Remote Support Enterprise.

To access the NOW login page you need a valid account on the NOW site. Once
you have an account you can access the Remote Support Enterprise by navigating
through the NOW site. The following illustration shows the link to click in the
My NetApp Products section of the site. Select My Installed Products link to
navigate to the Remote Support Enterprise portal.

Chapter 3: Remote Support Enterprise User Interface 31

 The following illustration displays the NOW installed products page.

32 Accessing and using the Remote Support Enterprise portal

 The following illustration shows the Remote Support Enterprise home page.

To navigate to the services page, click Service link on the top right corner of the
Remote Support Enterprise home page.

Chapter 3: Remote Support Enterprise User Interface 33

 The following illustration shows the Remote Support Enterprise service page.

34 Accessing and using the Remote Support Enterprise portal

 The following illustration shows the Remote Support Enterprise device page.

NetApp Controller This section of the UI provides information about NetApp storage controller. The
Summary following table describes the items that are displayed.

Field Description

Host name Host name of the storage controller

System ID System ID of the storage controller

Model Model of the storage controller

Chapter 3: Remote Support Enterprise User Interface 35

 Field Description

Status The controller status can have the

following three values:
◆ Online
◆ Offline
◆ Unknown (Remote Support
Agent disabled)

ASUP Status Displays whether AutoSupport is

configured on the storage controller
or not.

Customer Displays the name of the customer

Remote Support The Remote Support Agent Configuration Summary panel provides an overview
Agent of the Remote Support Agent configuration and status. The following table
Configuration describes the fields that are displayed.
Summary
Field Description

Firmware version The version number of your RLM

firmware

Status Displays the Remote Support Agent

status. It can have the following two
values:
◆ Good
◆ Missing or Disabled

Ping Rate Displays how often the agent is

connecting with the Remote Support
Enterprise

Security Policy Setting Displays whether Remote Support

Agent is enabled or disabled

36 Accessing and using the Remote Support Enterprise portal

 Field Description

Last Contact Displays the time when Remote

Support Agent last connected with
the Remote Support Enterprise.
If the Remote Support Agent loses
contact for more than 8 hours, a case
is opened with NetApp technical
support.

Audit Log The audit log provides a record of all the actions performed on a storage
controller by a NetApp Technical Support Engineer for the last six months.

Chapter 3: Remote Support Enterprise User Interface 37

38 Accessing and using the Remote Support Enterprise portal
Remote Support Agent Advanced Commands 4
This chapter provides details of the various Remote Support Agent commands
including, their usage and options. Following are the commands covered in this
chapter:
◆ “help command” on page 39
◆ “setup command” on page 43
◆ “show command” on page 47
◆ “test command” on page 49
◆ “status command” on page 51

help command You can use the rsa help command to print usage information about the rsa
command. The following table gives the usage and parameters of the rsa help
command.

Command rsa <ACTION> [GROUP [GROUP_OPTIONS ...]]

help

Description You can use the rsa help command to print usage
information about the rsa command. The rsa help
command without any ACTION, GROUP, or
GROUP_OPTIONS specified prints the help menu.

Chapter 4: Remote Support Agent Advanced Commands 39

 Parameters ACTION: You can specify an ACTION parameter to view
the usage of a particular action, that is, a command.

An ACTION parameter can be one of the following:

◆ setup—Set up remote support configuration
interactively. Use rsa setup help for additional
options.
◆ show—Displays current remote support configuration.
Use rsa show help for additional options.
◆ test—Tests current remote support configuration. Use
rsa test help for additional options.
◆ status—Prints remote support status. Use rsa status
help for additional options.
◆ help—Prints the help menu.

Note
The GROUP and GROUP_OPTION parameters are the
parameters of the respective ACTION (command).

40 Remote Support Agent Advanced Commands

 Example 1 To print the help menu, run the following command:
RLM or-321> rsa setup help
USAGE:
rsa setup [<GROUP> [GROUP_OPTIONS...]]
DESCRIPTION:

"rsa setup" without any additional parameters

starts an interactive session to configure the
Remote Support Agent. Additionally, a GROUP
parameter can be provided to restrict the
interactive session to a particular group. If non-
interactive configuration is desired, then both
GROUP and GROUP options must be used.

GROUP:

proxy Selects the proxy group parameters

for configuration. Without any additional
GROUP_OPTIONS an interactive session to configure
proxy group parameters is started.

telnet Selects the Storage Controller

telnet group parameters for configuration. Without
any additional GROUP_OPTIONS an interactive session
to configure Storage Controller telnet group
parameters is started.

http Selects the Storage Controller HTTP

group parameters for configuration. Without any
additional GROUP_OPTIONS an interactive session to
configure http group parameters is started.

rse Selects the Remote Support

enterprise (RSE) group. RSE support URL can be
configured using appropriate options. The privilege
level must be set to "advanced" before this group
can be used.
policy Selects the policy group. Remote
Support Agent policy can be configured using
appropriate options.

Chapter 4: Remote Support Agent Advanced Commands 41

 GROUP_OPTIONS:

-hostname HOSTNAME Valid only if GROUP is one of

proxy, telnet or http. In each case, HOSTNAME
provides the hostname or ipaddress of the proxy
server, Storage Controller telnet server or the
Storage Controller http administrative server.

-port PORT Valid only if GROUP is one of

proxy, telnet or http. In each case PORT should be
corresponding port number. Valid port numbers are
between 0 and 65535.

-username USERNAME Valid only if GROUP is one of

proxy, telnet or http. In each case, USERNAME is
the corresponding username to be used.

-password PASSWD Valid only if GROUP is one of

proxy, telnet or http. In each case, PASSWD is the
password that combines with the corresponding
username. To use an empty password, use the -
password option without a value for the PASSWD
argument.

-enterprise URL Valid only if GROUP is rse. URL

is the Remote Support Enterprise URL.

-enable {yes/no} Valid only if GROUP is proxy or

policy. Enables or disables proxy use and Remote
Support Agent respectively.

RLM or-321>

42 Remote Support Agent Advanced Commands

 Example 2 To view the usage of the rsa show command, run the
following command:

RLM toaster> rsa show help

Sample output of the command is as follows:

USAGE:

rsa show [<GROUP>]

GROUP if used, can be exactly one of the following:

proxy Display proxy configuration parameters
telnet Display telnet configuration parameters
http Display http configuration parameters
rse Display rse configuration parameters
policy Display policy configuration

Example 3 To view the usage of the rsa setup proxy command,

enter the following command:

RLM toaster> rsa setup proxy help

Sample output of the command is as follows:
<need to include a sample output here>

setup command You can use the rsa setup command to configure the Remote Support Agent.
The following table gives the usage and parameters of the setup command.

Command rsa setup [<GROUP> [GROUP_OPTIONS...]]

Description You use the rsa setup command to configure Remote

Support Agent. If you use the rsa setup command without
any additional GROUP or GROUP_OPTIONS parameters, it
starts an interactive session to configure various remote
support parameters.

Chapter 4: Remote Support Agent Advanced Commands 43

 Parameters GROUP: A GROUP parameter can be provided to restrict the
interactive session to a particular group.
A GROUP parameter can be one of the following:
◆ proxy—Selects the proxy group parameters for
configuration. Without any additional GROUP_OPTIONS
an interactive session to configure proxy group parameters
is started.
◆ telnet—Selects the storage controller telnet group
parameters for configuration. Without any additional
GROUP_OPTIONS an interactive session to http—
Selects the HTTP group parameters for configuration. If
you do not specify any additional GROUP_OPTIONS, an
interactive session to configure HTTP group parameters is
started.
◆ rse—Selects the group Remote Support Enterprise group.
Remote Support Enterprise support url can be configured
using appropriate options. The privilege level must be set
to advanced before this group can be used.
◆ policy—Selects the Policy group. You can enable and
configure Remote Support Agent using the appropriate
options.
◆ http - Selects the http group parameters for configuration.
Without any additional GROUP_OPTIONS an interactive
session to configure proxy group parameters is started.

44 Remote Support Agent Advanced Commands

 GROUP_OPTIONS: If you prefer non-interactive
configuration, you must use both GROUP and GROUP options
must be used.
◆ -hostname HOSTNAME—Valid only if GROUP is one of
proxy, Telnet, or HTTP. In each case, HOSTNAME
provides the host name or IP address of the proxy server,
storage controller Telnet server, or storage controller
HTTP server.
◆ -port PORT—Valid only if GROUP is one of proxy,
Telnet, or HTTP. In each case, PORT should be the
corresponding port number. Valid port numbers are
between 0 through 65535.
◆ -username USERNAME—Valid only if GROUP is one of
proxy, Telnet, or HTTP. In each case, USERNAME is the
corresponding user name to be used.
◆ -password PASSWD—Valid only if GROUP is one of
proxy, Telnet, or HTTP. In each case, PASSWD is the
password that combines with the corresponding user
name.
◆ -ssl [yes/no] - Valid only if GROUP is http. If set to
yes, https protocol is used. If set to no, http protocol is
used.
◆ -credentials [yes/no] - Valid only GROUP is proxy. If
set to yes, proxy username and password are used.
Otherwise no proxy username and password are used.
◆ -enterprise URL - Valid only if GROUP is rse. URL is
the Remote Support Enterprise url.
◆ -enable [on/off]—Valid only if GROUP is proxy or
Policy. Enables or disables proxy support and Remote
Support Agent, respectively.

Chapter 4: Remote Support Agent Advanced Commands 45

 Example 1 To change only the HTTP group parameters, use the following
command:

RLM or-186> rsa setup http

Enter the HTTP host name or ip-address of your
storage controller []: Invalid input. Please try
again
Enter the HTTP host name or ip-address of your
storage controller []: or-186.lab.netapp.com
Do you want to use HTTP with SSL? [yes]:
Enter HTTPS port number [443]:
Enter HTTP username []: http_user
Enter HTTP password:

Do you want to commit configuration changes entered

above? [yes]:
Committing configuration changes... done
RLM or-186>

Note
Similarly, you can use the proxy and telnet group argument to
configure the proxy and Telnet group parameters.

Example 2 To change Remote Support Enterprise URL, run the following

command:

RLM or-321*> rsa setup rse

Configuring Remote Support Enterprise information.
Current Remote Support URL is
https://remotesupportagent.netapp.com/eMessage.
To restore to the default value of
https://remotesupportagent.netapp.com/eMessage,
just press the return key. Enter URL for Remote
Support (or press return)
[https://remotesupportagent.netapp.com/eMessage]:
https://remotesupportagent.netapp.com/eMessage
Do you want to commit configuration changes entered
above? [yes]:
Committing configuration changes... done
Remote Support Agent is enabled.
RLM or-321*>

46 Remote Support Agent Advanced Commands

 Example 3 To change the proxy information in a non-interactive manner,
run the following command:
RLM toaster> rsa setup proxy -hostname 10.56.0.1
-port 6060 -user proxy_user -password
proxy_password

Example 4 To change the proxy user name and password only, run the
following command:
RLM toaster> rsa setup proxy -username
new_proxy_user -password new_proxy_password

show command You can use the rsa show command to view the current remote support
configuration. The following table gives the usage and parameters of the show
command.

Command rsa show [<GROUP>]

Description You can use the rsa show command to view the current
remote support configuration. If you use the rsa show
command without any additional GROUP parameters, it
displays all the remote support configurations.

Parameters GROUP: A GROUP parameter can be used to view the

configuration of a particular item.
A GROUP parameter can be one of the following:
◆ proxy — Displays proxy configuration parameters.
◆ telnet — Displays Telnet configuration parameters.
◆ http — Displays HTTP configuration parameters.
◆ rse — Displays Remote Support Enterprise configuration
parameters.
◆ policy — Displays the policy configuration.

Chapter 4: Remote Support Agent Advanced Commands 47

 Example 1 rsa show can be used to print out the current remote support
configuration.
RLM or-321> rsa show
Remote Support Agent is enabled.
Remote Support Enterprise URL:
https://remotesupportagent.netapp.com/eMessage

Use proxy: yes

Proxy protocol: HTTP
Proxy host: proxy.netapp.com
Proxy port: 8080
Use username/password for proxy authentication: yes
Proxy username: proxyuser

Storage controller telnet host: or-

321.lab.netapp.com
Storage controller telnet port: 23
Storage controller telnet username: rsa321

Storage controller HTTP host: or-321.lab.netapp.com

HTTP with SSL enabled: no
Storage controller HTTP port: 80
Storage controller HTTP username: rsa321
RLM or-321>

48 Remote Support Agent Advanced Commands

 Example 2 If proxies are not enabled, then the output of remote support
command will not show proxy configuration details.

RLM or-321> rsa show

Remote Support Agent is enabled.

Remote Support Enterprise URL:

https://remotesupportagent.netapp.com/eMessage

Use proxy: no

Storage controller telnet host: or-

231.lab.netapp.com
Storage controller telnet port: 23
Storage controller telnet username: rsa321

Storage controller HTTP host: or-321.lab.netapp.com

HTTP with SSL enabled: no
Storage controller HTTP port: 80
Storage contr

Note
Similarly, you can use the HTTP, Telnet, and policy group
arguments to view the corresponding configuration
parameters.

test command You can use the rsa test command to test the HTTP, Telnet, and proxy or
enterprise connections. The following table gives the usage and parameters of the
test command.

Command rsa test [<GROUP>]

Description You can use the rsa test command to test the HTTP,
Telnet, and proxy or enterprise connections. The rsa test
command without any GROUP parameter tests all the
connections.

Chapter 4: Remote Support Agent Advanced Commands 49

 Parameters GROUP: You can use a GROUP parameter to test and view
the result of a particular item.

A GROUP parameter can be one of the following:

◆ telnet— Test the storage controller telnet connection.
◆ http— Test the storage controller HTTP connection.
◆ rse — Test Remote Support Enterprise connection.

Example 1 If the system is in a healthy condition, Remote Support Agent

passes all the tests.

RLM or-321> rsa test

Testing storage controller telnet connection..... ok
Testing storage controller HTTP connection....... ok
Testing Remote Support Enterprise connection..... ok
All configuration tests passed.
RLM or-321>

Example 2 If Remote Support Agent is not enabled, the test command

prints a message saying that Remote Support Agent is not
enabled.

RLM or-321> rsa test

The Remote Support Agent has not been enabled.
Please run "rsa setup" command to enable the Remote
Support Agent.
RLM or-321>

Example 3 Example output when Telnet and HTTP tests failed because of
an unresponsive server or faulty hostname configuration.

RLM or-321> rsa test

Testing storage controller telnet connection..... ok
Testing storage controller HTTP connection... failed
HTTP operation timeout
Testing Remote Support Enterprise connection..... ok
One or more configuration tests failed.
RLM or-321>

50 Remote Support Agent Advanced Commands

 Example 4 Example output when telnet and HTTP tests failed because of
a bad username/password combination.

RLM or-321> rsa test

Testing storage controller telnet connection..... ok
Testing storage controller HTTP connection... failed
HTTP error 401 - invalid username or password
Testing Remote Support Enterprise connection..... ok
One or more configuration tests failed.
RLM or-321>

Example 5 Example output when proxy connection fails due to an non-

responding server or an incorrect hostname.

RLM or-321> rsa test

Testing storage controller telnet connection..... ok
Testing storage controller HTTP connection....... ok
Testing Remote Support Enterprise connection. failed
Unknown host
One or more configuration tests failed.
RLM or-321>

Example 6 Example output when the Remote Support Agent is not able to
contact the Remote Support Enterprise.

RLM or-321> rsa test

Testing storage controller telnet connection..... ok
Testing storage controller HTTP connection....... ok
Testing Remote Support Enterprise connection. failed
Unknown host
One or more configuration tests failed.
RLM or-321>

status command You can use the rsa status command to print out a status report for Remote
Support Agent. The following table gives the usage and parameters of the
status command.

Command rsa status [OPTIONS]

Description You can use the rsa status command to print out a
status report for Remote Support Agent.

Chapter 4: Remote Support Agent Advanced Commands 51

 Parameters -v — If verbose mode is chosen, a more detailed connection
status report for each connection is generated. Recent activity
on the Remote Support Agent is also shown.

Example RLM or-321> rsa status -v

Remote Support Agent is enabled.

Connection status:
Telnet:
Status : ok
Last checked : 23:11 Apr 30 2008

HTTP:
Status : ok
Last checked : 23:11 Apr 30 2008

RSE:
Status : ok
Last checked : 23:11 Apr 30 2008

Support Information:
System ID : 0118041496
SEP entitlement : Entitled
Heartbeat check : every 5 minutes

Recent activity:
Directory listing:
Status : Success
Start : 23:11 Apr 30 2008
Completion : 23:11 Apr 30 2008

RLM or-321>

52 Remote Support Agent Advanced Commands

Troubleshooting 5
About this chapter This chapter provides information about the various Remote Support Agent error
messages and the corrective actions you can take.

Topics in this This chapter includes the following topics:

chapter ◆ “Troubleshooting Remote Support Agent Errors” on page 54
❖ “Storage Controller Telnet Connection Errors” on page 54
❖ “Storage Controller HTTP Connection Errors” on page 57
◆ “Troubleshooting Remote Support Enterprise Problems” on page 61

Chapter 5: Troubleshooting 53
Troubleshooting Remote Support Agent Errors
Storage Controller Telnet Connection Errors

The storage controller telnet connection requires that options

telnet.distinct.enable and telnet.enable be set to on. Ensure that these
options are set appropriately.

Option Problem: The storage controller does not have telnet.distinct.enable

telnet.distinct.ena option turned on.
ble is not on
Resolution: From the storage controller command line run options
telnet.distinct.enable on. Verify that the output of options
telnet.distinct.enable shows that the option is set to on.

Connect - cannot Problem: The Remote Support Agent is not able to connect to the storage
connect to host controller telnet host. The possible reasons may be:

1. The telnet hostname is configured incorrectly

2. The storage controller is not available

Resolution: Use rsa setup command to configure the correct storage

controller hostname. Then verify by using the rsa show command. This should
resolve the incorrect hostname problem.

Telnet login - Problem: Possible reasons for this error may be that option trusted.hosts
access denied does not contain RLM's IP address

Resolution: Login to the storage controller command line. Run options

trusted.hosts command to ensure that the value has RLM's IP address.

Telnet login - Problem: Telnet username or password is configured incorrectly.

invalid username or
password Resolution:

1. Use rsa setup command to configure the telnet username and password.

54 Troubleshooting
 2. Ensure that the username that you use is a valid user on the storage controller
with administrative privileges.

Remote Support Problem: The Remote Support Agent is not enabled.

policy not enabled
Resolution: Run rsa setup command to enable the Remote Support Agent.

Connect - invalid Problem: Following may be the problems:

host name or IP
address 1. DNS resolver is not configured correctly in the storage controller.

2. The hostname or IP address of the Storage Controller is incorrect or invalid.

Resolution:

1. Verify that DNS is properly configured in the storage controller.

2. Run the rsa show command to verify Storage Controller telnet hostname.

3. If it is incorrect, run rsa setup and configure the correct hostname or IP

address for the storage controller telnet connection.

Telnet login - too Problem: Another telnet session is open to the storage controller.
many logins error
Resolution: Close the other telnet session to the storage controller, and run rsa
test telnet again.

Telnet login - Problem: The storage controller password policy indicates that the password
password expired has expired and needs to be changed.

Resolution:

1. Make necessary changes to the storage controller password or policy.

2. Run rsa setup to configure the updated password for the storage controller
telnet connection.

System Id does not Problem: The hostname or IP address provided to the Remote Support Agent
match configuration belongs to a different storage controller.

Chapter 5: Troubleshooting 55
 Resolution: Run the rsa setup to correctly configure the storage controller
telnet hostname.

Telnet health check Problem: The telnet health check interface is currently busy.
interface busy
Resolution: No recovery action is needed. The Remote Support Agent will
recover automatically in a few minutes.

56 Troubleshooting
Troubleshooting Remote Support Agent Errors
Storage Controller HTTP Connection Errors

The storage controller HTTP connection requires that options

httpd.admin.enable and httpd.autoindex.enable be set to on. Verify that
these options are set appropriately.

Cannot connect to Problem: Cannot open HTTP connection to the storage controller. The possible
host reasons may be:

1. The Storage Controller is offline.

2. The Storage Controller HTTP hostname is incorrectly configured.

Resolution:

1. Verify that the storage controller HTTP hostname is configured correctly by

running rsa show.

2. If Storage Controller hostname is incorrect, update using the rsa setup

command.

3. Confirm that the Storage Controller is online.

Cannot resolve Problem: The hostname provided for storage controller HTTP connection is not
hostname correct.

Resolution:

1. Verify that the Storage Controller HTTP hostname is configured correctly by

running rsa show.

2. If Storage Controller hostname is incorrect, update using the rsa setup

command.

HTTP operation Problem: The possible reason for this error may be:
timeout
1. The HTTP connection is very busy.

2. The Storage Controller is offline.

Chapter 5: Troubleshooting 57
 Resolution: Ensure that the storage controller is online. If the storage controller
is online and rsa test command fails with this error message, then the HTTP
connection must be busy with file transfer activity. In this case, no recovery steps
are needed.

FilerView hostname Problem: The hostname or IP address provided for the storage controller HTTP
does not match connection failed validation check. The system name returned by na_admin page
configuration does not match with RLM stored configuration of Data ONTAP.

Resolution:

1. Run rsa setup to provide the correct storage controller HTTP hostname or IP
address.

2. Run rsa show to verify that Storage Controller HTTP hostname or IP address
are configured correctly.

HTTP error 403 - Problem: The username configured for the storage controller HTTP connection
access denied does not have administrative privileges.

Resolution: Ensure that the user configured at the Remote Support Agent,
belongs to the Administrators group on the storage controller.

HTTP error 503 - Problem: The na_admin page on the storage controller is not available.
resource
unavailable Resolution: Ensure that the following options are set as shows:

1. option httpd.admin.access should satisfy one of the following:

a. Contain the RLM's hostname or IP address

b. Set to *

c. Set to legacy

2. If httpd.admin.access is set to legacy then, option trusted.hosts should

satisfy the following:

a. Contain the RLM's hostname or IP address.

b. Set to *

If using SSL, then SSL should be setup on the storage controller and the option
httpd.admin.ssl.enable should be set to on

58 Troubleshooting
HTTP error 401 - Problem: The username or password configured for storage controller HTTP
invalid username or connection is incorrect.
password
Resolution: run rsa setup to configure the correct username and password.

HTTP version not Problem: The storage controller runs an incompatible version of software.
supported by host
Resolution: Ensure that the storage controller is using a Remote Support Agent
compatible software release.

HTTP health check Problem: The HTTP health check interface is busy.
interface busy
Resolution: No recovery action is needed. The Remote Support Agent will
recover automatically in a few minutes.

Chapter 5: Troubleshooting 59
Troubleshooting Remote Support Agent Errors
Remote Support Enterprise Connection Errors

Remote Support Problem: The Remote Support Agent policy is not enabled.
Policy is disabled
Resolution: Run rsa setup to enable the Remote Support Agent.

RSE or Proxy Problem: Proxy information is configured incorrectly.

configuration is
not valid Resolution: 1. Run rsa setup to enter correct proxy information.

2. Run rsa show to verify that correct proxy information is configured.

Waiting for RLM time Problem: The RLM did not get time from the storage controller yet.
to be set
Resolution: Ensure that the storage controller is online. If the storage controller
is already online then other recovery steps are not needed.

The test should pass once RLM gets time from the storage controller (usually
takes a couple of minutes).

RSE health check Problem: Following may be the problem:

interface busy
1. Remote Support Enterprise is not responding, or returns incorrect status or its
URI is invalid.

2. Remote Support Agent is in the middle of a file upload.

Resolution: No recovery steps are needed. The Remote Support Agent will
recover automatically in a few minutes.

Unknown host Problem: DNS resolver is not configured correctly in the storage controller.

Resolution: Verify that DNS is properly configured in the storage controller.

60 Troubleshooting
Troubleshooting Remote Support Enterprise Problems
Remote Support Enterprise problems

Unable to login to Problem: User does not have a NOW login or the username or password is
NOW incorrect.

Resolution: Follow the instructions at http://now.netapp.com to either create a

login or retrieve forgotten username or password.

Remote Support Problem: Your company does not have SEP entitlement.
link not visible on
the NOW site Resolution: Contact your NetApp sales representative to obtain SEP
Entitlement

Cannot see storage Problem: Storage controller may not be entitled or storage controller may not
controller in the list be on record with NetApp.

Resolution:

1. Log into the RLM of the storage controller of interest and issue the rsa
status command.

2. If the value of the SEP Entitlement field is:

a. Uninitialized: This storage controller has not successfully registered

with NetApp. Ensure health checks are completing successfully.
Contact NetApp Support for technical assistance.

b. Unknown: This storage controller is not on record with NetApp.

Contact NetApp Support to check product records.

c. Not Entitled: This storage controller is not correctly entitled. Contact

your NetApp sales representative to purchase SEP Entitlement.

d. Entitled: This storage controller has successfully registered with

NetApp and is correctly entitled. Contact NetApp Support if you are
unable to view this storage controller.

Chapter 5: Troubleshooting 61
Storage controller Problem: NetApp storage controller records are incorrect.
site, company, or
name information is Resolution: Contact NetApp Support to correct storage controller information.
incorrect.

Fields in NetApp Problem: Remote Support Enterprise is not receiving the correct information
Controller Summary from the Remote Support Agent.
are incorrect.
Resolution: Contact NetApp Support.

Fields in Remote Problem: The Remote Support Enterprise is not receiving the correct
Support Agent information from the Remote Support Agent.
Configuration
Summary are Resolution: Contact NetApp Support.
incorrect.

62 Troubleshooting
Disabling Remote Support Agent A
You can use the rsa setup command to disable the remote support functionality.
If you do this, the Remote Support Agent's policy is modified. All other
configurations remain the same.

Note
To reconfigure the Remote Support Agent, follow the instructions given in
“About the RLM command-line interface” on page 22.

Example: The following is a sample session where the remote support

functionality is disabled.
RLM or-321> rsa setup
The Remote Support Agent improves your case resolution time and
minimizes your manual support overhead.

Would you like to enable Remote Support Agent? [yes]: no

Disabling the Remote Support Agent may increase your case resolution
time and your ability to receive remote support.

Do you want to commit configuration changes entered above? [yes]:

Committing configuration changes... done
Remote Support Agent is disabled.
RLM or-321>

Appendix A: Disabling Remote Support Agent 63

64 Disabling Remote Support Agent
Remote Support Agent Quick Start B
Step 1: Pre- Ensure Remote Support Agent satisfies your security policies for Internet access.
Deployment ◆ Opens a secure 128-bit SSL outbound connection to NetApp Support.
Checklist
◆ Target URL: https://remotesupportagent.netapp.com and port 443.

The Remote Support Agent is a feature of RLM firmware. Ensure the following
on your FAS or V3000/6000 Storage Controller:
◆ Controller has SupportEdge Premium entitlement.
◆ RLM is installed and configured:
toaster> rlm setup
◆ RLM can send a test AutoSupport message:
toaster> options autosupport.to <email addr>
toaster> options autosupport.mailhost <SMTP server>
toaster> rlm test autosupport

Step 2. Upgrade Download the latest RLM firmware from

RLM Firmware http://now.netapp.com/NOW/download/tools/rlm_fw/ and upgrade the RLM
using the Data ONTAP console or RLM CLI.

Note
Do not use a Data ONTAP telnet/rsh session to upgrade RLM firmware.

toaster> software install http://web_server_name/path/

RLM_FW.zip -f
toaster> rlm update
toaster> rlm status

Step 3. Prepare Configure FilerView, Telnet, DNS name resolution, and AutoSupport.
Storage Controller
Option Value

httpd.admin.enable on

httpd.autoindex.enable on

telnet.enable on

telnet.distinct.enable on

Appendix B: Remote Support Agent Quick Start 65

 ◆ If options httpd.admin.access, or telnet.access, or
trusted.hosts are used to control access, add the RLM's IP address.
◆ Create an administrator account for use by Remote Support Agent:
toaster> useradmin user add <username> -g
Administrators

Step 4. Gather Network Information:

Information ◆ Proxy configuration (if required to access Internet) - proxy IP address, type
(SOCKS/HTTP), username and password.

Data ONTAP Information:

◆ Telnet interface IP address, port number, username, and password.
◆ FilerView HTTP or HTTPS IP address, port number, username, and
password.

Step 5. Connect to RLM using SSH:

Configuration
% ssh naroot@RLM-IP-Address

Verify RLM is using latest firmware:

RLM toaster> version

Use the rsa setup command to start an interactive configuration session.

Answer yes when prompted to test the configuration.

RLM toaster> rsa setup

Use the rsa show command to view configuration.

RLM toaster> rsa show

Use the rsa status command to view the status of Remote Support Agent.

RLM toaster> rsa status

66 Remote Support Agent Quick Start

 Index

A R
Audit log 37 Remote data collection 5
AutoSupport 11 Remote Support Agent
configuring 18 configuring 16
generation 11 definition 3
option autosupport.mailhost 19 disabling 63
option autosupport.to 19 features 5
test 65 overview 3
requirements 14
Remote Support Agent Commands
C rsa help 39
Core file rsa show 47
access 20 rsa status 51
handling 5 rsa test 49
security 10 Remote Support Architecture 6
Remote Support Enterprise
access 30
D definition 7
DNS 17 device page 35
home page 33
F NetApp Controller Summary 35
Remote Support Agent Configuration
Firewall 14
Summary 36
service page 34
H troubleshooting 60
HTTP(S) RLM 19
configuration 20
errors 57 S
Security
N assurance 9
NetApp Professional Service Engineer 2 features 8
NetApp Technical Support Engineer 2 policies 9
NOW website 2 Service processor 2
Storage Controllers
definition vii
P notification 5
Password 10, 15 preparation 65
Proxy requirements 14
configuration 25
preparation 66
servers 14

Index 67
T U
Telnet User
configuration 20 configuration 21
errors 54
Telnet Connection Errors 54
Troubleshooting 53

68 Index