Skip to main content
Version: Archive

Create a Tunnel

Summary

DxOdyssey utilizes TCP micro-tunnels to communicate between gateway members. The following steps guide the user through the creation of a tunnel and adding clients to the tunnel.

Information

Below are instructions for creating a tunnel to an application on a gateway:

  1. Select Tunnel Manager from the list at the top left, then select Add Tunnel at the bottom left above Advanced Settings. The Tunnel Management window will appear.

    Tunnel name

  2. Create a unique name for the tunnel.

  3. In the destination section, there are three fields that need to be completed:

    • Gateway Name: The name of the gateway that has access to the application.

    • Target Host/IP: The IP address or hostname of the server that the gateway will forward tunnel traffic to. This will be the IP address of the application server.

    • Target Port: The TCP port the application is listening on.

    info

    The host/IP and port combination is the location within the destination gateway's network that tunnel traffic will be sent to, and the destination gateway directs tunnel traffic to that IP address. In the picture above, the destination gateway IANPC is directing tunnel traffic to a SQL server instance on the local network with a static IP of 10.1.201.188 that is listening on port 5000. If the SQL server instance was located on the destination gateway, 127.0.0.1 (loopback) could be used instead of a hostname or static IP.

  4. There are three fields in the origin section that are required and one optional section. Click Add Row to add an origin:

    • Name: The name of the origin gateway.

    • NetworkAddress: The address the origin gateway will listen on.

    • ListeningPort: The port the origin gateway will listen on.

    • SourceFilter: Determines what machines are allowed to connect to the tunnel. Leaving this field empty means no source filter is applied.

      Tunnel management

After selecting OK, the tunnel configuration is complete. By using the wildcard address 0.0.0.0 as the origin's network address, any machine can connect to the application if they can connect to the origin. Access to the SQL instance may be restricted by adding a source filter to the origin.

Optional: Adding Clients to a Tunnel

  1. From the tunnel manager screen, select the tunnel to be configured for client access and click the Manage Clients box at the bottom of the screen.

  2. Select Add client in the top right corner of the Tunnel Management window.

  3. A list of clients will appear. Select the client(s) to be added to the tunnel. Shift and ctrl may be used to select more than one client.

  4. At the bottom of the window there are boxes for an IP address and port. The IP address and port combination is what the client will use to connect to a gateway in the gateway group. Generally, the IP address used will be the client's loopback address and the port will be whatever port the network administrator wants the client to use for the connection.

    info

    The ephemeral (unassigned) port range in Windows is 49152-65535, but any port may be used for the client connection as long as it doesn't conflict with other port assignments on the client's machine.

    Add a client

  5. Click Add Selected, which will close the Client Search window. If all clients have been added, select Submit in the bottom right corner of the tunnel management window. This will save your selections and allow the client to access the tunnel.