A generic tunnel is made up of multiple SSL tunnels that forward the TCP traffic of the remote service. The local port used by the SSL tunnel can be configured statically or chosen by the SSL VPN service when the SSL tunnel is enabled. Make sure that you do not have any local services listening on the ports assigned to the SSL tunnels. You can only tunnel TCP connections.
Before You Begin
- Enable SSL VPN and CudaLaunch. For more information, see CloudGen Firewall Configuration for CudaLaunch.
- If you are assigning a fixed local port, verify that the port is not already in use.
Create a Generic Tunnel
- Go to CONFIGURATION > Configuration Tree > Box > Assigned Services > VPN > SSL VPN.
- Click Lock.
- In the left menu, click Generic Tunnels.
- Click + to add a Generic Tunnel. The Generic Tunnels window opens.
- Enter the Name.
- Click OK.
- Enter the Visible Name. This is the name used for this resource in the web portal and CudaLaunch.
- For each port you want to forward, click + to add an SSL Tunnel. The SSL Tunnel window opens.
- Enter the Name.
- Click OK. The SSL Tunnel window opens.
- Configure the SSL tunnel configuration:
- Server Host – Enter the IP address, hostname, or FQDN of your internal server.
- Application TCP Port – Enter the port the service on the internal server is listening on.
- Client Loopback TCP Port – Enter the local port the SSL tunnel listens on. Enter
0
for the firewall to select a random port.
- Click OK.
- (optional) To restrict access to this generic tunnel based on user groups, remove the * and click + to add Allowed User Groups.
- (optional) Click the Ex/Import button to import a Custom Icon.
(optional) To make this resource available only when enabled by super user groups:
Expand the Configuration Mode menu on the left, and select Switch to Advanced View.
Scroll down to the Dynamic Access section.
Select the Dynamic App check box.
Allow super user groups to enable, disable, or time-enable the resource.
Select the Allow Maximum/Minimum Time check boxes and restrict the maximum and minimum amount of time this resource can be time-enabled for.
- Click OK.
- Click Send Changes and Activate.
Tunnels in CudaLaunch
Tunnels are available only in CudaLaunch. To enable or disable the tunnel, go to the Tunnels tab and click the tunnel icon. The gray or green status icon shows the state of the tunnel.
State | Icon |
---|---|
Tunnel inactive | |
Tunnel active |