User manual
Virtual Private Networking
226
SSL Tunnels are port tunnels that send data using an encrypted SSL pipe. In order to
use an SSL tunnel, you must first install an SSL certificate using the Upload SSL
Certificates page or the Create SSL Certificates page; see the Upload SSL certificates
and Create SSL certificates sections of the chapter entitled Firewall. SSL tunnels can be
useful for encrypting TCP services that are by themselves unencrypted, such as a telnet
or FTP session.
The end of the port tunnel that is offering the TCP service (such as a telnet or FTP
server) must be configured as a Tunnel Server. The end of the port tunnel that is
accessing the TCP service must be configured as a Tunnel Client.
Tunnel server
A tunnel server accepts connections on Tunnel Port from a host on the Internet, and
forwards them over the Data Port to the Data Server.
Click Port Tunnels from the VPN section of the main menu. Select either HTTP Tunnel
Server or SSL Tunnel Server and click Add.
Enter a descriptive Name for this tunnel server. Check Enable.
In Data Server, enter the IP address of the local server that is offering the TCP service,
such as a local mail or FTP server. In Data Port, enter the port on which the TCP
service is running. Incoming requests from hosts on the remote end of the tunnel are
forwarded to this IP address and port.
In Tunnel Port, Enter the TCP port on which to listen for connections from the client.
This must match the tunnel client’s Tunnel Port.
•
The following fields are displayed for HTTP Tunnel Server only:
If necessary, you may specify the Content Length to use in HTTP PUT requests. You
may also set Strict Content Length to force this Content Length for all requests.
You may specify a Maximum Age for connections, after which the connection is closed,
and a Keep Alive interval, the interval at which to send keep alive bytes to keep the
connection open.
•
The following field is displayed for SSL Tunnel Server only: