User manual

ManualsBrandsDigi ManualsSoftwareNetwork Router 90000566_H

191

192

193

194

195

196

197

198

199

200

set socket_tunnel

200 Chapter 2 Command Descriptions

set socket_tunnel

Devices

supported

This command is supported in all Digi Connect Family and Digi Cellular

Family products. It is not supported in ConnectPort Display products.

Purpose Configures a socket tunnel. A socket tunnel can be used to connect two

network devices: one on the Digi device server's local network and the

other on the remote network. This is especially useful for providing SSL

data protection when the local devices do not support the SSL protocol.

One of the endpoint devices is configured to initiate the socket tunnel. The

tunnel is initiated when that device opens a TCP socket to the Digi device

server on the configured port number. The Digi device server then opens a

separate connection to the specified destination host. Once the tunnel is

established, the Digi device server acts as a proxy for the data between the

remote network socket and the local network socket, regardless of which

end initiated the tunnel.

The socket tunnel feature is most useful for devices with two interfaces. It

could also be used as a connection proxy on a single-interface device,

such as the Digi Connect ME. One way the socket tunnel feature would be

very useful in a single interface device is when the device has the

capability to use specified keys, and other devices connected to it do not

have that capability. Using the socket tunnel feature, the device with the

key capability basically becomes a security gatekeeper for simple devices

that cannot use PKI certificates.

Required

Permissions

For Digi Connect products with two or more users, permissions must be set

to “set permissions s-socket-tunnel=read” to display socket tunnel settings,

and “set permissions s-socket-tunnel=rw” to display and change socket

tunnel settings, settings. See "set permissions" on page 157 for details on

setting user permissions for commands.

Syntax Configure a socket tunnel

set socket_tunnel [state={disabled|enabled}]

[timeout={0|seconds}] {0 is no timeout}

[from_hostname={name|ip address}

[from_port=port number]

[from_protocol={tcp|ssl}]

[to_hostname={name|ip address}]

[to_port=port number]

[to_protocol={tcp|ssl}]

Display current socket tunnel settings

set socket_tunnel