About Tunnel servers
Review information about the purpose and use of Tunnel servers.
Tunnels carry UDP messages over a TCP connection. A Tunnel server consists of both a Tunnel Forwarder and a Tunnel Receiver.
- A Tunnel Forwarder forwards validation requests from outside your network firewall to your Validation server. For example, if your VPN gateway resides in your DMZ, you can configure a Tunnel Forwarder in the DMZ to send validation requests to a Tunnel Receiver inside your firewall. A Tunnel Forwarder accepts UDP requests to send data over a TCP connection to a Tunnel Receiver.You can configure a Tunnel Forwarder to connect in one of two ways:
- Tunnel Forwarder/Receiver (direct connection): Configure a Tunnel Forwarder to route requests to the validation server from your VPN gateway or other applications you choose to enable with VIP.
- Tunnel through a proxy web server: Add a proxy web server between the Tunnel Forwarder and Tunnel Receiver. VIP Enterprise Gateway only supports proxy servers using Anonymous or Basic Authentication.
- A Tunnel Receiver receives TCP data from a Tunnel Forwarder and sends it over UDP to the Validation server for processing. Then, the Tunnel Receiver sends the Validation server response back to the Tunnel Forwarder over TCP.
You can associate multiple Tunnel Receivers with a single Tunnel Forwarder (for example, for failover); however, each Tunnel Forwarder must have at least one unique Tunnel Receiver. The settings that you use when setting up the Tunnel Receiver must match the setting that you use when setting up the Tunnel Forwarder.
From the
Tunnel Server
page of the Validation
tab, you can perform the following actions:Action | See |
|---|---|
Create a Tunnel Forwarder. | |
Create a Tunnel Receiver. | |
Edit a Tunnel Forwarder or Tunnel Receiver. | |
Delete a Tunnel Forwarder or Tunnel Receiver. | |
Enable or disable a Tunnel Forwarder or Receiver. |