Defining Automatic Tunnels

On the Automatic Tunnels page, you can create listeners for local tunnels that are started automatically when the Connection Broker starts up. The actual tunnel is formed the first time a connection is made to the listener port. If the connection to the server is not open at that time, it will be opened automatically as well.

Defining automatic tunnels

Figure A.44. Defining automatic tunnels

When the Connection Broker starts, the list of the automatic tunnels is read, and the connection initiating applications will be matched to the rules defined here. The first setting that matches the connection will be used. The rules are evaluated from top down, and you can use the arrow buttons to organize the list.

Select Automatic Tunnels in the tree menu and click Add to open the Automatic Tunnel dialog box.

Adding a new automatic tunnel

Figure A.45. Adding a new automatic tunnel

  • Type: Select the type of the tunnel from the drop-down list. Valid choices are TCP and FTP.

  • Listen port: This is the number of the local port that the tunnel listens to, or captures. Do not use a reserved port number.


    The protocol or application that you wish to create the tunnel for may have a fixed port number (for example 143 for IMAP) that it needs to use to connect successfully. Other protocols or applications may require an offset (for example 5900 for VNC) that you will have to take into an account.

  • Allow local connections only: Leave a check mark in this box if you want to allow only local connections to be made. This means that other computers will not be able to use the tunnel created by you. By default, only local connections are allowed. This is the right choice for most situations. You should carefully consider the security implications if you decide to also allow outside connections.

  • Destination host: This field defines the destination host for the port forwarding. The default value is localhost.


    The value of localhost is resolved by the Secure Shell server, so here localhost refers to the Secure Shell host you are connecting to.

  • Destination port: The destination port defines the port that is used for the forwarded connection on the destination host.

  • Tunnel using profile: Select the server to use for the tunnel.

To edit a automatic tunnel, select a tunnel from the list and click Edit.

To delete a automatic tunnel, select a tunnel from the list and click Delete.

For more information on tunneling, see Local Tunnels.