There are two types of tunnels that can be defined for application tunneling, local (outgoing) tunnels and remote (incoming) tunnels.
Local tunnels protect TCP connections that your local computer forwards from a specified local port to a specified port on the remote host computer you are connected to. It is also possible to forward the connection beyond the remote host computer, but the connection is encrypted only between SSH Tectia Client and SSH Tectia Server.
Remote tunnels protect TCP connections that a remote host forwards from a specified remote port to a specified port on your local computer.
SSH Tectia Client/Connector connects to an e-mail server within the corporate network. A local (outgoing) tunnel is created from SSH Tectia Client/Connector to SSH Tectia Server on the perimeter of the network as in Figure 4.3. The connection from SSH Tectia Server to the IMAP server is unencrypted.
SSH Tectia Client also supports remote (incoming) tunnels.
X11 tunneling is a special case of remote tunneling and a built-in functionality of the product. SSH Tectia Client initiates a connection, and a remote tunnel is created for an X11 graphic connection. See Figure 4.4.