login |  register |  home |  contact us  |     
 
product information
 Product description
 Features
 Product Matrix
 Advantages
 Architecture
 System Requirements
 Distribution Partners

support options

news & information

about us

free trial & feedback
Tunnel2 Architecture
Overview
Please move your mouse over on one the components in the diagram.

Remote Terminal Client

Users are unable to access a remote Terminal Server because of local security restrictions (e.g. hotel rooms, public hotspots, customer's site, seminar room, etc.).

Regular internet-usage ("surfing") via HTTPS or HTTPS is not restricted concerning target webservers.

Users download the Tunnel2 client software at www.Tunnel2.com, unzip the package and run the client (no installation, administrative rights required).

The client resembles the look and feel of the standard Windows Terminal Server™ client.

The Tunnel2 client listens on a local network port. When the user clicks on "Connect!" the regular Windows Terminal client is started (in connected mode), connects to the Tunnel2 client running and listening on the local machine.

The Tunnel2 client receives the regular Terminal Client traffic, packages it into HTTP/HTTPS communication and establishes a network connection to the Tunnel2 Gateway Server.

Firewall and/or Web Proxy Server

Local security restrictions enforced on the user which does not allow direct usage of remote Terminal Servers. As a matter of course, the Tunnel2 client supports web proxy authentication.

The Tunnel2 network traffic is indistinguishable from regular internet browsing for firewalls and web proxy servers and offers several options to optimize communication through the local web-proxy and firewall.

Internet

The regular Windows Terminal Server traffic is encoded by the Tunnel2 client into regular HTTP/HTTPS traffic.

Two options for traffic encryption are available:

  • built-in Windows Terminal Server encryption (has to be activated on the Windows Terminal Server)
  • Tunnel2 client-based encryption, then the Tunnel2 client encrypts the communication between client machine and Tunnel2 Gateway server, even if the communication is transported via HTTP!(1.1)

Firewall at Terminal Server zone

No pass through on TCP port 3389 required (standard Windows Terminal services port), just port 80 (HTTP) or 443 (HTTPS) to corporate webserver required to be open, which is usually the case. No VPN endpoints, etc.

Webserver

Internet Information Server™ 5/6 (Windows) or Apache httpd (Windows, Unix) or Apache Tomcat (Windows, Unix). No dedicated machine required, integrates into an existing corporate webserver.

This server component receives the (optional) encrypted traffic, generated by the Tunnel2 client, creates regular Windows Terminal Server traffic from it and forwards to the appropriate Terminal Server.

Terminal Server

Completely hidden from the internet in an internal zone, no direct attacks on this machine possible.



  send this page via email
live operator chat
Tunnel2 quickcheck!
Download the client and test through your local firewall and/or webproxy! if you can access our Terminal Server! Test Now!
Latest News
 STSG VISTA READY! In April, we will release the updated version of STSG 1.1. This release will support RDP V6 as well as the new VISTA Operating System. This will make STSG the right choice for the future!

© 2005 LM Internet Services AG, All trademarks are property of their respected owners


Terms Of Use  | Nutzungsbedingungen  | Impressum  | Imprint