Create new Tunneled Connection

 

The previous topic: Remote Desktop Connection (RDP/SSH) shows the basic way of using ISL Light session as a tunnel for RDP or SSH connection (depending on the OS of the remote computer). However the tunneling functionality of ISL Light session offers many other uses described in this topic:


Important: To enable the tunneling functionality you have to upgrade ISL Light to version  4.4.1823.45 and ISL AlwaysOn to version 4.4.1823.24 (depending on which one you will use). Additionally the tunneling functionality has to be enabled in ISL AlwaysOn on the remote computer (Tunnel Connections option under Advanced Settings)


Create a RDP session

Step 1

Click on the "Action" next to the computer you wish to connect too and select the "New Tunnel" option.


Step 2

Click the "Create" button to create a tunnel for RDP session. 

Note: You should leave the IP Address field empty, in that case the value is set to localhost which means you will connect to the remote computer you selected. You should change the Port field if you configured the remote computer to listen for RDP connections on some other port, otherwise leave the field blank and default port 3389 will be used.


Step 3

Enter the global password of the remote computer and click "Connect" to start the ISL Light session which will serve as a tunnel.


Step 4

Enter the Windows account login information for the remote computer and click "OK" to start the RDP session.


Step 5

You are connected to remote computer via RDP.


Create a RDP session using a jumpbox

With the term Jumpbox we denote a computer that will serve as a jump for your connection, allowing you to connect to any computer in the local network of the remote computer. 

In example below we will be using three different computers A,and C. B and C are in the same local network and A is in another network altogether. We are working on computer A and due to the configuration we can neither establish a RDP session or ISL Light session with C. However we can establish the ISL Light session with computer B. In this configuration the computer B will server as a jumbox. Take a look at the diagram below showing the network configuration. In our case computer is a jumpbox and computer C is one of the remote computers.



Please follow the steps below to see how to configure the connection:

Step 1

Click on the "Action" next to the computer you will use as a jumpbox and select the "New Tunnel" option. Office - Macbook is computer B in our case.

Note: Even though we are making a RDP connection (Windows only connection) we can use a computer with a different operating system as a jumbox. In our case we are using a computer running macOS Mojave.


Step 2

In the IP field enter the local address of the computer C (located in the same local network as the target computer). Then click on "Create".

Note: The remote network has to be configured in such a way that a computers and can establish a connection between them.


Step 3

Enter the access password for computer B.


Step 4

Enter the login credentials for computer when prompted.


Step 5

You can now control computer via RDP.


Create an SSH session

Step 1

Click on the "Action" next to the computer you wish to connect too and select the "New Tunnel" option.


Step 2

Click the "Create" button to create a tunnel for SSH session. 

Note: You should leave the IP Address field empty, in that case the value is set to localhost which means you will connect to the remote computer you selected. You should change the Port field if you configured the remote computer to listen for SSH connections on some other port, otherwise leave the field blank and default port 22 will be used.


Step 3

Enter the global password of the remote computer and click "Connect" to start the ISL Light session which will serve as a tunnel.


Step 4

 Note: Step 4 differs between Windows and macOS hosts. On Windows the PuTTY program will be launched to handle the SSH connection and on macOS the SSH will be handled trough Terminal.

Enter the username and password for the remote computer to log in.

Note: On Windows the SSH connections are handled by PuTTY, which means that you will first have to install PuTTY. Because of how PuTTY implements the login procedure you will have to enter your username again when SSH connection is established.

Note: Depending on your configuration you might receive an error when creating an SSH connection in Windows. To fix it you can manually change the Default ssh schema and explicitly enter the path to PuTTY executable. The setting can be found in ISL Light Settings under Port Forward

Default: 

ssh://localhost:{PORT}

Explicit:

"<path_to_PuTTY_executable/putty.exe>" localhost -P {PORT}


Step 5

You are now connected to the remote computer via SSH.


Create an SSH session using a jumpbox

With the term Jumpbox we denote a computer that will serve as a jump for your connection, allowing you to connect to any computer in the local network of the remote computer. 

In example below we will be using three different computers A,and C. B and C are in the same local network and A is in another network altogether. We are working on computer A and due to the configuration we can neither establish an SSH session or ISL Light session with C. However we can establish the ISL Light session with computer B. In this configuration the computer B will server as a jumbox. Take a look at the diagram below showing the network configuration. In our case computer is a jumpbox and computer C is one of the remote computers.


Please follow the steps below to see how to configure the connection:


Step 1


Click on the "Action" next to the computer you will use as a jumpbox and select the "New Tunnel" option. Office - Windows 10 is computer B in our case.


Step 2

Enter the Username and the IP of the computer (located in the same local network as the target computer). Then click on "Create".

Note: The remote network has to be configured in such a way that a computers and can establish a connection between them.


Step 3

Enter the access password for computer B.


Step 4

 Note: Step 4 differs between Windows and macOS hosts. On Windows the PuTTY program will be launched to handle the SSH connection and on macOS the SSH will be handled trough Terminal.

Enter the username and password for the remote computer to log in.

Note: On Windows the SSH connections are handled by PuTTY, which means that you will first have to install PuTTY first. Because of how the login procedure is handled by PuTTY you will have to enter your username again when SSH connection is established.


Step 5

You are now connected to the computer C via SSH.


Create a custom tunnel

Besides RDP and SSH connection you can tunnel any connection of your choice using ISL Light session. The custom tunnel functionality can be used once you establish an ISL Light session with the remote computer from within the session view. Please follow the steps below to see how to create a custom tunnel to the remote computer.


Step 1

Click on "Connect via..." and "New Tunnel" once connected to the remote computer.


Step 2

Select the "Custom" option and type in the custom tunnel Rule. The rule above will bind the port 4321 on your local computer to the port 22 on the remote computer.

Rules are divided into the following categories:



    • remote
      • addr - IP address to which the remote computer should connect. You can enter "localhost" in that case the connection will be made to the remote computer itself. Or you can enter an IP address of another computer in the same local network as the remote computer.
      • port - Port on the remote computer to which the tunnel should connect. 
    • local
      • addr - [any|localhost] - Address from which you local computer will accept connections. If you enter "localhost" then you can only use the tunnel from your local computer. If you enter "any" then any computer on the same network as your local computer will be able to use the tunnel.
      • port - Port on the local computer to which you will bind the tunnel
  • additional

      • times [n-number- How many connections the tunnel will accept. Once the set number of connections is made the tunnel will stop listening for new connections.  
      • no_write [1-true|0-false- Do not save the tunnel properties. This means that ISL Light will not remember the tunnel and you will have to specify it again next time. 
      • stop_on_close  [1-true|0-false- Close the ISL Light session once the tunnel is closed.
        • Tunnel is considered closed when it is no longer listening for new connections (e.g. times parameter is specified) and there are no active connections going trough the tunnel.
    • watch_execute [1 -true|0-false] - Used in combination with the execute parameter. Close the ISL Light session once the execute command is executed.

      • Note: Execute parameter is used to bind a service on the remote computer to the tunnel port. Example of the execute command is shown when creating a RDP or SSH tunnel as seenhere. You can bind a custom service in the same way.


Example configuration:

{
    "remote": {
        "addr": "localhost",
        "port": 22
    },
    "local": {
        "addr": "any",
        "port": 4321
    },
    "times": 1,
    "watch_execute": 0,
    "no_write": 1,
    "stop_on_close": 1
}

Configuration above binds port 4321 on your local machine to port 22 on the remote machine. Your local machine will accept connection from anywhere ("addr": any) and tunnel it to the port 22 on the remote computer. Please take a look at the diagram below showing the network configuration in this example it is your computer that is serving a a jumpbox and all of the local computers cann use the tunnel, since you set the addr parameter to any.

Step 3

Any connection to your local computer on bound port (in our example 4321) is tunneled to the bound port on the remote computer (in our case 22). This means we can make an SSH connection to your local computer on port 4321 and it will be tunneled to the remote device.

Important: You can  use the tunnel from your local computer by accessing it at localhost address or you can access the tunnel from any other machine in your local network by specifying the IP address of your local computer. In the later case your local computer will serve as a jumpbox allowing any computer in your local network to connect to the remote computer.

 

Step 4

You are now connected to the remote computer by establishing an SSH connection on port 4421 on your computer.


Example - Remote printing using custom tunnel

In this example we will be using two different computers (your computer) and (computer at your place of work) and a network printer (at your place of work). Computer and printer P are located in the same network, however your computer is in another network altogether (you are on a business trip, working from home...). We will show how to use a tunnel to computer B to remotely print something from your computer on the printer P

Summary of procedure: You will configure the printer properties on your computer in such a way that a print job will be sent to the localhost address to port 9100 (user chosen port). Port 9100 on your computer is tunnelled to computer B via ISL Light session and computer B forwards the print job to the remote printer inside its network.

Note: For this example to work, computer B doesn't need any knowledge about printer P or any printing drivers whatsoever as computer B will only serve as a jumbox for the connection.


Step 1 (Computer A)

Obtain and open printer Properties for the remote printer you will print on. ( You can access the printers under Control Panel by opening Hardware and Internet section).

Note: If you ever printed on the remote printer before the Properties will most likely be saved on your computer already, otherwise you can download and install the correct printer driver for your printer from manufacturer's website.


Step 2

Open the "Ports" tab and click on "Add Port...". 


Step 3 

Select "Standard TCP/IP Port" and click "New Port..."

NoteIn this and the following steps you will configure the port and address on which the print jobs intended for specified printer will be sent.


Step 4

Enter 127.0.0.1 as the printer's IP address.


Step 5 (Optional)

If you configure Printer properties before creating a tunnel Windows will notify you that it can not find the printer at the specified address. Click "Next" to proceed and create the port anyway.


Step 6

Check that configured settings are correct then click "Finish" to create the port.


Step 7

Select the newly port in the Printer properties and click on "Configure Port..."

ImportantTick the checkbox next to the newly created port to begin using it. Keep in mind that you will have to change the port back to the previous value when you wish to print normally again (e.g. when you return to your office).


Step 8

Set which port on your local machine will be used for tunneling the print job. 9100 is set as default.

Important: Keep in mind that the tunnel binds to the port specified here, so if you change the port here make sure that you change the port to the new value in the next steps as well.


Step 9

With printer port configured connect to computer with ISL Light and click on "Connect via..." and "New Tunnel".


Step 10

Select the tunnel type as Custom and enter the configuration as seen above. The values are the following:

  • Remote
    • addr - IP address of the remote printer inside its network.
    • port - port on which the remote printer is listening. 9100 is the default port for printers so if you do not know it you can try with this value.
  • Local
    • addr - you can specify the following two values:
      • localhost - you will only be able to print on the remote printer from your computer.
      • any - any computer inside your network can use your computer as a jumbox to print on the remote printer.
    • port - port you configured in the steps above. 
  • times - how many times the tunnel will accept connection. 
    • If you leave it at 1 you will only be able to print 1 document. If you remove this line completely you will be able to print on the remote computer until you manually close the tunnel or ISL Light session.


RDP connection from macOS to Windows

RDP connection can be made to Windows machine from computers running other operating systems by using the native RDP client software. In this example we will be using the official Microsoft RDP client for macOS that can be downloaded from Mac App Store: Microsoft Remote Desktop 10, however there are other clients you can configure and use.

Step 1

Download and install Microsoft Remote Desktop 10 from Mac App Store. Installing this client will register it for opening the rdp links.

Note: Link above points to Mac App Store - US version, depending on which Mac App Store you are using you might need to search for "RDP" in the search bar instead of following the link.


Step 2

Log into ISL Light and open the "Settings".


Step 3

In the Port Forward section change the Default rdp schema to the following:

/usr/bin/open -W -n "rdp://full address=s:localhost:{PORT}"

and hit "Enter".


Step 4

Click on the "Action" button next to the computer you want to connect to and select the "Connect via..." option then "rdp://localhost:3389".


Step 5

Enter the access password for the remote computer then click "Connect".

Note: Access password you enter here is the ISL AlwaysOn access password and not yet the user account password used for creating an RDP session.


Step 6

Enter the user account information for the remote computer and click "Done".


Step 7

You can now control the remote Windows computer using RDP session from your macOS device.


Was this article helpful?