11.3 Forward TCP communications

Use this procedure to encrypt TCP communications that would otherwise be sent in the clear between an application client and server. (Examples given in parentheses configure the Reflection for Secure IT client to send data securely between a Web browser on the computer running Reflection for Secure IT, and a remote Web server.)

To forward TCP communications

  1. Open the Reflection for Secure IT client and configure it to connect to your Secure Shell server host (for example, MySSHserver.com).

  2. Open the Reflection Secure Shell Settings dialog box. Go to the Tunneling tab.

  3. Under Local Forwarding, click Add.

  4. For Forward local port, specify any available local port. You can typically enter any value greater than 1024 (for example, 8080). Ports with values less than or equal to 1024 are, by convention, reserved for services and may not be available.

  5. Under Destination Host, specify the Name of the application server host (for example, WebServer.Acme.com).

    NOTE:If this server host is different than your Secure Shell Server host, communications between the Secure Shell server and the designated server are not encrypted. If the designated server runs on the same remote computer as the Secure Shell server host, you can specify the value localhost (or the IP equivalent, 127.0.0.1). In this case, all communications are encrypted.

  6. For Port, specify the port used by the application server (for example, 80 for a Web server or 110 for a mail server).

    NOTE:Although the next two steps are not required, completing them configures Reflection for Secure IT to launch the application client automatically after the Secure Shell tunnel is established.

  7. (Optional) Under Application to Launch, specify the name of the client application whose data you want to forward through the tunnel (for example, iexplore.exe). For applications that are not in your system path, you must include full path information. You can use the Browse button to locate the executable file and full path information will be included.

  8. (Optional) Under Arguments, specify any command line arguments you want to use with this application. (For example, the browser can be set to connect to the redirected port 8080 using http:\\localhost:8080.) You may also need to run your application client to configure it to connect to the specified port.

  9. Click OK to close the open dialog boxes.

    NOTE:The Local Port Forwarding dialog box OK button is not available until all required information has been entered.

  10. Connect to the Secure Shell host.

    After the Secure Shell connection is established, the application you specified in step 7 will launch. If it is correctly configured to connect to the forwarded local port (8080 in this example), data will be redirected from this port to the server application. The client will run exactly as if it had been configured to connect directly to that server.

Related Topics