The Tunnel Manager enables creating and using tunnels to a gateway. These tunnels are used to remotely access a server application on a gateway with a variety of client applications, such as the Workbench.

When there are tunnels established, the Tunnel Manager periodically sends API calls (tunnel history) to retrieve a list of tunnels that have been successfully opened on your account.

Terminology Description
Tunnel Manager

The Tunnel Manager enables the:

  • Retrieval of tunnel definition information from a thing and its thing definition
  • Presentation of the defined tunnels in a graphical user interface screen
  • Establishment of the tunnel connection with a Tunnel Router
  • Moving of data between the client application and a Tunnel Router.

The Tunnel Manager will be downloaded from the Management Portal as a Java Network Launch Protocol (JNLP) file to the computer where the client application will be executed.

Tunnel Router
The IoT Portal feature that handles the connections to and the moving of data between the Tunnel Manager and the tunnel server application on the gateway.
Tunnel server application
A portion of the TR50 feature on a gateway. The tunnel server application supports tunnel connections into the gateway and directs the tunnel communication to a server application (for example, an SSH server application) executing on the gateway.
Server application
The application executing on a gateway (for example, an SSH server application) that supports connections from a client application.
Client application
The application that connects to a server application (for example, an SSH client application that connects to an SSH server application). The client application executes on the computer that is executing the web browser used to log on to the Management Portal. That computer is also executing the Tunnel Manager.

The following must be in place in order for a server application on a gateway to be accessible using a tunnel:

  • The gateway is connected over TR50 to the IoT Portal
  • The gateway's TR50 feature configuration is defined to allow tunnel connections.
  • The gateway's server application supports connection from a client application.
  • You have access to the organization in the Management Portal where the gateway is defined. For more information on user accounts and organization access, see Users.
  • The gateway's thing definition in the Management Portal has the specific tunnels, including tunnel name and TCP port, that will be supported.
  • You must have Java JRE version 1.8.0 or greater installed on the computer you use to log on to the Management Portal.

    If you have an older version of the JRE installed and need to install a new version, make sure that your old version is uninstalled. Otherwise, the two versions could conflict and not provide the required support.
    The computer will execute the Tunnel Manager, which will be downloaded as a Java Network Launch Protocol (JNLP) file.
    Once the Tunnel Manager is downloaded and is executing, it will support a client application connecting to a server application on the gateway. Examples of these client applications include:

    • Workbench, which will connect to the runtime on the gateway
    • A telnet client, which will connect to a telnet server on the gateway
    • A secure shell (SSH) client, which will connect to an SSH server on the gateway
    • A remote desktop protocol (RDP) client, which will connect to an RDP server on the gateway.

    In the configuration where the IoT Portal tunnels are used to support remote access to a server application executing on a gateway, the normal connection and data flow between the client application and the server application (for example between an SSH client application and an SSH server application) is replaced with connections and data flow supported by the deviceWISE Cloud features:

  • The client application connects to and sends/receives data from the Tunnel Manager
  • The Tunnel Manager connects to and sends/receives data from a Tunnel Router
  • The Tunnel Router connects to and sends/receives data from the tunnel server application on a gateway
  • The tunnel server application on a gateway connects to and sends/receives data from the server application.

Tunnels are defined in a thing definition. A thing, such as a gateway, then "inherits" the tunnel definitions from its thing definition.

To define a tunnel, see Defining Tunnels.


Related topics