Remote control tunnel configuration
A remote control tunnel allows remote control to connect to devices that aren't on your local network. You don't have to install a tunnel if you'll only be remotely controlling devices on your organization's internal network.
NOTE: Legacy remote control doesn't use tunnels. Tunnels are used by the new version of remote control introduced in Endpoint Manager 2018.3.
The tunnel should be installed on a computer that can bridge between your intranet and the internet. It can be installed on Windows or CentOS6 computers.
For more information on installing the tunnel, see these Ivanti Community topics:
- RC tunnel installation and configuration
- Setup: Remote tunnel for remote control WS on Linux servers. This topic includes additional architectural and troubleshooting information that you may find useful.
The tunnel uses these ports:
- 44344 TCP Inbound Internal Tunnel Network Adapter (from viewer)
- 44345 TCP Inbound External Tunnel Network Adapter (from client)
- 44346 TCP Inbound Internal Tunnel Network Adapter (from core for tunnel management)
Once you've installed a tunnel, you need to configure the core server and agent settings so the core and managed devices can use it.
To configure the core server
- In the core server's management console, click Configure > Manage Remote Control Tunnels.
- Enter a Tunnel name that helps you identify the tunnel.
- Enter the Tunnel IP address.
- Click the Add button.
To configure agent settings
- Click Tools > Configuration > Agent settings. In the Agent settings tree, select the Client connectivity setting you want to modify, or right-click and click New to create a new one.
- On the Remote control tunnel page, select Enable remote control tunnel communication.
- In the Available items list, select the tunnel you created and move it to the Selected items list.
- If you have multiple tunnels, you can select the Tunnel failover policy you want to use when a tunnel isn't available.
- Select the Tunnel connection mode you want. Dynamic can use a direct connection to the device if it's on your network, or you can have remote control always use a tunnel.
- Click Save.
- If this agent setting hasn't been deployed previously, deploy it to managed devices.