Black Box LES1348A Server User Manual


 
Destination as portXX:3389 (where XX is the SDT enabled serial port number). For example, if
port 4 is on the console server is to carry the RDP traffic, then specify port04:3389
Note http://www.jfitz.com/tips/putty_config.html has useful examples on configuring PuTTY for SSH
tunneling.
Select Local and click the Add button.
Click Open to SSH connect the Client PC to the console server. You will now be prompted for the
Username/Password for the console server user.
If you are connecting as a User in the “users” group, then you can only SSH tunnel to Hosts
and Serial Ports where you have specific access permission.
If you are connecting as an Administrator (in the “admingroup), then you can connect to
any configured Host or Serial Ports (that has SDT enabled).
To set up the secure SSH tunnel for a HTTP browser connection to the Managed Device, specify port 80
(instead of port 3389 that was used for RDP) in the Destination IP address.
To set up the secure SSH tunnel from the Client (Viewer) PC to the console server for VNC, follow the
steps above, but when you configure the VNC port redirection, specify port 5900 in the Destination IP
address.
Note How secure is VNC? VNC access generally allows access to your whole computer, so security is
very important. VNC uses a random challenge-response system to provide the basic
authentication that allows you to connect to a VNC server. This is reasonably secure and the
password is not sent over the network.
Once connected, all subsequent VNC traffic is unencrypted. A malicious user could snoop your
VNC session. There are also VNC scanning programs available, which will scan a subnet looking
for PCs that are listening on one of the ports that VNC uses.
Tunneling VNC over a SSH connection ensures all traffic is strongly encrypted. No VNC port is
ever open to the internet, so anyone scanning for open VNC ports will not be able to find your
computers. When tunneling VNC over a SSH connection, the only port that you’re opening on
your console server is the SDT port 22.
Sometimes it may be prudent to tunnel VNC through SSH even when the Viewer PC and the
console server are both on the same local network.
_____________________________________________________________________
724-746-5500 | blackbox.com Page 134