Devolutions Gateway tunnel connection type

The Devolutions Gateway Tunnel can fulfill similar needs to SSH port forwarding/SSH tunneling, but it requires nothing other than Devolutions Gateway itself. It is useful when using connections that do not have built-in support in Remote Desktop Manager through the Devolutions Gateway. The entry can be found under New EntrySessionRemote Connections.

Devolutions Gateway needs to be set up in the Remote Desktop Manager data source and then configured through inheritance or on the connection itself. The option is under PropertiesConnectionVPN/Tunnel/GatewayVPN/Tunnel/GatewayGeneral.

Devolutions Gateway Tunnel
Devolutions Gateway Tunnel

Listeners

If the Listener is set to 0.0.0.0, it will accept connections from any source within the network. Due to the difficulty in tracking accountability, it is recommended NOT to do this for multiple security reasons.

  • TCP Forward: It is the equivalent to port forwarding.

  • HTTP and SOCKS5 proxies: These listeners are set up as proxies which makes it possible to use a browser other than Google Chrome. This also means they use a dynamic destination.

Dynamic ports can be used with all three listener types. If the value is 0, it will automatically find an available port.

Allow Rules

The HTTP and SOCKS5 listeners will also make use of the Allow Rules to specify authorized destinations, anything not on the allow list will be denied.

The host in the allow list may be specified as in a wildcard certificate.