TCP Tunneling with AnyDesk: A Complete Guide for Remote Access and Configuration

Table of content

TCP-Tunneling

Table of Contents

Setup TCP-tunneling Use Case Tunnel Applications

TCP-tunneling using AnyDesk enables the forwarding of any TCP-based protocol between local and remote clients, allowing local access to services/devices reachable by the remote client. An active AnyDesk connection between the local and remote clients is necessary for this feature to work.

Initially introduced for Windows and Linux platforms with AnyDesk 5.1, the feature was later released for macOS devices in AnyDesk 5.5.

The configuration can be set up via the context menu for an AnyDesk client in the Discovery, Favorites, or Recent Sessions lists or in the Address Book. Mid-session configuration for TCP-tunneling between the local and remote client can also be done through the Actions menu in the AnyDesk toolbar.

Warning:

TCP-tunneling is dependent on the SMB authentication protocol.

In general, issues may arise when using this feature if the connection requires SSL, HTTPS, or hostname validation.

Back to Top

Setup TCP-tunneling

AnyDesk offers two directions of TCP tunneling: forward tunneling and reverse tunneling.

In forward tunneling, the request on a local port is forwarded to the specified : destination on the remote device.

For reverse tunneling, the request on a remote port is forwarded to the specified : destination on the local device.

VirtualBoxVM_GDw3GvD07J

When setting up TCP-tunneling ports, local ports are simply those that the local user wants to use to access the web application server on the remote client. Remote hosts and ports are generally defined by the HTTP web application server in question and are typically the URL and ports where the remote client can reach the HTTP web application server.

Note: As long as the listening ports do not conflict, as many tunnels as needed can be added.

Back to Top

Use Case

For example, consider a scenario where a web application server is only accessible from within the office network or on the remote device.

On the physical remote device, the user typically accesses software running on it (without AnyDesk) using the URL: http://internal.specialized_software.com:8080.

If the user wants to access the web application server from home or while on the go, two methods are available with AnyDesk:

  1. Connect directly to the remote device and access the web application server through the browser or terminal on the remote device.
  2. Connect to the remote device and access the web application server through the browser or terminal on the local device using TCP-tunneling.

If port 1234 is available on the home or mobile network used by the local device, the user can simply set the “local port” in the TCP-Tunneling setup to “1234”.

After establishing a session between the local and remote devices, the user can then use an application such as a browser on the local device to connect to http://internal.specialized_software.com:1234 and access the data on the server.

Back to Top

Tunnel Applications

  • VPN
  • SSH
  • Internal web services
  • NAS
  • Webcams
  • Controlling industrial devices

Back to Top

Published at

Leave a comment

Your email address will not be published

No comments yet!