Table of Contents
Setup TCP-tunneling | Use Case | Tunnel Applications |
TCP-tunneling using AnyDesk is geared towards forwarding any TCP-based protocol between the local and remote clients so that the local client can access the services/devices accessible by the remote client. For this feature to work, it requires an active AnyDesk connection between the local and remote clients.
The feature was first introduced for Windows and Linux platforms with AnyDesk 5.1. For macOS devices, the feature was released in AnyDesk 5.5.
The configuration can be set up via the context menu for an AnyDesk client in the Discovery, Favorites, or Recent Sessions lists or in the Address Book. TCP-tunneling between the local and remote client can also be configured mid-session via the Actions menu in the AnyDesk toolbar.
Warning:
TCP-tunneling is dependent on the SMB authentication protocol.
In general, if the connection requires SSL, HTTPS, or hostname validation, then you may run into issues while using this feature.
Setup TCP-tunneling
AnyDesk offers two directions of TCP tunneling: forward tunneling and reverse tunneling.
With forward tunneling, the request on a local port is forwarded to the specified <hostname>:<port> destination on the remote device.
For reverse tunneling, the request on a remote port is forwarded to the specified <hostname>:<port> destination on the local device.
In the case of TCP-tunneling ports, local ports are simply the ones that the local user wants to use to access the web application server on the remote client. Remote hosts and ports are generally defined by the HTTP web application server in question and are normally the URL and ports where the remote client can reach the HTTP web application server.
Note: As long as the listening ports do not conflict, as many tunnels as needed can be added.
Use Case
For example, let us say that a web application server is only accessible from within the office network or on the remote device.
On the physical remote device, the user would normally access software running on it (without AnyDesk) using the URL: http://internal.specialized_software.com:8080.
Now if the user wanted to access the web application server from home or while on the go, there are two methods of doing so with AnyDesk:
- Connect directly to the remote device and access the web application server through the browser or terminal on the remote device.
- Connect to the remote device and access the web application server through the browser or terminal on the local device using TCP-tunneling.
If port 1234 is free on the home or mobile network used by the local device, the user can simply set the "local port" in the TCP-Tunneling setup to "1234".
After creating a session between the local and remote devices, the user will then be able to use an application such as a browser on the local device to connect to http://internal.specialized_software.com:1234 and access the data on the server.
Tunnel Applications
- VPN
- SSH
- Internal web services
- NAS
- Webcams
- Controlling industrial devices