Tunneling the connection between a client device and the Administration Server

Kaspersky Security Center allows tunneling TCP connections from Administration Console via the Administration Server and then via Network Agent to a specified port on a managed device. Tunneling is designed for connecting a client application on a device with Administration Console installed to a TCP port on a managed device—if no direct connection is possible between Administration Console and the target device.

For example, tunneling is used for connections to a remote desktop, both for connecting to an existing session, and for creating a new remote session.

Tunneling can also be enabled by using external tools. For example, the administrator can run the putty utility, the VNC client, and other tools in this way.

Connection tunneling between a remote client device and Administration Server is required if the port used for connection to Administration Server is not available on the device. The port on the device may be unavailable in the following cases:

• The remote device is connected to a local network that uses the NAT mechanism.
• The remote device is part of the local network of Administration Server, but its port is closed by a firewall.

To tunnel the connection between a client device and Administration Server:

1. In the console tree, select the folder of the group that contains the client device.
2. On the Devices tab, select the device.
3. In the context menu of the device, select All tasks → Connection Tunneling.
4. In the Connection Tunneling window that opens, create a tunnel.

Page top