Skip to content

Creating, Assigning and Using Connectors

Introduction

The Connector Type Overview Page shows a list of Connector Types.

Connector Type Overview Page

The ones in the middle which are grayed out are planned to be supported in future releases of Remote Services.

All Connector Types except the DTT-R Connector require a Service Endpoint to be installed on the Remote User's machine.

The DDT-R Connector is meant to connect two Devices, hence no Service Endpoint is required.

Create DTT Connector

Usecase

This is the most generic connector type that allows tunneling of TCP traffic originating from the service endpoint towards a device where the connector is assigned to.

Prerequisites

  • An Insights Hub user with Insights Hub Role rsv2 serviceowner or rsv2 orguser.
  • An organization must already exist.
  • The user must have the Remote Services role Organization Admin granted with access to this organization.
  • Usage of this Connector requires a Service Endpoint to be installed on the machine of the Remote User.

Procedure

To create a new DTT Connector to an existing organization, perform the following steps:

  1. Log into tenant as one of the users mentioned above.
  2. Open the "Remote Services" app.
  3. From the "Home screen", select the required organization from the "Organizations" drop-down list and from the "RS Roles" drop-down select the "Organization Admin" role.
  4. Navigate to the "Connectors" page.
  5. Click "Create New Connector". The overview page to select the connector is displayed.
  6. Select "Dynamic Transparent Tunnel Protocol".
    Dynamic Transparent Tunnel Protocol
  7. Enter the necessary information for the connector, ensuring to provide port mapping, for routing of TCP/UDP data packets using custom port settings.
  8. Click "Create".

Result

The connector is created and is available by Organization Admin for assignment to Devices of the current organization.

Create RDP Connector

Use case

This is a connector type that builds on top of DTT to provide additional convenience to users by providing RDP related properties such as domain name, user name, resolution, etc.

This Connector will automatically start the Windows Remote Desktop Client on the machine where the Service Endpoint is installed and offers a connection to the Remote Desktop Server on the Device where the connector is assigned to.

Prerequisites

  • An Insights Hub user with Insights Hub Role rsv2 serviceowner or rsv2 orguser.
  • An organization must already exist.
  • The user must have the Remote Services role Organization Admin granted with access to this organization.
  • A Service Endpoint to be installed on the machine of the Remote User.

Procedure

To create a new RDP Connector to an existing organization, perform the following steps:

  1. Log into tenant as one of the users mentioned above.
  2. Open the "Remote Services" app.
  3. From the "Home" screen, select the required organization from the "Organizations" drop-down list and from the "RS Roles" drop-down, select the "Organization Admin" role.
  4. Navigate to the "Connectors" page.
  5. Click "Create New Connector". The overview page to select the connector is displayed.
  6. Select "Remote Desktop Protocol".
    Remote Desktop Protocol
  7. Enter the necessary information for the connector. Note that the entered username will be used for RDP login in the system.
  8. Click "Create".

Result

The connector is created and is available by the Organization Admin for assignment to Devices of the current organization.

Create VNC Connector

Usecase

This is a connector type that builds on top of DTT to provide additional convenience to users by providing VNC related properties.

Prerequisites

  • An Insights Hub user with Insights Hub Role rsv2 serviceowner or rsv2 orguser.
  • An organization must already exist.
  • The user must have the Remote Services role Organization Admin granted with access to this organization.
  • A Service Endpoint to be installed on the machine of the Remote User.

Procedure

To create a new VNC Connector to an existing organization, perform the following steps:

  1. Log into tenant as one of the users mentioned above.
  2. Open the "Remote Services" app.
  3. From the "Home" screen, select the required organization from the "Organizations" drop-down list and from the "RS Roles" drop-down, select the "Organization Admin" role.
  4. Navigate to the "Connectors" page.
  5. Click "Create New Connector". The overview page to select the connector is displayed.
  6. Select "Virtual Network Computing Protocol".
    Virtual Network Computing Protocol
  7. Enter the necessary information for the connector, ensuring to provide listener and target port, which is meant for connecting to devices via VNC-based remote login.
  8. Click "Create".

Result

The connector is created and is available by Organization Admin for assignment to Devices of the current organization.

Create SSH Connector

Usecase

This is a connector type that builds on top of DTT to provide additional convenience to users by providing SSH related properties.

Prerequisites

  • An Insights Hub user with Insights Hub Role rsv2 serviceowner or rsv2 orguser.
  • An organization must already exist.
  • The user must have the Remote Services role Organization Admin granted with access to this organization.
  • Usage of this Connector requires a Service Endpoint to be installed on the machine of the Remote User.

Procedure

To create a new SSH Connector to an existing organization, perform these steps:

  1. Log into tenant as one of the users mentioned above.
  2. Open the "Remote Services" app.
  3. From the "Home" screen, select the required organization from the "Organizations" drop-down list and from the "RS Roles" drop-down, select the "Organization Admin" role.
  4. Navigate to the "Connectors" page.
  5. Click "Create New Connector". The overview page to select the connector is displayed.
  6. Select "Secure Shell Protocol".
    Secure Shell Protocol
  7. Enter the necessary information for the connector, ensuring to provide listener and target port, which is meant for connecting to devices via SSH.
  8. Click "Create".

Result

The connector is created and is available by Organization Admin for assignment to Devices of the current organization.

Create Web Application Connector

Usecase

This connector type allows tunneling of HTTP/HTTPS based applications to be accessed by remote users.

Once a tunnel of this Connector Type is successfully established, a Web Browser on the system where the Service Endpoint is installed will automatically open and display the start page specified in the Connector definition.

Prerequisites

  • An Insights Hub user with Insights Hub Role rsv2 serviceowner or rsv2 orguser.
  • An organization must already exist.
  • The user must have the Remote Services role Organization Admin granted with access to this organization.
  • Usage of this Connector requires a Service Endpoint to be installed on the machine of the Remote User.

Procedure

To create a new Web Application Connector to an existing organization, perform the following steps:

  1. Log into tenant as one of the users mentioned above.
  2. Open the "Remote Services" app.
  3. From the "Home" screen, select the required organization from the "Organizations" drop-down list and from the "RS Roles" drop-down, select the "Organization Admin" role.
  4. Navigate to the "Connectors" page.
  5. Click "Create New Connector". The overview page to select the connector is displayed.
  6. Select "Web Application Protocol".
    Web Application Protocol
  7. Enter the necessary information for the connector, ensuring to use localhost while specifying the Start Page. The localhost keyword will be automatically replaced by actual IP address of the target device.
  8. Click "Create".

Result

The connector is created and is available by Organization Admin for assignment to Devices of the current organization.

Create Proxy Unaware Connector

Usecase

This is a connector type that allows clients/applications to connect to remote devices seamlessly even if the clients/applications cannot cope with intermediate proxies. One of the most prominent application is TIA portal.

If this Connector is assigned to a Device of type Primary Target, the client/application will have to connect to IP address 127.0.0.1 or localhost at the port given as target port in the Connector definition.

If this Connector is assigned to a Device of type Secondary Target, the client/application will have to connect to the IP address assigned for the Secondary Target at the port given as target port in the Connector definition. In this case, the Transparent Proxy mentioned in the following section will perform an IP address translation that is transparent to the client/application.

Prerequisites

  • An Insights Hub user with Insights Hub Role rsv2 serviceowner or rsv2 orguser.
  • An organization must already exist.
  • The user must have the Remote Services role Organization Admin granted with access to this organization.
  • The operating system on the machine of the Remote User is Windows 10 or Windows 11.
  • Usage of this Connector requires a Service Endpoint to be installed on the machine of the Remote User.
  • Usage of this Connector requires installation of the Transparent Proxy from the Service Endpoint Installation Package on the machine of the Remote User.

Procedure

To create a new Proxy Unaware Connector to an existing organization, perform the following steps:

  1. Log into tenant as one of the users mentioned above.
  2. Open the "Remote Services" app.
  3. From the "Home" screen, select the required organization from the "Organizations" drop-down list and from the "RS Roles" drop-down, select the Organization Admin role.
  4. Navigate to the "Connectors" page.
  5. Click "Create New Connector". The overview page to select the connector is displayed.
  6. Select "Proxy Unaware Protocol".
    Proxy Unaware Protocol
  7. Enter the necessary information for the connector, ensuring to provide Port Mappings for TCP/UDP protocol with single/range of target device ports.
  8. Click "Create".

Result

The connector is created and is available by Organization Admin for assignment to Devices of the current organization.

Create DTT-R Connector

Usecase

DTT-R stands for DTT-Reverse. This is similar to DTT. However, to provide device to device tunneling, it requires two Device Endpoints to be installed. The Service Endpoint is not required.

The Connector is assigned to the source Device, i.e. the one that initiates the connection. In the Connector definition, the Device Endpoint id of the target Device needs to be given.

Prerequisites

  • An Insights Hub user with Insights Hub Role rsv2 serviceowner or rsv2 orguser.
  • An organization must already exist.
  • The user must have the Remote Services role Organization Admin granted with access to this organization.
  • There must be a target Device defined in the same Organization, typically it will be in a different network than the Device to which the DDT-R connector is assigned.

Procedure

To create a new Dynamic Transparent Tunnel - Reverse Connector to an existing organization, perform the following steps:

  1. Log into tenant as one of the users mentioned above.
  2. Open the "Remote Services" app.
  3. From the "Home" screen, select the required organization from the "Organizations" drop-down list and from the "RS Roles" drop-down. select the Organization Admin role.
  4. Navigate to the "Connectors" page.
  5. Click "Create New Connector". The overview page to select connector is displayed.
  6. Select "Dynamic Transparent Tunnel - Reverse Protocol".
    DTT reverse
  7. Enter the necessary information for the connector, ensuring to provide Target Endpoint and Port Mapping between Listener Port and Target Host port.
  8. Click "Create".

Result

The connector is created and is available by Organization Admin for assignment to Devices of the current organization.

Assign Connectors

To establish a connection to a particular Device to fulfill a particular use case, for example RDP, VNC, SSH, access to web-server, etc, the prepared required Connector needs to be assigned by the Organization Admin to that Device so that the Remote User can later activate that connection.

Prerequisites

  • An Insights Hub user with Insights Hub Role rsv2 serviceowner or rsv2 orguser.
  • An organization must already exist.
  • The Connector c must exist.
  • A Device A must exist to which the Connector c shall be assigned.
  • The user must have the Remote Services role Organization Admin granted with access to this organization and the Device A.

Procedure

To assign Connector c to Device a, perform the following steps:

  1. Log into tenant as one of the users mentioned above.
  2. Open the "Remote Services" app.
  3. From the "Home" screen, select the required organization from the "Organizations" drop-down list and from the "RS Roles" drop-down, select the Organization Admin role.
  4. Click on the "Organization" icon. The Organization and Devices page is displayed, where there is also a hierarchical view of the Nodes and Sites.
  5. In the hierarchical view, select the required Site and expand it so that the Devices are displayed.
  6. Select the required Device. The Device Information screen is displayed which shows a list of assigned Connectors.
    Connectors list
  7. In the "Assigned Connectors" list, click on the "plus" icon to display the list of Connectors which are ready to be assigned.
    Available Connectors
  8. In the "Available Connectors" column, search for the required Connector c and click on the > icon to move it to the "Assigned Connectors" column.
  9. Click "Save" to save your selection and navigate back to the Device Information screen.

Result

  • Connector c is assigned to the Device A and ready for use by the Remote User.

Establish Connection

The Remote User can establish a connection to a particular Device using the Connectors assigned by the Organization Admin.

When the Proxy Unaware Connector is used, there will be a pop-up which allows to select the source IP of the connection.
Proxy Unaware Protocol Select Source IP

It will list all IP addresses of NICs available on the system with the Service Endpoint. Select the IP address used by your client/application. If this is not known, use the value 127.0.0.1 (localhost).

Prerequisites

  • An Insights Hub user with Insights Hub Role rsv2 serviceowner or rsv2 orguser.
  • An organization must already exist.
  • The Connector c must exist.
  • A Device A must exist to which the Connector c is already assigned.
  • The user must have the Remote Services role Remote User granted with access to this organization and the Device A.
  • The user must have the Service Endpoint installed and started.

Procedure

To establish a connection, perform the following steps:

  1. Log into tenant as one of the users mentioned above.
  2. Open the "Remote Services" app.
  3. From the "Home" screen, select the required organization from the "Organizations" drop-down list and from the "RS Roles" drop-down, select the Remote users role.
  4. Click on the "Organization" icon. The Organization and Devices page is displayed where there is also a hierarchical view of the Nodes and Sites.
  5. In the hierarchical view, select the required Site and expand it so that the Devices are displayed.
  6. Select the required Device A. The Device Information screen is displayed which shows a list of assigned Connectors.
    Assigned Connectors List
  7. Search for the required Connector c. Depending on whether the "Permission Required" is configured or not, click:
    • The chain icon to establish the connection, if no permission by Site Owner is required.
    • The ? icon to establish the connection, if the permission by Site Owner is required.
      If ? icon is clicked to establish the connection, perform the following step:
  8. The "Request Permission for Tunnel" screen is displayed. Enter the "Requester Comment" to inform the Site Owner about the request.
    Request Permission for Tunnel

For more information about granting permission, refer to the chapter Grant permission.

Result

The connection is established.

Request Permission to Establish Connection

For additional security, the Organization Admin can optionally configure a Connector to require a Site Owner to confirm permission to establish a connection with the given Connector.

For that purpose, all the configuration screens for the various Connector Types provide an option "Permission Required".

Prerequisites

  • Two Insights Hub users R and P with Insights Hub Role rsv2 serviceowner or rsv2 orguser.
  • An organization must already exist.
  • The Connector c must exist.
  • The Connector c must be configured with the option "Permission required".
  • A Device A must exist to which the Connector c is already assigned.
  • The user R requesting permission must have the Remote Services role Remote User granted with access to this organization and the Device A.
  • The user P deciding on permission must have the Remote Services role Site Owner granted with access to this organization and the Device A.

Request Permission

In order to request permission from a site owner, proceed with all the steps as described above.

Accept, Reject or Withdraw Permission Requests

A Remote User R or Service Provider P can check the status and history of pending, accepted and rejected permission requests.

The Remote User can withdraw their request even when the permission has already been granted.

The Site Owner can accept or reject the request, or withdraw the permission granted to the Remote User. If the Site Owner accepts the request, it is required to specify a time period for which the connection shall be active. After this time period exceeds, the conection will be automatically terminated.

Prerequisites

  • Two Insights Hub users R and P with Insights Hub Role rsv2 serviceowner or rsv2 orguser.
  • An organization must already exist.
  • The Connector c must exist.
  • The Connector c must be configured with the option "Permission Required".
  • A Device A must exist to which the Connector c is already assigned.
  • The user R requesting permission must have the Remote Services role Remote User granted with access to this organization and the Device A.
  • The user P deciding on on permission must have the Remote Services role Site Owner granted with access to this organization and the Device A.

Procedure

To check for the status of pending permission requests perform the following steps:

  1. Log into tenant as one of the users mentioned above.
  2. Open the "Remote Services" app.
  3. From the "Home" screen, select the required organization from the "Organizations" drop-down list and from the "RS Roles" drop-down, select the Remote User or Site Owner role.
    Home Screen - Permissions
  4. Click on the "Permissions" icon. The "Permission Request" screen is displayed. Permission Requests
  5. Click on the "View" button in one of the following sections in that screen:
    • "Pending Requests" - To approve/reject (Site Owner role required) or withdraw (Remote User role required) the request.
      Pending Requests
    • "Granted Requests" - To view the approved requests and as a Service Owner eventually withdraw the permission.
      Granted Requests
    • "Completed Requests" - To view the requests which have been withdrawn, rejected or expired.
      Completed Requests
  6. In one of the screens above, perform the required action:
    • "Approve request" - Specify an expiry time.
      Approve Request
    • "Reject request" - Enter the reason for rejecting the request.
      Reject Request
    • "Withdraw request" - Click on the "Return" icon.
      Withdraw Requests

Result

  • If the request is approved, the connection will be established.
  • If a request is withdrawn while the connection is alredy established, the connection will be terminated. The request will be moved from the "Granted Requests" list to the "Completed Requests" list.
  • If a request is withdrawn while it is not yet approved, it will be moved from the "Pending Requests" list to the "Completed Requests" list.
Last update: March 18, 2024