Support Tunnels

As part of our support infrastructure, customers can open a secure tunnel that enables our engineers to access and fix issues quickly and effectively.

What is a Support Tunnel?

The support tunnel is a feature of LogonBox’s virtual appliances. Installed as an independent service on the virtual machine, it establishes a secure connection to our support servers to enable our technicians to access and, where necessary, make changes to your LogonBox product during support operations.

As an independent service, it allows access to the host without requiring the product service to run, allowing our support team to effectively address many issues, including service down problems. This independence means technicians can fix the product’s operating system, database, and configuration problems without requiring a time-consuming screen share or telephone call.

Support tunnels significantly reduce the time it takes to provide Customers with resolutions.

Architecture and Security

The service uses an outgoing SSH connection on port 22 to our support infrastructure. This connection uses a technique to switch the role of the SSH client into an SSH server once connected. When our technicians connect to your callback, they can access the operating system shell and the user interfaces through port forwarding.

The connection uses mutual key authentication using ED25519 private keys to identify both the client and the server and uses strong, modern algorithms to secure the transport. The service uses open-source software developed by our sister company Jadaptive Limited. Jadaptive’s products are used by some of the world’s largest companies, including IBM, Oracle and Open Text.

Only experienced technicians have access to our support servers, which are protected by web-based 2FA and enforce strict public-private key authentication when connecting over SSH.

Firewall Rules

This service does not require that you expose your server on the Internet or make any changes to your incoming firewall rules. You only need to ensure that your VM can access our support services via outgoing rules.

If you have restrictive outgoing rules, you should configure access to the IP address and port shown below.

IP Address:
Port: 22