Tunnel-type 2.0 client-access application
Multiple destination definitions can be combined into a single tunnel-type client-access application to simplify maintenance and to help avoid errors. You may have users who access different types of applications on their computers. With tunnel 2.0, you can configure a single tunnel-type client-access application and add many client applications.
This saves time needed to configure individual TCP-type client-access applications for each client application or an individual tunnel-type client-access application for each domain. The application pooled tunnel-type client-access application can be used for accessing print servers on private IP addresses and also access domain-based applications (having FQDN) using either TCP, UDP, or both protocols, on specific port or port ranges. Each tunnel 2.0 client application allows these parameters in each destination:
Different traffic protocols. TCP, UDP, or both types.
Domain names, host names or FQDN. Specific domains or wildcard domains.
IP addresses. Specific IP4 addresses with or without subnets.
Ports. Specify ports, port-ranges or both.
You can also have multiple destination definitions in a single tunnel-type client-access application to simplify maintenance. For example, in the tunnel-type client-access application, you can have the following five different applications located at different destinations.
Enterprise Application Access Cloud only filters this type of traffic to reach the connector to be rerouted to the data center. Any other types of traffic is blocked in the Enterprise Application Access Cloud.
|Destination||Protocol (Traffic type)||IP or URL (Domain Name/Host Name/IP)||Port (port/port range)||Description|
|1||Allows TCP-type traffic on port |
|2||Allows TCP-type traffic on port |
|3||Allows TCP-type traffic on port |
|4||Allows UDP-type traffic on port |
|5||all||Both TCP- and UDP-type traffic on |
Your users can, for example, access
destination 1 for benefits,
destination 2 for getting news,
destination 3 for a print server,
destination 4 for a mail server, and
destination 5 for all websites hosted under
With this single tunnel-type client-access application configuration - if all these conditions are satisfied - Enterprise Application Access Cloud does not block the traffic. Users can securely access all five applications on the different application servers in the data centers.
You can still block some of the subdomains for wildcard application with domain exception lists in advanced settings of application configuration.
For the application pooling capability in tunnel-type 2.0 client-access applications, upgrade your client to a recommended EAA Client 2.0.0 version (or higher).
Updated about 1 year ago