Configure Multi-hop Secure Shell Sessions
Use multi-hop connections when you need to establish secure connections through a series of Secure Shell servers. This is useful if your network configuration doesn't allow direct access to a remote server, but does allow access via intermediate servers. The diagram represents such a series. The Windows workstation needs secure access to ServerC, but cannot connect directly to either ServerB or ServerC. ServerA can connect to ServerB which, in turn, can connect to ServerC.
Windows workstation ServerA ServerB ServerC
When you configure a multi-hop list, Reflection for Secure IT creates a secure end-to-end connection by establishing a series of secure tunnels. Each tunnel is established within an existing tunnel, and goes one step further along the chain.
The last server in the chain is the host you specified when you set up your initial Secure Shell connection. Add the other servers in order (top to bottom starting from the client side) to your multi-hop server list. The following procedure describes how to do this.
To configure multi-hop sessions
Note: If you are using this connection to tunnel data for another application (such as a browser or mail client), use the Tunneling tab to configure that port forwarding. For example, if your mail server runs on ServerC, after configuring this multihop, you can create a new local port forward as follows: for Local port to forward, specify any unused port (for example 1110), for the remote host Name, enter localhost ("localhost" in this context identifies the last server in the series-ServerC in the example above), and set the Port value equal to your mail server port (usually 110). When the Reflection multihop tunnel is established, you will be able to access the mail server securely by configuring your local mail client to connect to localhost:1110.