5.2.2. One Firewall Closed, Outbound
Prev 5.2. How-To Scenarios Next

5.2.2. One Firewall Closed, Outbound

Primary Use  Securely access data from outside the control network, without VPNs.

[Note]

For all DataHub tunnels, the tunnel slave initiates the connection to the tunnel master. So, to tunnel outbound from the data source, you need to first configure the DataHub instance on the Data User side as the tunnel master, and then configure the DataHub instance on the Data Source side as the tunnel slave.

  1. On the Data User side, configure the DataHub instance as tunnel master.

  2. Move to the Data Source side and connect the DataHub instance to the data source.

  3. Still on the Data Source side, configure the DataHub instance as tunnel slave, making sure to configure these options as follows:.

    • For Data Flow Direction: choose Read-only for one-way, or Read-write for bidirectional data flow.

    • For When Connection Initiated: choose Override Master's values with mine.

    • For When Connection Lost: choose Mark Master's data “not connected”.

    These options are configured this way because the tunnel slave acts as the authoritative data source.

  4. Move to the Data User side and connect the data user to the DataHub instance.

See also Tunnelling Security - Best Practices.

Prev Up Next
5.2. How-To Scenarios Home 5.2.3. Both Firewalls Closed, with DMZ