Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Tunneling can provide access through a proxy server (see the description of command-line flags below).  However, secured communication (SSL) between the client to the proxy server is currently not supported.

Table of Contents

System Requirements

The Windows client is compatible with Windows 7 and above (not Windows Vista).

The MacOS macOS client is compatible with MacOS macOS High Sierra and above.

Downloading the client


Click the "Network Tunnel" Button.

In the Dialog dialog that opens, follow the "Download" link.  The client executable will be downloaded to your machine.


For your convenience, the full command line (using your current credentials on the Cloud you connected to) is displayed in the dialog, and you can simply copy/paste it into your terminal.

03-istpc-started-mac-Screen Shot 2018-09-04 at 11.02.45

titleRunning on macOS

When running on macOS, please note:

  • Before the first run, make sure the downloaded file is executable (eg, run chmod +x network-tunnel)
  • In most shells, to start the client in the local folder, prepend ./ to the command (eg, ./network-tunnel ...)

A connected client is necessary but not sufficient for a tunnel to actually be created.    A session can be tunneled when the device is on a properly configured Agent with a connected Tunneling Server.  If your session is not tunneled, the Network Tunnel dialog may provide further information.  A typical case is when the device is on a WIFI network different from the one configured on the server for tunneling:


Where path-to-cert.pem is the file where your custom certificate can be found.

Using the Client with untrusted Cloud Certificate

In case you use a custom certificate for your cloud server, which is not trusted by the operating system on your Windows/macOS station, the tunneling client

will not connect to the cloud, and you will see a warning similar to this:

Image Added

The simplest way to resolve this, is to add the flag --no-verify-server-ssl-cert to the tunneling client command line.  This causes the client to trust any certificate.