Skip to content

Peer Node Network Flow

In a peer node deployment, 12Port extends access to endpoints that are unreachable from the main node. The peer node is typically deployed in an isolated datacenter or virtual cloud network. While all user, script, and API interactions still flow through the main node, session and job traffic is transparently routed through the peer node.

Peer Node Network Flow

Diagram Overview

The diagram above illustrates the network flow involving both the main 12Port node and a connected peer node.

  • The blue rectangle represents the 12Port main server.

  • The red rectangle represents the 12Port peer node deployed in the isolated datacenter or virtual cloud network.

  • User Access via Browser
    Users connect to the main node's HTTPS port (typically 443 or 6443) to:

    • Navigate the tenant site, container, and asset hierarchy.
    • Manage and configure tenant settings.
    • Launch web-based remote sessions (SSH, RDP, VNC, Telnet, HTTP) via the peer node’s Remote Gateway (port 4822).
    • Launch web-based HTTP sessions via the peer node’s HTTP Proxy, individually configured per tenant (typically 8800, 8801, ...).
  • API Access for Automation
    Scripts, integrations, and automation tools access the 12Port REST API via the main node’s HTTPS port (443 or 6443).

  • Job Execution
    The 12Port job pool executes jobs on remote endpoints over the peer node's HTTPs (port 443 or 6443) protocol.

  • Native RDP Access

    • Users connect using RDP clients (e.g., Microsoft Remote Desktop, Remote Desktop Connection Manager, MobaXTerm, etc) to 12Port the RDP Proxy port individually configured for each tenant (typically 3300, 3301, ...) to establish native RDP sessions.
    • These sessions are forwarded through the peer node’s HTTP Proxy (8800, 8801, ...) to the target endpoints.
  • Native SSH Access

    • Users initiate native SSH sessions using clients such as Terminal, PowerShell, PuTTY, MobaXTerm, WinSCP, or others to connect to the 12Port SSH Proxy port individually configured for each tenant (typically 2200, 2201, ...) to establish native SSH sessions.
    • Traffic is routed through the peer node’s HTTP Proxy configured for individual tenants (typically on the port 8800, 8801, etc) to the remote endpoint, as well as to connect to the 12Port terminal interface.

HTTP Proxy on the peer node should be reused for multiple main nodes or main node tenants that require access to the resources accessible by the peer node.

  • Peer Node Responsibilities
    • The Remote Gateway (listening on port 4822) by-passes all WEB Session traffic to remote endpoints using SSH, RDP, VNC, Telnet, and HTTP protocols.
    • The HTTP Proxy (listening on 8800, 8801, ...) by-passes Native Session traffic to establish native RDP, SSH, scp, sftp, ssh tunnel sessions with remote endpoints as well as by-passing WEB HTTP Sessions traffic to remote WEB Portals.
    • The HTTPS API (listening on 443 or 6443) by-passes job executions to the remote endpoints using ssh, WinRM(s), LDAP, HTTPs or Telnet protocols.