0 votes
by (120 points)

hi,

is there an option to configure ipFilter deny/allow options for each tunnel separately? alternatively, is tehere an option to create multiple instances of a service, each with its separate config of tunnels and ipFilter allow/deny list?

Applies to: Rebex TLS

1 Answer

0 votes
by (73.6k points)
edited by

Unfortunately, per-tunnel IP filtering is not currently supported.

Fortunately, Windows are able to override built-in service installer using the sc command. This command worked for me (run as Admin):

sc create RebexTlsProxy2 obj="NT AUTHORITY\Network Service" DisplayName="Rebex Tls Proxy 2" binpath="\"c:\proxies\tlsp2\tlsproxy.exe\" run --run-as-service"

Please note that the path to executable is c:\proxies\tlsp2\tlsproxy.exe but the service must be run with run --run-as-service arguments. Therefore you have to build the binpath parameter like shown: binpath="\"c:\proxies\tlsp2\tlsproxy.exe\" run --run-as-service" (with escaped quotes around the path to executable).

I had to set correct permissions for Network Service account to c:\proxies\tlsp2\ folder. Also please make sure that the service can write to logging location (configured in config.yaml).

...