7.1 – Reverse Agent: Getting started

Getting started
Start the agent - examples
Configuration options

With Spark Gateway, you can connect to a computer from anywhere, but some computers cannot be reached because they are buried deep within another private/internal network. To solve this problem, a reverse tunnel can be created between the gateway and the target computer, allowing you to connect to any computer/device.

Getting started

Reverse connection is disabled on the gateway by default. Please set reverse.enabled = true in gateway.conf to enable it.
Restart SparkView
Make sure you have the SparkGateway Agent installed, if not please download and install it from the links below:

Start the agent - examples

Notes in advance:

The Agent creates a server on the gateway which is disabled by default. The administrator must review and enable it before it can be connected. You can set reverse.review = false in gateway.conf to override this default behaviour.

The agent will output an HTTP link when it successfully connects to the gateway, and you can use this link to connect to your local computer from anywhere.

Examples:

💡
All commands must be entered from the command line.

Information and help on the agent.

sg_agent reverse --help

Create a reverse tunnel between localhost on port 3389 and the SparkView gateway (https://yourgateway). The default protocol for the tunnel is RDP.

sg_agent reverse --host localhost --port 3389 --remote https://yourgateway

Create a reverse tunnel between another local machine (192.168.0.8) on port 5900 and the gateway (https://yourgateway), protocol: vnc (or rfb), allow self-signed or expired certificate on the gateway (-k).

sg_agent reverse --host 192.168.0.8 --port 5900 --remote https://yourgateway --protocol vnc -k

Configuration options

The options for the agent can be transferred in two ways:

directly via the command with the help of inline parameters
via a configuration file

Inline parameters:

These are appended directly to the command, e.g.

sg_agent reverse --host localhost --port 3389 --remote https://yourgateway

The following parameters are currently supported:

Parameter	Action
`-h`, `--help`	Help and information
`--host`	Host name of the local computer
`--port`	Port of the local computer
`--remote`	Address of the SparkView server to be reached
`--protocol`	Protocol to be used. At the moment rdp, ssh, vnc and rfb are supported.
`-k`	Allow invalid certificates on the server (e.g. self-signed, expired, etc.)
`--debug`	Output debug log

Configuration file:

After the agent has been started for the first time, it automatically creates a configuration file in the following locations:

Windows: C:\Users\username\.sg_agent\sg_agent.conf
Linux: /home/user/.sg_agent/sg_agent.conf

This can then be changed and applies to future starts of the agent. An example of a configuration file looks like this:

local.port=3389
local.hostname=localhost
local.protocol=rdp
local.id=localclient1
remote.url=https://yourgateway
remote.allow_invalid_certs=true

The agent then only needs to be called up using the short command and loads the information from the configuration file:

sg_agent reverse

1.1 – Features

1.2 – Architecture

1.3 – What's the difference

2.1 – Install J2SE Software Development Kit (JDK)

2.2 – Install as a Windows service

2.3 – Install as Linux/Unix daemon

2.4 – Install as macOS daemon

2.5 – Install HTML client on other web servers

2.6 – Run SparkView as a container (Docker)

2.7 – Install as PWA

2.8 – Integrating a license

3.1 – Gateway

3.2 – HTTPS and WSS (WebSocket secure connection)

3.3 – Remote Desktop Web Access Portal Integration

3.4 – Servers & RDP options

3.5 – Users

3.6 – Easy printing

3.7 – RemoteApp and start a program instead of the whole desktop

3.8 – Clipboard redirection and shared clipboard

3.9 – Bidirectional audio redirection (RDP)

3.10 – File share (uploading and downloading)

3.11 – Session Recording and Playback

3.12 – Session Shadowing (join or share an active session on gateway)

3.13 – Native RDP shadowing (join any active RDP sessions)

3.14 – Touch interface (iOS, Android etc)

3.15 – Touch remoting

3.16 – Hyper-V Console and Enhanced Session Mode

3.17 – RDP connection cache/pool

3.18 – Symlink (access link)

3.19 – Macro recording

3.20 - Remote assistance

3.21 – RFB (VNC) protocol support

3.22 – SSH and Telnet

3.23 – Smart Card Redirection

3.24 – Scanner redirection

3.25 – USB redirection

3.26 – OAuth 2.0/Okta integration

3.27 – Active Directory, Azure AD, LDAP, RADIUS integration

3.28 – Using Java parameters

3.29 – Send logs to syslog

3.30 — Add HTTP/S proxy entry

4.1 – config.html

4.2 – file.html

4.3 – join.html

4.4 – login.html

4.5 – player.html

4.6 – rdp.html

4.7 – report.html

4.8 – shadow.html

4.9 – ssh.html

4.10 – telnet.html

4.11 – vnc.html

4.12 – Further files and views

5.1 – Session management

5.2 – Multi-Monitor

5.3 – SMB2 and SFTB file proxy

5.4 – Deploy, run and test applications in the cloud

5.5 – IP filter (iptables)

5.6 – SNMP integration

5.7 – SSH authentication with keys

6.1 – Reporting API (query server status, client side JavaScript API)

6.2 – RDP library (client side JavaScript API)

6.2.1 – RDP parameters

6.2.2 – Passing parameters via URL (Connection String)

6.2.3 – Passing parameter via object or cookie

6.2.4 – Usage of RDP class

6.2.5 – Extend RDP: Virtual Channel and Dynamic Virtual Channel

6.2.6 – Extend Gateway: Gateway Channel

6.3 – Plug-ins (server side Java API)

6.4 – HTTP Request API (server side)

7.1 – Reverse Agent: Getting started

Appendix A – Shortcut keys

Appendix B – Browser support

Appendix C – EchoHandler and network check

Appendix D – configuration example for nginx

Appendix E – configuration example for Apache Proxy

Appendix F – configuration for Juniper, Cisco, Dell etc SSL VPN

Appendix G – SMB path

Appendix H – Ping

Appendix I – TrustStore