Cameyo's Cloud Tunneling allows end-users to operate Cameyo sessions on on-prem servers without connecting to a VPN and without having to open inbound firewall ports.

Its configuration is easy and flexible. You can even configure it to function in hybrid mode -- enabled for some apps or users but not for others.


Cloud Tunneling server

In most cases the Cloud Tunneling servers are provided and maintained by Cameyo. While you don't need to manage or maintain them, this section describes the inner workings of this cloud component:

  • The Cloud Tunneling server faces your on-prem Cameyo Play servers on one side on port 8443, and the user's browser on the other side on port 443.
  • When a session request is initiated which involves cloud tunneling, the Cloud Tunnel server receives an HTTPS request from the Cameyo portal which tells it to start brokering a session between the Play server and the user's browser. It validates the request using an API call which also gives the IP addresses of both the Play server and the user.
  • The Cloud Tunnel server's Port Shield opens its Windows Firewall port 8443 for the Play server's IP, and opens port 443 for the end-user's IP.
  • The user's browser connects to the Cloud Tunnel server on port 443 and waits for the Play server's connection to be brokered.
  • The relevant on-prem Cameyo Play server obtains the job through regular polling (checking Cameyo's cloud API for a job every X seconds).  It then connects to the Cloud Tunnel server on port 8443.
  • The Cloud Tunneling machine then acts as a transmitter between both parties. Cameyo's proprietary tunneld component is in charge of transmitting the communication between both parties.


The Cloud Tunneling service is fully compatible with Port Shield. Hence Cloud Tunneling servers are inaccessible from a given IP until an approved session request starts from it, which involves this specific Cloud Tunneling server.


A 2xCPU Cloud Tunneling server can serve approximately 40 sessions at once. This can vary according to the intensiveness of graphical display.