Working with Firewall Tunneling
Remote debugging is the process of creating a connection between two machines: For example, the machine on which the client (IDE) resides and the machine on which the Zend Server resides. When these machines are on the same local network or there are no security devices that limit remote connections, no additional action is required. However, if one or both of the machines are behind a firewall, the communication required to run the debug process is not allowed. To allow debugging and still maintain a secure environment, you need to use firewall tunneling.
After a firewall tunnel is created, instead of assigning more communication ports for the Debug / Profile Sessions with the remote server, all communication between your IDE and the remote server proceeds through the tunnel.
The tunnel communication port should be used in the following circumstances:
-
When debugging or profiling files on a remote server which is behind a firewall or other security device.
-
Establishing communication between Zend Studio and Zend Server when Zend Server is running on a remote server which is behind a firewall or other security device. The communication between Zend Studio and Zend Server facilitates the integration of Zend Server event reporting capabilities with Zend Studio’s editing, debugging and profiling features, and makes it more effective.
To set up a tunneling connection, several configuration settings must be defined, both in Zend Studio and on your server's debugger. This can be done through Zend Server , Zend Platform, Zend Core or your php.ini file.
The following procedure describes how to define allowed hosts for firewall tunneling. Users define allowed hosts for firewall tunneling to create a list of IP addresses (of computers that run Zend Studio) that connect to Zend Server for debugging purposes, in situations when a firewall stands between the machines.
Before setting-up tunneling, verify that the IP of the machine running Zend Studio is set as an allowed host. See Setting Up Debugging for more information.
Note:
The following instructions define how to configure Zend Server's side for tunneling. Additional IDE configurations are required to complete the process.
|
To define allowed hosts for debugging:
|
The IP or range of IPs is now allowed to connect to the server to debug PHP code with your IDE. Note: Do not add the same IP address to both the Allowed and Denied host lists. Pay attention when you specify a range of IP addresses: If you deny a range of addresses that includes an IP that was specified in the Allowed hosts, the host is not allowed to create a debug session. |
In order to properly setup a tunnel connection to Zend Studio you have to configure Zend Studio to allow Zend Server to establish a connection.
Zend Studio users should follow the instructions here - External Link