VPN only connections for Fluid

Jump Desktop Connect has a built-in technology that tries its best to create an end to end encrypted connection between machines, even if there is no direct path between the two hosts using indirect networking routes and relays. This feature frees up users from manually opening ports and configuring network settings. However, this also creates problems in locked-down environments where administrators need to control when a user is allowed to connect.

You can now configure Jump Desktop Connect to allow connections only when there is a direct networking path between the devices.

In this mode, Jump will never fallback on relay servers or take indirect networking routes. So for example, if a user tries to connect without VPN enabled from another network, the connection attempt fails because Jump will not be able to find a direct route between the user and the target machine.

Note: In this mode, Administrators must make sure that their firewall rules allow the VPN IP address pool to communicate over UDP with the host machines. Connections will fail otherwise.

How to configure Direct Connection Mode

  1. You'll need to make sure you're using the Lock down settings feature with your computer.
  2. In your Connect Configuration, make sure Direct Connections Only is checked
  3. Save your settings.
  4. To test and see if these settings are working, try connecting to the machine from an outside network or a from a mobile network.

Lockdown Settings

Lock down settings let you enforce settings for the Jump Desktop Connect app from your team's web dashboard. Once settings are assigned to a machine, it can not be changed from the Jump Desktop Connect app running on the host machines.

You can apply settings to individual machines on your team or to entire access groups. 

Requirements 

  • Currently only available for Teams Enterprise billing plan.

How to get started with Lockdown settings.

  1. Visit https://app.jumpdesktop.com and sign into your team's dashboard.
  2. Click the Connect Settings icon.
  3. Click New Configuration and give it a name and then click Save.
  4. Next assign it to the machines you want the settings to be enforced on (you can change the settings or the assignment later).

You'll notice that the Configuration window lists quite a few configuration options that are not available inside the Jump Desktop Connect app - such as the ability to turn off screen sharing, adding remote access users, configuring fluid ports. Here's a screenshot of what you can configure:



Once settings are applied to machines, the Jump Desktop Connect app on the machines will display a message in the Settings window: Settings are managed by your team's administrator.


Cloudless Fluid Connections

Jump Desktop Connect and Jump Desktop for Mac now support completely cloudless Fluid connections. This means that you can now use Fluid without any cloud dependencies. This is useful for environments that require super-high security or otherwise don't have access to the internet.

Limitations of Cloudless Fluid Connections

  • Important Security note: Team Access Control restrictions do not apply to manual connections. You are responsible for all firewall and security surrounding the connection. The connection to the machine will be allowed access as long as they can connect to the machine's IP address and they know a local user name and password. The connection will be encrypted end-to-end.
  • Only available on Teams Enterprise plans.

How to Enable Cloudless Fluid On The Remote Computer

There are two ways to enable Cloudless Fluid Connections - you can use either way:

1. In your Team's dashboard use the Lock down settings feature. Specifically you'll need to turn on the Manual Fluid Connections option:

2. Alternative way if the computer does not have any access to the cloud: Open up Jump Desktop Connect on the remote computer and then click the Settings icon -> Advanced -> CHECK Fluid -> CHECK Manual Fluid Connections.


How to Connect to Computers With Cloudless Fluid Enabled

You can connect to cloudless fluid using Jump Desktop for Mac by creating a new Manual connection: 

  1. Open up Jump Desktop for Mac or Windows
  2. Make sure you are signed in your Teams Enterprise account. This will unlock the Cloudless Fluid feature.
  3. Click File -> Add New.
  4. You should now see a new Fluid option in the Type area. Click Fluid and enter the machine's IP address to connect.