Tunnel
Zihin Tunnel provides secure access to on-premise services without opening inbound firewall ports. It connects your internal systems (databases, ERPs, APIs) to Zihin Cloud through an outbound-only WebSocket connection.
How it works
ZIHIN CLOUD YOUR NETWORK
┌─────────────────────┐ ┌─────────────────────────┐
│ │ │ │
│ Zihin Services │ │ Tunnel Agent │
│ (AI, Agents, │ WSS :443 │ (Docker) │
│ Automations) │◄────────────│ │
│ │ │ outbound │ ┌─────┐ ┌─────┐ │
│ v │ only │ │ ERP │ │ CRM │ │
│ Tunnel Server │ │ └─────┘ └─────┘ │
│ tunnel.zihin.ai │ │ ┌─────┐ ┌─────┐ │
│ │ │ │ │ DB │ │ API │ │
│ v │ │ └─────┘ └─────┘ │
│ HTTP Response │ │ (internal network) │
└─────────────────────┘ └─────────────────────────┘
The Tunnel Agent runs inside your network and initiates outbound WebSocket connections to Zihin Cloud. Zihin services send requests through this channel — the agent resolves the target service locally, injects authentication headers, and forwards the request to the internal service.
Key features
| Feature | Description |
|---|---|
| No inbound ports | The agent connects outward on port 443 (HTTPS/WSS). No firewall changes needed. |
| Credentials stay on-premise | Zihin Cloud sends requests by service name. The agent resolves URLs and injects headers locally. Credentials never leave your network. |
| Connection pooling | 4 parallel WebSocket connections avoid head-of-line blocking. |
| Auto-reconnection | Exponential backoff (1s to 60s) recovers from transient failures. |
| Transparent proxy | Zihin services call a standard HTTP endpoint. They don't know a tunnel exists. |
Request flow
Zihin Service Tunnel Server Tunnel Agent Internal Service
│ │ │ │
│ POST /t/{tenant}/erp/api │ │ │
│ ──────────────────────────>│ │ │
│ │ forward via WebSocket │ │
│ │ ────────────────────────>│ │
│ │ │ resolve "erp" + inject │
│ │ │ auth headers │
│ │ │ ────────────────────────>│
│ │ │ │
│ │ │◄─────── response ────────│
│ │◄─────── response ────────│ │
│◄─────── response ──────────│ │ │
The calling service receives a normal HTTP response — the tunnel is completely transparent.
Security
| Aspect | Detail |
|---|---|
| Transport | All communication uses WSS (WebSocket over TLS) |
| Tokens | Stored as bcrypt hashes in the cloud — plaintext is never retained |
| Container | The agent runs as a non-root user (tunnelagent, UID 1001) |
| Credentials | Headers in inject_headers are resolved locally and never sent to the cloud |
| Firewall | Outbound only on port 443 — no inbound ports need to be opened |
| Reconnection | Automatic exponential backoff (1s to 60s max) prevents overload on failure |
Requirements
| Requirement | Detail |
|---|---|
| Docker (recommended) | Docker Engine 20+ or Docker Desktop |
| Alternative | Node.js 20+ (without Docker) |
| Network | Outbound access on port 443 (HTTPS/WSS) |
| Token | Provided by the Zihin team (format ztun_...) |
| Internal services | URL(s) of the systems to be accessed via tunnel |
The agent uses less than 50MB of RAM and virtually zero CPU when idle. It can run on the same server as your internal services.