Configure FRP to achieve Intranet penetration
FRP: github.com/fatedier/fr…
First, the role of FRP
Use the machine behind the Intranet or firewall to provide HTTP or HTTPS services for the external network.
For HTTP, THE HTTPS service supports domain-based virtual hosts and custom domain name binding, enabling multiple domain names to share port 80.
The devices behind the Intranet or firewall can provide TCP and UDP services on the external network. For example, you can access the hosts on the Intranet through SSH at home.
2. Install FRP
1. Github address: github.com/fatedier/fr…
You can use WGET to download a copy for both the Internet and Intranet servers.
wget https:/ / github.com/fatedier/frp/releases/download/v0.33.0/frp_0.33.0_linux_amd64.tar.gz
Copy the code
2. Decompress tar -zxvf frp_0.330._linux_amd64.tar. gz
3, go to the decompression directory CD frp_0.330._linux_amd64, all files starting with FRPC are client files, so all deleted, our server only needs files starting with FRPS
rm -rf ./frpc*
Copy the code
4. Configure the server (public network server)
vim ./frps.ini
Copy the code
Note that the configuration file does not support comments. Please do not copy Chinese characters into it
[common]
bind_port = 7000# port bound to the client for communication vhost_http_port =6081# custom port number for accessing the client Web serviceCopy the code
Save and start the service./ FRPS -c./frps.ini, which is the foreground startup, the background startup command is nohup./ FRPS -c./frps.ini &
5. Configure the client (Intranet server), delete the FRPS file first, and then configure vim./frpc.ini
[common]
server_addr = 47.9333.108.# public network server IP server_port =7000[web] type = HTTP # local_port =80# Custom_domains = www.mczhangyi.top # Public network server domain name bound to it. Level-1 or level-2 domains can be usedCopy the code
Save and execute
Linux Base command
./frpc -c ./frpc.ini
Copy the code
The Windows PowerShell command is
./frpc.exe -c ./frpc.ini
Copy the code
6. Access mode
(1) SSH access from the Internet to the Intranet server (directly using the data in the configuration)
IP: 47.93.33.108 port: 6000
IP: 47.93.33.108 port: 22
IP: www.mczhangyi.top port: 6000
IP: www.mczhangyi.top port: 22
(2) User-defined binding domain name to access Intranet Web services (note which port the server is bound to, remember to add)
www.mczhangyi.top:6081
Third, the end
1. If a message is displayed indicating that access is denied when the client connects to the server, the server needs to enable firewall ports (except in the production environment).
2. The FRPS Dashboard displays the FRP status and proxy statistics through a browser.
Note: Dashboard has not been optimized for large proxy data displays, so do not enable this feature if Dashboard access is slow.
To enable this function, specify the port used by the Dashboard service in the frps.ini file on the server:
[common]
dashboard_port = 7500
Copy the code
# Dashboard username and password. The default username and password are admin
dashboard_user = admin
dashboard_pwd = admin
Copy the code
Open the browser. Log in to the Dashboard through http://[server_addr]:7500. The default user name and password are admin.
3. For other functions, please read the FRP Chinese documentation: github.com/fatedier/fr…