Configure FRP to achieve Intranet penetration

FRP: github.com/fatedier/fr…

First, the role of FRP

Use the machine behind the Intranet or firewall to provide HTTP or HTTPS services for the external network.

For HTTP, THE HTTPS service supports domain-based virtual hosts and custom domain name binding, enabling multiple domain names to share port 80.

The devices behind the Intranet or firewall can provide TCP and UDP services on the external network. For example, you can access the hosts on the Intranet through SSH at home.

2. Install FRP

1. Github address: github.com/fatedier/fr…

You can use WGET to download a copy for both the Internet and Intranet servers.


wget https:/ / github.com/fatedier/frp/releases/download/v0.33.0/frp_0.33.0_linux_amd64.tar.gz

Copy the code

2. Decompress tar -zxvf frp_0.330._linux_amd64.tar. gz

3, go to the decompression directory CD frp_0.330._linux_amd64, all files starting with FRPC are client files, so all deleted, our server only needs files starting with FRPS


rm -rf ./frpc*

Copy the code

4. Configure the server (public network server)


vim ./frps.ini

Copy the code

Note that the configuration file does not support comments. Please do not copy Chinese characters into it


[common]

bind_port = 7000# port bound to the client for communication vhost_http_port =6081# custom port number for accessing the client Web serviceCopy the code

Save and start the service./ FRPS -c./frps.ini, which is the foreground startup, the background startup command is nohup./ FRPS -c./frps.ini &

5. Configure the client (Intranet server), delete the FRPS file first, and then configure vim./frpc.ini


[common]

server_addr = 47.9333.108.# public network server IP server_port =7000[web] type = HTTP # local_port =80# Custom_domains = www.mczhangyi.top # Public network server domain name bound to it. Level-1 or level-2 domains can be usedCopy the code

Save and execute

Linux Base command


./frpc -c ./frpc.ini

Copy the code

The Windows PowerShell command is


./frpc.exe -c ./frpc.ini

Copy the code

6. Access mode

(1) SSH access from the Internet to the Intranet server (directly using the data in the configuration)

IP: 47.93.33.108 port: 6000

IP: 47.93.33.108 port: 22

IP: www.mczhangyi.top port: 6000

IP: www.mczhangyi.top port: 22

(2) User-defined binding domain name to access Intranet Web services (note which port the server is bound to, remember to add)

www.mczhangyi.top:6081

Third, the end

1. If a message is displayed indicating that access is denied when the client connects to the server, the server needs to enable firewall ports (except in the production environment).

2. The FRPS Dashboard displays the FRP status and proxy statistics through a browser.

Note: Dashboard has not been optimized for large proxy data displays, so do not enable this feature if Dashboard access is slow.

To enable this function, specify the port used by the Dashboard service in the frps.ini file on the server:


[common]

dashboard_port = 7500

Copy the code

# Dashboard username and password. The default username and password are admin


dashboard_user = admin

dashboard_pwd = admin

Copy the code

Open the browser. Log in to the Dashboard through http://[server_addr]:7500. The default user name and password are admin.

3. For other functions, please read the FRP Chinese documentation: github.com/fatedier/fr…