Intranet and extranet

The difference between Intranet, extranet, broadband, bandwidth, traffic, and network speed and the link address

How do I set the link address for the Intranet and the Internet

Intranet IP and extranet IP those things link addresses

How do Intranet and extranet communicate with each other

How does the computer access the Internet?

The school to let the student have a class when, do not go up outside net to do other thing, can drop outside gateway commonly, do not allow machine room computer to connect outside net, so you want to go up outside net, look for a teacher to go. For security reasons, companies will shut down the Internet for fear that employees will leak information inside the company. However, some enterprises will open the Internet, but for security consideration, the gateway of the Internet to do information filtering, security monitoring, once the occurrence of employee information leakage, immediately can be found out.

What is an extranet IP

Our Internet is just like a wide road, the various websites on the Internet, providing services, just like the various shops on the side of the road. Street number 1,2,3……. Just like extranet, when we want to go to a certain place, we directly press the number of the house, we can find it, this is the so-called extranet IP.

What is an Intranet IP address

Later, the economy developed, want to do business is too much, but there is only a position 6, how to do? For the sake of economic development, let’s build office buildings, let’s all work in the office buildings, each person has a room, the numbers are 101, 102, 103…… These house numbers are called Intranet IP addresses.

Disadvantages of Intranet IP

You know, most of the business is waiting for people to come in, not going out on the street, so these guys with Intranet IP started advertising, I’m in 101, I’m in beauty, the other guy is in 102, I’m in loans, come on. (We tell our friends about the Intranet and let them visit), but no one comes for a long time, what’s the matter? In fact, many people who saw the advertisement were very interested, but they could not find 101 or 102 on the street for a long time, so they had to go home. (When we access an Intranet directly, we can’t find the address, so we lose the packet.) The biggest disadvantage of the Intranet is that you cannot find the address and access it directly.

What is port forwarding

Office people a look, this is not ah, business or to do, how to do? So hire a receptionist and tell her, if someone asks you where the salon is, you tell them it’s on 101. (Starts to configure port forwarding.) If port forwarding is not set up, it is like a person getting to number 6 and Shouting, “I want to go to the beauty salon, I want to go to the beauty salon, I want to go to the beauty salon,” no one pays attention to him and goes home (failed access, lost bag).

What is blocked port 80

Slowly, people know beauty salons to make money, as long as the future to build an office building to open a beauty salon (Web server). Since the original beauty salon is in Room 101, so people assume that room 101 is a beauty salon, no special explanation is needed. (Port 80 is the default web access port.) But because some people play a pattern in the beauty salon, the administrator a look, this is not this is not messy? So the next order said, from now on all office building room 101, do not open, want to open must examine. (Mandatory closure of port 80, audit system), business in other rooms is normal.

A small problem left over from old ipv4

Just like when we go to a friend’s house, in the online world, we need to know the address of another computer to access it. One problem is that these IP addresses were not designed to take into account the fact that nowadays almost everyone has a computer and a mobile phone, and the world’s population is expanding rapidly. How do you distribute all those computers around the world? That is, multiple devices form an Intranet, and the Intranet communicates with external computers through a public IP address.

What is the difference between a public IP address and an internal IP address?

It costs the same, but you’re Intranet! Recently see a lot of people are teasing a problem, that is, broadband was secretly assigned Intranet IP by operators. In fact, in the IPv4 era, public IP addresses are scarce. Operators are not obliged to provide public IP addresses to each user, and they have no choice but to allocate internal IP addresses. But what I want to say is, why spend the same money, someone is Intranet, someone is public network!

Maximum difference between a public IP address and an internal IP address

  • Public IP address: a globally unique identity identifier. One IP address (except a few special IP addresses) represents only one device at a time. The device can access the Internet through the public IP address.

  • Intranet IP address: an unregistered IP address for internal use in an organization (LAN). An Intranet IP address cannot be used to access the Internet on the public network.

What are the impacts of Intranet IP addresses?

The average casual user is completely unaffected, but for some techies it’s a different story. For example: the donkey can not play, some games can not online, BT download is not supported, NAS can not FTP and remote transmission, the number of connections is very limited and so on.

What about Intranet users? Two big solutions

  • Plan 1: Negotiate with the carrier
  • Solution 2: Use a third-party Intranet penetration tool

Intranet and extranet


The so-called Intranet is the local area network (LAN), which is also our general private network. It can be a local area network environment built by a modern router at home, a larger local area network built by a router switch in a company, or the campus network of Zhejiang University. Simply put, an Intranet is a network of local computers that can communicate with each other.

That is, a local area network (LAN) is a computer group connected by multiple computers in a certain area. Usually within a few thousand meters. LAN can realize file management, application software sharing, printer sharing, working group scheduling, E-mail and fax communication services and other functions. Lans are closed and can consist of two computers in an office or thousands of computers in a company.

The network

Extranet refers to the whole Internet network. You can access services that are not in your local area through extranet. You can visit B station to learn about women’s wear, play online games, chat on various social software and so on.

Wan, also known as the public network. A remote network that connects computers in different local area networks or metropolitan area networks to communicate. Usually across a large physical range, covering a range from tens of kilometers to thousands of kilometers, it can connect multiple regions, cities and countries, or across several continents and can provide long-distance communication, forming an international long-range network. Wan is not the same as Internet.

The difference between Intranet and extranet

1. The difference between IP address Settings: Generally, the Intranet has its own IP address segment, which does not conflict with the Internet number segment. The Intranet starts from below the router, and all IP addresses start with 192. Generally can not have the Internet IP, because individuals or small groups using the Internet is also a waste of resources, so generally through the Intranet to access the Internet, Internet IP is generally used for companies, enterprises, schools and other institutions.

2, the Intranet computer connection to the Internet needs a unified exit, may be limited to some unnecessary access, and the Internet without a router or switch can access the Internet network, can be directly accessed by the outside world, without how to equipment, directly connected to the computer.

3, the internal network will be more than the external network of a layer of security firewall (by the external network), relatively against the attack ability from the external network will be better; The disadvantage of an Intranet is that it may be attacked from within. The relative speed may be slower (the more terminals, the slower) because of the shared bandwidth.

4. The IP address of the Intranet can be changed frequently and you can define your own rules. And the IP of the net outside is fixed commonly, when you have installed broadband, your IP is fixed.

Give an example

You installed broadband in the home, in order to more than one person can use the same broadband router, you buy at this time, all connected to the router on the computer, connected to the router out wifi on computers, cell phones, they belong to the same LAN, you look at their network connection, you will find at the beginning of 192, three segment before the IP Numbers are all the same. Only the last one is different. These phones and computers use the Intranet, but if they all go to the Internet address, then their external IP address is your broadband IP address, and all the phones and computers have the same external IP address, and that’s the Internet.

In the network topology above, all workstations, servers, switches, and routers form a LAN. They all belong to the same internal network and have only one exit and the same external IP address.

Intranet penetration easy tutorial

Intranet penetration tool

Can network penetration of 10 tools Ngrok peanut shell NATAPP God zhuo interconnection

Why use Intranet penetration?

As a Web developer, we sometimes need to temporarily deploy a local Web site to the extranet for human experience evaluation, debugging assistance, etc. We usually do this:

  • Found a Web server running on an extranet

  • The server has the environment required by the website, otherwise build their own

  • Deploy the web site to the server

  • After debugging, remove the site from the server

Just want to show a website to a friend just, want to be so troublesome, tired feeling does not love

The use of ngrok

Ngrok is a reverse proxy that establishes a secure channel between a public endpoint and a Web server running locally. Ngrok captures and analyzes traffic on all channels for later analysis and replay.

To put it bluntly, if you write a project that runs perfectly on a PC and wants to access it on a mobile phone, you can only keep the mobile phone and computer in the same LAN. However, this technology can combine your local IP and port (for example: Localhost :8080) is converted to a universal network like, so that computers and phones can be accessed seamlessly even if they are not on the same LAN.

Intranet through

We can surf the Internet happily if we have a public IP address on the Intranet, but the same problem is that IP addresses are not enough, so generally speaking, our operators dynamically assign an IP address during the user’s use period, so it is not fixed. If our home address is not fixed, in the outside want to write a letter to the home, send a Courier of what, that is simply embarrassed me fat tiger. But that’s okay. Intranet penetration can help us solve that problem. Due to dynamic IP allocation, we are separated from our own Intranet by a veil. Intranet penetration is to expose the services of computers on the Intranet to us through this veil.

Difference between FRP and NGROK

Between do Intranet penetration, has been using ngrok, but the open source version (1.7) has a serious memory leak problem, before the small traffic did not notice. Measuring about 20,000 calls would cause the service to hang. Currently, FRP, an open source project, is used for Intranet penetration, and the stability is good so far. It is recommended that you do not use ngrok in production.

Intranet penetration of applets

Setup of applets

  • 1. Set the following parameters in the wechat developer tool: do not verify the legitimate domain name, Web-view (business domain name), TLS version and HTTPS certificate
  • 2, wx.request do not use localhost for the requested address, but should be changed to the IP address of the local server
  • 3, mobile phone and computer (local server) need to connect to the same LAN (WIFI network)
  • 4, mobile phone scan code into the small program, need to open the debugging mode to request data

The setting of ngrok