[Remote working] Intranet penetration is achieved in 5 minutes

During the epidemic, everyone is discussing the implementation of telecommuting. It is recommended to read PingCAP’s 5 Years of Telecommuting Practice written by Huang Dongxu. The following Intranet mapping tools are often used as supplements.

So let’s talk about why we do Intranet mapping

Accessing Intranet devices from the public network has always been a troublesome thing, especially for wechat development. The device may be behind a router, or the carrier may not assign you a public IP address because of a shortage of IP addresses. If we want direct access to these devices, it’s usually very cumbersome.

Beg network management big guy to add to oneself Intranet on routerPort mapping
buyPeanut shellsDynamic domain name resolution software
Use free (or paid) Intranet mapping services such as NatApp
Based on thengrok/frpCreate an Intranet mapping service

Why give up`ngrok`, the use of`frp`

We provided a free service of NGROk in 2016, and shared the steps of building for reference in “Angrok An Intranet Penetrating Service”. The steps of building were very unfriendly to ordinary users, so we stopped related services and switched to FRP later.

Github’s attention comparison

Protocol Penetration Support

FRP supports protocols such as HTTP, SSH, TCP, UDP and FTP

start

The preparatory work

To build a complete FRP service, we need

One ECS with a public IP address
Domain name (not required if no resolution is required)

The installation`FRP (FRPS)`The service side

Download the FRP installation package

Github.com/fatedier/fr…

Decompress the package and modify itfrps.ini

[common]
bind_port = 7000     # FRPS service started, occupied port
vhost_http_port = 80  The FRPS service listens for forwarding ports
Copy the code

Start thefrpsservice

./frps -c ./frps.ini
Copy the code

The installation`FRP (FRPC)`The client

On the target Intranet device, install the client. Download different versions based on the operating system

Access Intranet services by customizing domain names

Modify thefrpc.ini

[common] server_addr = ECS public IP server_port = 7000 [optional but must be unique]type= HTTP local_port = port of the local target service custom_domains = user-defined domain nameCopy the code

Start the client

./frpc -c ./frpc.ini

Copy the code

You can access Intranet services by accessing the customized domain name

Use SSH to access Intranet machines

Modify thefrpc.ini

[common] server_port = 7000 [optional but must be unique]type = tcp
local_ip = 127.0.0.1  
local_port = 22
remote_port = 10022
Copy the code

Start the client

./frpc -c ./frpc.ini

Copy the code

Access Intranet machines over SSH

ssh -p 10022 [email protected]
Copy the code

[Remote working] Intranet penetration is achieved in 5 minutes

So let’s talk about why we do Intranet mapping

Why give upngrok, the use offrp

Github’s attention comparison

Protocol Penetration Support

start

The preparatory work

The installationFRP (FRPS)The service side

The installationFRP (FRPC)The client

Access Intranet services by customizing domain names

Use SSH to access Intranet machines

Related Posts

Talk about the value call and address call

Some of the lesser-known shortcomings of Linux Epoll

Deep understanding of Java Virtual Machine (8) — Class Class file structure

Why give up`ngrok`, the use of`frp`

The installation`FRP (FRPS)`The service side

The installation`FRP (FRPC)`The client