Author: Beijing – Gouzi Preface The internal network penetration frp penetration tutorial is coming. Not many bbs go directly to the tutorial. If you want to know the specific principles and details of frp, please Baidu Search Name. The final demonstration here is to log in to Qunhui through frp. This tutorial is applicable to the following people: no public network wants to access nas through the external network.
If there is a problem in the public network, add a friendly prompt of Internet access protection. If you are not familiar with Linux or commands, you should follow my tutorial completely (this tutorial has been simplified as much as possible). How I operate here, you can operate it, first ensure success, and then according to your own personalized settings.
Prerequisites for server operation SSH tool: FinalShell download address: a cloud server with public ip. 1. Log in to Tencent Cloud first, and reset the system to centos7.6 (other systems are also available. If you don’t know the difference between the systems, please follow the operation steps in this tutorial)
2. Reset the server root password.
3. Log in to the ECS using ssh.
4. Because the official installation of frps requires commands such as vi editor and linux, here for convenience, the open-source one-button script on github is used to install frps. The script has two sources. The foreign VPS uses the source of github, and the domestic VPS recommends using the source of Aliyun, otherwise it may be very slow.
Aliyun (AliCloud source) # Download script (copy and input in sequence) wget https://code.aliyun.com/MvsCode/frps-onekey/raw/master/install-frps.sh -O ./ install-frps.sh
#Set script permissions chmod 700/ Install-frps. sh # Run the script./install-frps. sh install5. This tutorial uses Tencent’s cloud domestic server, uses Aliyun’s source, and enters the commands in turn, as shown in the following figure.
6. Enter the third command and press Enter to enter the configuration interface. Select the download address for downloading frps, where we select .
Please enter the following port numbers and configurations according to your own choice, not exactly according to my copy. If you don’t understand the meaning of the port, please follow my input. After the tutorial is completed, you understand the meaning of the port, and modify it according to your own needs (especially if you mark the important ones). 7. Enter the communication port of frps, please enter it according to your own needs, and I enter  here.
8. Enter the http communication port, I enter  (important) 9. Enter the https communication port, I enter  (important) 10. Enter the frp information panel port, I enter  11. Enter the user name and password of the management panel respectively, for example, the user name is admin and the management password is admin.
12. Enter the communication password, and I will enter it here, 12345678 (important) 13. Set the domain name. If there is one, fill it in. If there is no default IP, I will select the default 14. The next step is to hit Enter by default all the way. 15. This interface appears to check whether the information entered before is correct, and then continue to the next step.
16. Wait a moment, and the following interface will appear.
17. Log in to the Tencent cloud console and find the ports in steps 7, 8, 9 and 10 of [Firewall Settings]. Here I open the     ports. (Please separate multiple ports in English)
18. The browser enters the domain name (ip): port number. If the following page appears, it indicates that the background setup is successful. Here I enter http://184.108.40.206:8444 The user name and password are set in step 11.
19. The server side has been successfully deployed. In general, it is very simple to deploy using one-key script. Thank the developer of one-key script, Qunhui Client 1. Log in to Qunhui, open the file station, create a new frp folder under the docker directory, create a new text document on the desktop, and then drag the text document to the frp directory.
2. Double-click the text document and paste the following command. Please change the configuration flexibly according to your situation. Here are two examples: one is to use http protocol to access NAS, the other is to use tcp protocol to log in to ssh, and then ctrl+s to save and rename the file to frpc.ini [common]
#Server ipserver_ Addr=220.127.116.11token=12345678 # port server_ Port=7000 # name, custom [nas] # type
Type=tcp # device ip local in LAN_ Ip=192.168.31.11 # Local area network device port local_ port = 5000
#The listening port * can be modified to any letter, and the number after the equal sign is remote_ Port=5002 # name, user-defined [ssh] # type ssh type is tcp
Type=tcp # device ip local in LAN_ Ip=192.168.31.11 # Local area network device port local_ port = 22
#The listening port * can be modified to any letter. Note: all listening ports need to be opened in the firewall of the service area.
3. Open the Qunhui Docker registry to search for stilleshan, select stilleshan-frpc to download the image, and then start it in the image after downloading.
4. After the download is completed, start the image. The container name is default. Check Execute container with advanced permissions, and then click Advanced Settings.
5. Follow the settings below. Advanced settings: check Enable automatic restart of storage space: establish the following link
The mapping path is:/frp/frpc.ini network: check the same network port settings, links, and environment as the docker host to keep the default settings unchanged. 6. After the configuration is completed according to step 5, the container starts successfully, as shown in the following figure.
7. At this time, we can successfully access the Internet by entering the (domain name) server ip: port number in the browser. Domain name method: http://18.104.22.168:5002
Detail optimization 1. According to the above tutorial, I don’t need to set a port for each service and open it in the firewall. It is too troublesome. We use the Qunhui alias to log in, log in to Qunhui, open [Control Panel], [Login Portal], [Application] and [Alias] and enter keywords.
2. In this way, we can log in to file through http://22.214.171.124:5002/file To log in to filestation. Please add it yourself.
To sum up, before August 2021, because the apartment rented in Beijing must use the landlord’s network, so broadband cannot be installed. Access to the home’s nas server and other services are achieved through frp penetration and have been very stable. Therefore, I have a good feeling for frp. Even if I have a good public broadband now, I will build a frp as a backup access method, so I wrote this article to record, However, during the construction today, no matter what port you use, you will be prompted for filing. So here is a demonstration of using server IP. If foreign servers can consider using domain names to access, it will save the trouble of remembering IP. Of course, it’s OK to not remember IP. I also wrote the navigation page service. If you are interested, please refer to it. Thank you.
The port is not easy to remember. Add a navigation tutorial for Qunhui NAS Heimdall