Foreword:
TCP penetration principle: In fact, client A binds a port to send data, then listens to the port, and then the transit server tells client B that client A’s public IP and public network port, and client B connects to A’s public network IP and public network port, the data packet is automatically converted by NAT into the client's intranet IP and intranet port.
Configuration:
vim frpc.ini
This section of configuration will automatically appear on the client side, no need to add again, you can change it according to your needs
Test on Alibaba Cloud host
In this way, the local port 22 is accessed from the 6000 end of Alibaba Cloud, which realizes the internal network penetration of tcp, and Alibaba Cloud also needs to open port 6000
To facilitate understanding, draw a picture here to explain. Our purpose is to allow 192.168.2.200 to remotely reach 192.168.1.100 through port 22, but now it is not in a local area network, so it cannot be achieved (the local server does not have public IP)
But we have an Alibaba Cloud host through the public network ip on the Alibaba Cloud host to establish a connection with the local server, thus achieving TCP intranet penetration.
error:
I used ./frps -c frps.ini & to start the frp process, but there is a problem that as long as the ssh terminal is closed, the process will drop. The solution to this problem is to use nohup /frps -c frps. ini & start process