Article Directory
Forwarded from the article of CSDN remote penetration: Linux installation pagoda, and realize the public network remote login pagoda panel [intranet penetration]
foreword
Pagoda panel, as a site building operation and maintenance tool, supports more than 100 server management functions such as one-click LAMP/LNMP/cluster/monitoring/website/FTP/database/JAVA, which can improve operation and maintenance efficiency. For novices, it is easy to use and basically does not need to worry about. And when we build a pagoda at home/company, there is no public network IP, but how to realize the pagoda panel that can access the internal network even outside?
Intranet penetration, it can use a server with a public IP as a "middleman" to establish a connection with a computer without a public IP and forward data. Therefore, if you want to achieve remote access to the public network, intranet penetration is a good choice.
The following simple steps implement the pagoda panel on Linux, and do intranet penetration to remotely log in to the pagoda panel in the public network environment:
1. Install Pagoda
Enter the official website to view the command, here is based on linux, the following is the linux installation command:
yum install -y wget && wget -O install.sh https://download.bt.cn/install/install_6.0.sh && sh install.sh ed8484bec
Wait for the installation to complete
After the installation is complete, record these access addresses and account information.
Then we open the browser, visit the above intranet address, the interface appears to indicate success, if there is no interface, it may be a firewall problem, you need to configure the firewall to release port 14550
After logging in with the account password above, you will be prompted to bind a Pagoda account. So we need to register a Pagoda account
After registering an account on the official website and logging in, we first open a pagoda port 14550
2. Install cpolar intranet penetration
cpolar official website: https://www.cpolar.com/
- install cpolar
Open the pagoda terminal command window and use cpolar to install the script:
curl -L https://www.cpolar.com/static/downloads/install-release-cpolar.sh | sudo bash
- token authentication
Log in to the cpolar official website www.cpolar.com, click on the left 验证to view your authentication token, and then paste the token in the command line
cpolar authtoken xxxxxxx
- Add a service to the system
sudo systemctl enable cpolar
- Start the cpolar service
sudo systemctl start cpolar
- Select security in the pagoda panel, and then open port 9200
- Log in to the cpolar web UI management interface
局域网ip:9200端口Access the cpolar management interface on the browser
Enter the account registered on the official website to log in to operate the tunnel.
3. Remote Access Pagoda
Next, create a tunnel to map the local port to the public network to realize remote access to the pagoda from the public network
Click Tunnel Management on the left - Create Tunnel to create a random http tunnel pointing to port 14550:
- Tunnel name: customizable, be careful not to repeat
- protocol: http
- Local address: 14550
- Port type: random domain name
- Region: China VIP
click创建
After the creation is successful, we open the online tunnel list to view the public network address
Then we use the public network address to access the pagoda panel. At this time, the following problem will occur. The problem is that when accessing the pagoda panel, an 8-digit character security entrance name needs to be added after the address
In order to make the connection smoother, we can turn off this verification, open the pagoda terminal, and enter the following command
rm -f /www/server/panel/data/admin_path.pl
Then re-visit the public network address, you can access successfully
4. Fixed http address
Since the tunnel just created uses a random temporary address, this address will change within 24 hours. For long-term remote access, we will configure this public network address as fixed next.
- Reserve the second-level subdomain
You need to upgrade to the basic package or above to support the configuration of second-level subdomains
Log in to the background of the cpolar official website , click on the dashboard on the left 预留, find 保留二级子域名, and reserve a second-level subdomain name for the http tunnel.
- Region: Select the server region
- Name: Fill in the second-level subdomain name you want to keep (customizable)
- Description: Remarks, which can be customized
This example reserves a baotatestsecond-level subdomain named . After the subdomain name is successfully reserved, we copy the subdomain name, and then we need to configure it in the tunnel.
5. Configure the second-level subdomain
Log in to the cpolar web ui management interface. 隧道管理Click —— on the left dashboard 隧道列表, find the tunnel that needs to be configured with a second-level subdomain name (baota tunnel in this example), and click on the right编辑
Modify the tunnel information and configure the second-level subdomain name into the tunnel:
- Domain Type: Select instead
二级子域名 - Sub Domain: Fill in the second-level subdomain name we just reserved (in this example
baotatest)
After the modification is complete, click更新
状态After the tunnel is successfully updated, click —— on the left dashboard 在线隧道列表, and you can see the public network address of the baotaTest tunnel, which has been updated to a second-level subdomain name, and copy the public network address.
6. Test access to the second-level subdomain
Open the browser, let's test access to the successfully configured second-level subdomain name, the test is successful, and it can be accessed normally. Now, our only private second-level subdomain name in the entire network has been created. And this address will not change randomly anymore, it is fixed, as long as the tunnel is online, we can use this public network address to remotely access anytime and anywhere, without the need for a public network IP or setting up a router.
