Achieve the goal: map the port of the local network ( accessible to the Internet ) device to the public network server
1. Data preparation
Download np s (server) and np c (client) installation packages: https://github.com/ehang-io/nps/releases
Documentation: https://ehang-io.github.io/nps/#/
Installation package version (0.26.10 core version 0.26.0)
Supplement: Public network servers generally use x64 servers . Since my client is jetson nano, I chose the arm client for installation.
2. Operations on the public network server:
- Create the nps folder, enter the folder, download the nps server, move it to the folder and install it
tar xzvf linux_amd64_server.tar.gz ./nps install nps start ps -ef|grep nps # 查看进程 nps --version # 查看版本
- uninstall command
nps uninstall
-
Add the ports required for security group opening on the public network server (or open all 1-65535). The opening type can be UDP type , TCP type, or HTTP type.
- Outbound direction : refers to this ECS instance accessing other ECS instances in the intranet or private network or resources on the public network. Inbound direction : refers to other ECS instances in the intranet or private network or resources on the public network accessing this ECS instance.
3. Use the browser to configure nps operations:
- Public server IP+8080 For example, mine: 47.113.149.105:8080 Username admin Password 123
- Add client
- Add a TCP tunnel to the client
4. Client operations:
- Create the nps folder, put the client compressed package into the folder, and decompress the nps client ( arm64 )
tar xzvf linux_arm64_client.tar.gz ./npc -server=47.113.149.105:8024 -vkey=br0auqkcoat879fs -type=tcp
- Run the command generated above that needs to be executed on the client, port 8024 (nps default bridge port)
- The web side displays online
- Registration system (self-starting, daemon process)
- You can directly put the startup command into rc.local. The first npc is a directory and the next npc is a command.
5. Verification is successful
- I use MobaXterm for ssh connection. Fill in the user name and password to access the client. Do not fill in the server's.
- You can connect to the client through ssh to the server port to prove that server 8003 and port 22 of the local LAN device are interconnected.
6. Server-side nps stops running
- Client printing
- The web side cannot enter the server port 8080
- nps will be disconnected, but it will reconnect. It seems that the server is hung up. The reason has not been found yet.
- Connection refuse means that the server TCP port is not monitored, that is, the NPS side hangs up and will usually be restarted.
- Connection reset by peer means that the nps server's tcp connection is abnormal and sends a reset signal to the npc, allowing the npc to close the tcp connection.
- connection time out means the network is unavailable and the client cannot connect to the server.
- close mux Close the multiplexer