Last updated on April 25, 2020
For many IT workers remotely involved with networking, it is quite common to need to expose your Intranet application to the outside world in a secured manner. Unfortunately, we work most of the time from private IP networks, be that at the workplace, at home or at the coffee shop. The router(s) or firewall (s) that stands between our workstation and the internet makes it harder to expose a local socket to the outside. Most of the time, this is preferable for security.
A couple of solutions you can choose now:
1. Change your router / firewall configuration to do port forwarding or NAT from public to your application. But in many cases, you wont be able to make that changes or you even do not have that options.
2. Tunneling services : either self hosting or cloud services such as:
This post is going to explore some of tunneling services I am using.
Setup & Installation
1. Download ngrok
ngrok is easy to install. Download a single binary with zero run-time dependencies. There are following versions available to download : Winodws, Mac OS X Linux Mac (32-bit) Windows (32-bit)Linux (ARM) Linux (32-bit) FreeBSD (64-Bit)FreeBSD (32-bit)
Note: Windows Ngrok is a command line tool. You will need to unzip it into a folder then use it from command line.
2. Unzip to install
3. Connect your account
Following screenshots are captured from Windows OS.
|Windows Command line ngrok commands|
|Ngrok connection forwarding to localhost 3389 (Windows Remote Desktop Service)|
4. Fire it up
5. Expose a local webserver
Youtube Video for all steps in Windows 7 :
FRP (Fast Reverse Proxy)
What is frp?
frp is a fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet. Now, it supports tcp, udp, http and https protocol when requests can be forwarded by domains to backward web services.
1. Deploy frps at server side.
[root@testserver1 frp 0.21.0_1inux_amd64]# ./frps -c ./frps.ini 2018/11/25 19:20:00 [I] [service.go:130] frps tcp listen on 0.0.0.0:8000 2018/11/25 19:20:00 [I] root.:o:207 Start fris success
Windows zip file name is frp_0.21.0_windows_386.zip (32bit) or frp_0.21.0_windows_amd64.zip (64bit). Download address :
$ ./frpc -c ./frpc.ini 2018/11/25 12:21:23 [I] [proxy_manager.go:284] proxy removed:  2018/01/25 12:21:23 [I] [proxy_manager.go:294] proxy added: [testssh] 2018/01/25 12:21:23 [I] [proxy_manager.go:317] visitor removed:  2018/01/25 12:21:23 [I] [proxy_manager.go:326] visitor added:  2018/01/25 12:21:23 [I] [control.go:240] [3b123131341cb] login to server success, get run id [3b123131341cb], server udp port  2018/01/25 12:21:23 [I] [control.go:165] [3b123131341cb] [ssh] start proxy success
2018/08/14 19:29:14 [I] [service.go:319] client login info: ip[3b123131341cb] version [0.21.0] hostname  os [windows] arch [amd64] 2018/08/14 19:29:14 [I] [service.go:217] [3b123131341cb] [testssh] tcp proxy listen port  2018/08/14 19:29:14 [I] [control.go:335] [3b123131341cb] new proxy [testssh] success
Localtunnel allows you to easily share a web service on your local development machine without messing with DNS and firewall settings.
Localtunnel will assign you a unique publicly accessible url that will proxy all requests to your locally running webserver.
npm install -g localtunnel
lt --port 8000
Other Remote Control Softwares
- TeamViewer (可免费使用情况下,属于性能较好的解决方案, UAC穿透能力弱)
(tv 在 server 上要 licence，，而且 tv 最大的缺点是更新频繁，低版本高版本混用，闹心~在 win10 上也容易被 uac 卡住，，目前能穿透 uac 的，只有 xt800 了)
- Citrix gotomypc (面向企业级用户,无社区版,体验良好,微软的远程桌面功能mstsc一部分是向Citrix购买的)
- 向日葵 (Windows还行, Linux糟糕)