banner
keney

keney

remain optimistic
twitter
HomeArchivesAboutportfolios

frp implements remote desktop connection

#frp#远程桌面连接254
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
Frp is a high-performance reverse proxy application that helps manage services within a private network and expose them to the public internet. Its main function is to enable internal network penetration, allowing external users to access services within the internal network. Frp can be used for scenarios such as internal network penetration, remote desktop access, building cloud computing platforms, and network monitoring. It is a useful tool for easily managing and accessing services within a private network.

Frp is a high-performance reverse proxy application that can help you easily manage services in your intranet and expose them to the public network. The main function of Frp is to achieve intranet penetration, allowing external users to access services in the intranet. Here are some application scenarios for Frp:

  1. Intranet penetration: With Frp, you can expose services in the intranet to the public network, such as web servers, FTP servers, SSH servers, etc.
  2. Intranet remote desktop: Frp allows you to use remote desktop to connect to computers in the intranet from the external network, facilitating remote management and maintenance.
  3. Building a cloud computing platform: Frp can help enterprises build private cloud environments and provide services such as virtual machines, storage, and computing resources.
  4. Network monitoring: Frp can be used to build a network monitoring system, exposing monitoring services to the public network through port forwarding, making it convenient for administrators to remotely view.
    In summary, Frp is a very useful tool that can help enterprises and individuals easily manage and access services in the intranet.

Official website: https://github.com/fatedier/frp/releases/tag/v0.48.0
Official documentation: https://gofrp.org/docs/setup/systemd/

Background#

When using the personal version (free) of todesk to connect to remote desktop (win10, win11), it is not user-friendly when the network environment is poor, so I want to use the frp tool.

Prerequisites#

The server needs to open security group rules

For example, take my Alibaba Cloud server as an example

image
Please refer to the specific configuration:

Frp implementation idea:#

First, clarify what the server and client are?

In FRP, the server and client refer to the two different roles of the FRP tool.
The server is the remote server of FRP, which runs on the public network and is usually used to provide intranet penetration functions. When you need to access devices in the internal network from the external network, you can deploy an FRP server on the public network and forward requests from the public network to the internal network device by configuring the corresponding mapping rules.
The client is the local component of the FRP tool, which runs on the internal network device to be accessed and connects to the remote server. The client registers its identity information with the server and sends heartbeat packets to the server regularly to maintain the connection. Once the client successfully connects to the server, the external network can access the internal network device where the client is located through the server.

Environment installation#

Use systemd to control frps and configure automatic startup on Linux systems

Here, take Linux server (CentOS) as an example,

Install systemd#

yum install systemd

Create and edit frps.service file (using vim editor)#

vim /etc/systemd/system/frps.service

Write content#

[Unit]
# Service name, can be customized
Description = frp server
After = network.target syslog.target
Wants = network.target

[Service]
Type = simple
# Start the frps command, modify it to the installation path of your frps
# For example, if my decompressed frp installation package is in this path /root/frp/frps
# ExecStart = /root/frp/frps/frps -c /root/frp/frps/frps.ini
ExecStart = /path/to/frps -c /path/to/frps.ini

[Install]
WantedBy = multi-user.target

As shown in the figure below:
frps.service
The above three steps can refer to: https://gofrp.org/docs/setup/systemd/

Download and extract the installation package#

Method 1:
In the already created /root/frp directory, execute the following command to download the frp installation package:

wget https://github.com/fatedier/frp/releases/download/v0.48.0/frp_0.48.0_linux_arm64.tar.gz

Method 2:
Download link: https://github.com/fatedier/frp/releases
Linux version (CentOS), download the version shown in the figure below:
frp download

Transfer the frp Linux package to a custom directory on the Linux server

For example:
Put it in the /root/frp/ directory (folder), and then extract the file frp_0.48.0_linux_amd64.tar.gz

tar -zxvf frp_0.48.0_linux_amd64.tar.gz

Then rename it:
mv original file name modified file name

mv frp_0.48.0_linux_amd64 frps

Or extract and rename directly

Configure the server (server)#

After decompressing the frp installation package, configure the files in the folder:

For example: frp is decompressed in the /root/frp/frps/ directory

Configure the frps.ini file

vim frps.ini

Enter the content:

[common]
# Server port
bind_port = 7000
binf_addr = 0.0.0.0
bind_udp_port = 7000

authentication_method = token
# The value of the authentication Token contains letters, uppercase and lowercase letters, numbers, etc.
token = custom token

# Visualization panel
dashboard_user = admin
# Dashboard password
dashboard_pwd = 123456
dashboard_port = 7500

Save the configuration and exit

Use the systemd command to manage frps

# Start frp
systemctl start frps
# Stop frp
systemctl stop frps
# Restart frp
systemctl restart frps
# Check frp status
systemctl status frps

Configure frps to start automatically on boot:

systemctl enable frps

Paste a visualization panel picture:
frp dashboard

Configure the client frp#

Download link: https://github.com/fatedier/frp/releases

frp download
Create a custom folder and extract it

Configure the client (win10 local machine)#

After decompressing the frp installation package, go to the frpc.ini configuration file and open it with a text editor
frpc.ini
Configure as follows:

# Global configuration
[common]
# Server public IP
server_addr = your server public IP address, modify it accordingly
# Server port
server_port = 7000

authentication_method = token
token = custom token

# Reverse proxy name, can be set arbitrarily
[RDP] 
# RDP is TCP protocol
type = tcp
# Local IP
local_ip = 127.0.0.1
# Default port for remote desktop
local_port = 3389
# Port for external network access
remote_port = 7001

Note: The token configured on the server needs to be consistent with the token configured on the client.
Reference: https://cloud.tencent.com/developer/article/1710141

Enter cmd in the directory and press enter, then run frpc.exe
As shown in the figure below:
frpc.exe
frpc running
The configuration is complete.

Next, connect to the remote desktop

Connect to remote desktop#

As shown in the figure below:
The computer is your server's IP address plus port

For example: 139.224.12.12:7001 (external network access port)
remote desktop connection

Since I use a Microsoft email on my computer, the username is [email protected], and the password is the corresponding Microsoft email password.
If you use a local account to log in, the username is your local username, and the password is the startup password.

If you don't want to use the IP address, you can bind the IP address to the domain name, or if you don't want to enter the port, you can use reverse proxy.

Summary#

In summary, frp is not only used for remote desktop, but also for intranet penetration, penetration testing, etc.

Attachments#

Reference 1: https://cloud.tencent.com/developer/article/1710141
Reference 2: https://www.cnblogs.com/zhanggaoxing/p/9221705.html
Alibaba Cloud official website: https://account.aliyun.com/login/login.htm

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.