Fading Coder

One Final Commit for the Last Sprint

Home > Tech > Content

Configuring FRP for Secure Internal Network Access

Tech 2

FRP (Fast Reverse Proxy) is a reverse proxy tool written in Go that enables acccess to internal network services from external networks. It supports TCP, UDP, HTTP, and HTTPS protocols, allowing services behind firewalls or NAT to be exposed securely.

Key Features of FRP

  • Expose HTTP, HTTPS, or remote services from machines behind firewalls.
  • Support for virtual hosting based on domain names, enabling multiple domains to share a single port.
  • Provide TCP and UDP services for external access, such as SSH connections to internal hosts.

Installation FRP is cross-platform and available for Windows, Linux, macOS, and ARM. Download the appropriate package from the GitHub releases page.

For Linux:

wget https://github.com/fatedier/frp/releases/download/v0.36.2/frp_0.36.2_linux_amd64.tar.gz
tar xzvf frp_0.36.2_linux_amd64.tar.gz

Configuration

Server Configuration Create a server configuration file frps.ini:

[common]
bind_port = 7000
token = secure_token
  • Adjust bind_port as needed and ensure firewall rules allow traffic on this port.

Start the FRP server:

chmod 700 frps frps.ini
./frps -c ./frps.ini

Client Configuration Create a client configuration file frpc.ini:

[common]
server_addr = public_ip_address
server_port = 7000
token = secure_token

[remote_access]
type = tcp
local_ip = 192.168.1.100
local_port = 3389
remote_port = 7000
  • Replace public_ip_address with the server's public IP and adjust local_ip and local_port for the internal service.

Run the client on Windows:

cd C:\frp_0.36.2_windows_amd64
frpc.exe -c frpc.ini

Automating Client Startup

Using a Batch Script Create a file start_frpc.bat:

cd C:\frp_0.36.2_windows_amd64
frpc.exe -c frpc.ini

Run this script to start the client.

Using a VBS Script for Auto-Start Create a file frpc.vbs:

Set ws = CreateObject("Wscript.Shell")
ws.run "cmd /c C:\frp_0.36.2_windows_amd64\start_frpc.bat", vbhide

Place frpc.vbs in the Windows startup folder (shell:startup) to run on boot.

Using NSSM for Service Management Install NSSM and create a service:

nssm install frpc
nssm start frpc

Commands for service control:

  • Start: nssm start frpc
  • Stop: nssm stop frpc
  • Restart: nssm restart frpc
  • Edit: nssm edit frpc
  • Remove: nssm remove frpc

Optional: Enabling Dashboard Add to frps.ini:

[common]
dashboard_addr = public_ip_address
dashboard_port = 7500
dashboard_user = admin
dashboard_pwd = admin
enable_prometheus = true

Allow port 7500 in the firewall:

firewall-cmd --zone=public --add-port=7500/tcp --permanent

Access the dashboard at http://public_ip_address:7500 with credentials admin/admin.

Verifying Open Ports Check open ports on the server:

firewall-cmd --zone=public --list-ports
Tags: FRP
Back to List

Prev: Advanced Techniques for iframe Integration and Security

Next: Implementing Ripple Effects for Android Buttons

Related Articles

Understanding Strong and Weak References in Java

Strong References Strong reference are the most prevalent type of object referencing in Java. When an object has a strong reference pointing to it, the garbage collector will not reclaim its memory. F...

Comprehensive Guide to SSTI Explained with Payload Bypass Techniques

Introduction Server-Side Template Injection (SSTI) is a vulnerability in web applications where user input is improper handled within the template engine and executed on the server. This exploit can r...

Implement Image Upload Functionality for Django Integrated TinyMCE Editor

Django’s Admin panel is highly user-friendly, and pairing it with TinyMCE, an effective rich text editor, simplifies content management significantly. Combining the two is particular useful for bloggi...

Leave a Comment

Anonymous

◎Feel free to join the discussion and share your thoughts.

Copyright © fadingcoder.top