You can support us by downloading this article as PDF from the Link below. Download the guide as PDF

It is usually a big challenge for geeks who would love to access their local server over the internet. Don’t you worry no more, we shall be exploring a tool that can be used to expose your local server and services behind a firewall on NAT over the internet. In this article you’ll learn to expose a Local Server behind a NAT or firewall to the internet using FRP Proxy.

FRP proxy is a reverse proxy written in Golang that allows you forward a port of your local server behind a firewall or NAT to a public server.

FRP proxy currently supports TCP, UDP, HTTP and HTTPS protocols.

Expose Local Server behind a NAT or firewall to the internet using FRP
FRP Architecture

Let us explore the basic configuration methods for FRP proxy.

Before you can have this setup up and running, you need the following:

  1. A local server that is behind a firewall or NAT, e.g your laptop.
  2. A remote server with a public IP, e.g AWS EC2 instance.

Installation of FRP Proxy

Let us jump into the installation part.

Step 1 – Download and extract FRP

Download the latest version of FRP from their Github repository. This should be downloaded on both the local and the public server.

wget https://github.com/fatedier/frp/releases/download/v0.34.1/frp_0.34.1_linux_amd64.tar.gz

Extract the downloaded package

tar -xvf frp_0.34.1_linux_amd64.tar.gz

The following files are in the extracted directory:

$ cd frp_*_linux_amd64
$ ls
frpc  frpc_full.ini  frpc.ini  frps  frps_full.ini  frps.ini  LICENSE  systemd

At the public server, the frps and frps.ini file are needed.

Step 2 – Setup Public server

On the public server, we only need to set the bind_port under the [common] in the frps.ini file to 7000. This is the default port, you can also define your own port depending on your preference. 

$ sudo vi frps.ini
[common]
bind_port = 7000

Step 3 – Start FRP on public server

We need to start the service on the public server to allow connections from the local server.

The following command shall be used:

./frps -c ./frps.ini

You should see an output that the service is listening on the specified port:

$ ./frps -c ./frps.ini
2020/11/07 11:17:36 [I] [service.go:190] frps tcp listen on 0.0.0.0:7000
2020/11/07 11:17:36 [I] [root.go:212] start frps success

Step 4 – Configure FRP on local server

With FRP up and running on the Public server, the next step is to configure the local server.

For example, to expose ssh on our local server. The required files on the local server are frpc and frpc.ini.

Edit the frpc.ini file and add the following details:

  • Put the Public servers IP in the server_addr value and the port you defined in the Public server under the [common] section. 
[common]
server_addr = <PUBLIC_SERVER'S IP>
server_port = 7000

[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 6000

In the above configuration, we have exposed port 22 of our local server to port 6000 of the public server.

We have also defined the protocol that we’re using, TCP.

We can also expose a web service running on your local server in the same configuration. You can add the webserver details just below the ssh configuration in the frpc.ini file.

In the example below, the webserver is running on port 80 of the local server and will be forwarded to port 8080 of the public server.

[web]
type = tcp
local_ip = 127.0.0.1
local_port = 80
remote_port = 8080

Step 5 – Start FRP on local server

The following step is to start FRP service on the local server.

./frps -c ./frps.ini

You can now ssh to your local server using the following command:

ssh -oPort=6000 [email protected]<Public-server's IP>

You can also access the webserver running on the public server’s port 8080

http://<public_server's IP>:8080

You should also allow the respective ports on the remote server if you have a firewall configured.

Monitor FPS using Dashboard

FPS has its own dashboard that can be configured to view the stats and metrics.

To activate you need to add the details below in the frps.ini file of the Public server.

[common]
bind_port = 7000
dashboard_port = 7500

dashboard_user = admin
dashboard_pwd = admin

You can specify the username and password to the details of your choice. Then restart frps.

You can open the dashboard on port 7500 of the public server.

Expose Local Server behind a NAT or firewall to the internet using FRP Proxy 2
Expose Local Server behind a NAT or firewall to the internet using FRP Proxy 3

Daemonize FRP service

You might want to have FRP services on local and public server running as a service/daemon.

To daemonize frps service on the public server:
  1. Copy the frps file to /usr/bin
sudo cp frp_*_linux_amd64/frps /usr/bin

2. Copy the frps.service file in systemd folder to /etc/systemd/system. 

sudo cp frp_*_linux_amd64/systemd/frps.service /etc/systemd/system

3. Create folder called frp in /etc/ directory.

sudo mkdir -p /etc/frp

4. Copy frps.ini file to /etc/frp

sudo cp frp_*_linux_amd64/frps.ini /etc/frp

5. Reload daemon

sudo systemctl daemon-reload

6. Start frps service

sudo systemctl start frps.service

Check service status after starting:

$ systemctl status frps
● frps.service - Frp Server Service
   Loaded: loaded (/etc/systemd/system/frps.service; disabled; vendor preset: disabled)
   Active: active (running) since Sat 2020-11-07 16:19:41 EAT; 1s ago
 Main PID: 1081169 (frps)
    Tasks: 11 (limit: 49439)
   Memory: 16.3M
   CGroup: /system.slice/frps.service
           └─1081169 /usr/bin/frps -c /etc/frp/frps.ini

Nov 07 16:19:41 server.computingforgeeks.com systemd[1]: Started Frp Server Service.
Nov 07 16:19:41 server.computingforgeeks.com frps[1081169]: 2020/11/07 16:19:41 [I] [service.go:190] frps tcp l>
Nov 07 16:19:41 server.computingforgeeks.com frps[1081169]: 2020/11/07 16:19:41 [I] [service.go:289] Dashboard >
Nov 07 16:19:41 server.computingforgeeks.com frps[1081169]: 2020/11/07 16:19:41 [I] [root.go:212] start frps su>
Nov 07 16:19:42 server.computingforgeeks.com frps[1081169]: 2020/11/07 16:19:42 [I] [service.go:444] [cde064bce>
Nov 07 16:19:42 server.computingforgeeks.com frps[1081169]: 2020/11/07 16:19:42 [I] [tcp.go:63] [cde064bcec86ff>
Nov 07 16:19:42 server.computingforgeeks.com frps[1081169]: 2020/11/07 16:19:42 [I] [control.go:446] [cde064bce>
Nov 07 16:19:42 server.computingforgeeks.com frps[1081169]: 2020/11/07 16:19:42 [I] [tcp.go:63] [cde064bcec86ff>
Nov 07 16:19:42 server.computingforgeeks.com frps[1081169]: 2020/11/07 16:19:42 [I] [control.go:446] [cde064bce>
To daemonize frpc service on local server:
  1. Copy frpc file to /usr/bin
sudo cp frp_*_linux_amd64/frpc /usr/bin

2. Create folder called frp in /etc/ directory.

sudo mkdir -p /etc/frp

3. Copy frpc.ini file to /etc/frp

sudo cp frp_*_linux_amd64/frpc.ini /etc/frp

4. Copy the frpc.service file in ~/frp_*_linux_amd64/systemd folder to /etc/systemd/system/.

sudo cp frp_*_linux_amd64/systemd/frpc.service /etc/systemd/system/

5. Reload daemon

sudo systemctl daemon-reload

6. Start frpc service

sudo systemctl start frpc.service

Confirm service is in running state:

$ systemctl status frpc
● frpc.service - Frp Client Service
     Loaded: loaded (/etc/systemd/system/frpc.service; disabled; vendor preset: enabled)
     Active: active (running) since Sat 2020-11-07 14:59:23 EAT; 1h 22min ago
   Main PID: 1898174 (frpc)
      Tasks: 11 (limit: 18957)
     Memory: 3.9M
     CGroup: /system.slice/frpc.service
             └─1898174 /usr/bin/frpc -c /etc/frp/frpc.ini

Nov 07 16:20:05 local frpc[1898174]: 2020/11/07 16:20:05 [I] [control.go:276] [cde064bcec86ffe7] control writer i>
Nov 07 16:20:05 local frpc[1898174]: 2020/11/07 16:20:05 [I] [service.go:174] [cde064bcec86ffe7] try to reconnect>
Nov 07 16:20:05 local frpc[1898174]: 2020/11/07 16:20:05 [E] [control.go:158] [cde064bcec86ffe7] work connection >
Nov 07 16:20:05 local frpc[1898174]: 2020/11/07 16:20:05 [I] [visitor_manager.go:60] [cde064bcec86ffe7] gracefull>
Nov 07 16:20:05 local frpc[1898174]: 2020/11/07 16:20:05 [W] [service.go:177] [cde064bcec86ffe7] reconnect to ser>
Nov 07 16:20:06 local frpc[1898174]: 2020/11/07 16:20:06 [I] [service.go:174] [cde064bcec86ffe7] try to reconnect>
Nov 07 16:20:06 local frpc[1898174]: 2020/11/07 16:20:06 [I] [service.go:288] [cde064bcec86ffe7] login to server >
Nov 07 16:20:06 local frpc[1898174]: 2020/11/07 16:20:06 [I] [proxy_manager.go:144] [cde064bcec86ffe7] proxy adde>
Nov 07 16:20:06 local frpc[1898174]: 2020/11/07 16:20:06 [I] [control.go:180] [cde064bcec86ffe7] [ssh] start prox>
Nov 07 16:20:06 local frpc[1898174]: 2020/11/07 16:20:06 [I] [control.go:180] [cde064bcec86ffe7] [web] start prox>

You can now run FRP as a daemon. This helps if you want to run the service in the background, and also for management purposes.

Conclusion

We have successfully installed FRP proxy and configured it. This is a tool that can be very useful to system administrators who wish to access their locally hosted services through the internet. If this post has been useful to you, feel free to share and comment.

More articles to read on our website:

You can support us by downloading this article as PDF from the Link below. Download the guide as PDF

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here