Use Linux to create an IP Tunnel-Linux Enterprise Application-Linux server application information. The following is a detailed description. With the decrease of available IPv4 addresses on the Internet, more and more enterprises begin to use NAT to access the Internet, and fewer public IP addresses are available. However, the demand for accessing internal servers through the Internet is increasing, therefore, this article discusses how to establish an IP tunnel through the Internet in linux to access internal servers.
Method 1: SSH-based encrypted channel
SSH (Secure Shell) is a Secure network connection program that can remotely log on to other systems over the network. It is an encrypted telnet protocol. However, in addition to the remote login function, OPENSSH can also establish an encrypted IP tunnel.
(400) {this. resized = true; this. width = 400; this. alt = 'click here to open new window';} "onmouseover =" if (this. resized) this. style. cursor = 'hand'; "onclick =" window. open ('HTTP: // www.linuxaid.com.cn/articles/1/0/1001155757/tunnel.png'); ">
Let's assume that the Alice.org server is located in the intranet of a certain Enterprise Network and its IP address is 192.168.2.200. It can access the Internet through NAT. Now we need to access Alice through a machine named bob.org on the Internet, that is, remotely logging on to Alice. At this time, we need to establish an IP tunnel between bob and alice. First, log on to Alice and run the following command:
# Ssh-R 11022:127. 0.0.1: 22 [url = mailto: ideal@211.1.1.1] ideal@211.1.1.1 [/url]
This command is used to log on to the server 211.1.1.1, and redirect server 11022 to local port 22. After the command is executed, the system prompts you to enter the ideal user password. after entering the password, the system will log on to the remote server bob. At this time, netstat-ln on bob will find Port 11022 listening, and keep the ssh connection from alice to bob open. After logging on to the server bob from any location on the Internet, we can log on to the alice server through this tunnel and execute the following command:
CODE: # ssh localhost-p 11022 |