1, how does the external network server (such as the Java Web) connect to the database in the LAN?
2, how does the public network computer access a service in the LAN?
One of our previous projects was to make a website, and the site would have access to a SQL Server database within the client's local area network.
The public network computer accesses the database in the local area network???
At that time, we were baffled. At the end of the day, I called to consult the former company's technology Daniel, give me a description of port mapping and peanut shells
First we need to make clear 3 points:
(a) The computer in the public network is a gateway (external network IP) that can access the local area network;
(b) The gateway's extranet IP is assigned by the operator and is not fixed (so the peanut shell is used);
(c) The extranet is not directly accessible to a computer in the local area network.
Our initial solution is as follows: &NBSP;
Customer companies must be online via Tp-link because Tp-link has port mapping capabilities.
Why is the serve something port mapping? For example, the port number for SQL Server database is Span style= "Color:rgb (255,0,0);" >1433 , where the computer IP is 192.168.1.125 (example), you can port mapping in Tp-link, the effect is as long as the port number to access the public network IP is 1433 , Tp-link will locate the IP is 192.168.1.125 (example) of the computer, That is tp-link through this mechanism, the port can be used to locate the designated computer on the LAN.
sacrificial port, analog public IP
This achieves the purpose of a public network access to a computer in the LAN. such as &NBSP;
650 ) this.width=650; "Src=" http://dl2.iteye.com/upload/attachment/0109/4503/ E93f8a12-ce0c-371a-91c4-ced3fc62e2c9.jpg "style=" border:0px; "/>
But the customer company uses the telecommunications light cat Internet, and Telecom optical cats do not have port mapping functionality , so you must have a tp-link. After connecting Tp-link, the topology diagram is as follows: &NBSP;
650) this.width=650; "src="/HTTP/ Dl2.iteye.com/upload/attachment/0109/4505/b3c80246-b705-389b-a0a6-c393f1721bcb.jpg "style=" border:0px; "/>
In this case, there is a two-layer LAN, but port mapping can only penetrate a layer of LAN
Now there are two problems:
1, more than a tp-link, because there are two routers there are two layers of LAN, port mapping can only penetrate a layer of LAN;
2, the gateway's extranet IP is always possible to change. IP must not be written dead when accessing the public network.
solution for Puzzle 1 :
Bullhorn Cat only acts as bridge, speaking in a more popular way, is to act as a network cable. So need to crack light cat, how to crack light cat?
First connect the light cat directly with the computer, get the Light cat Super Administrator, the steps are as follows:
Note: The computer must be directly connected to the light cat
Log in with the Useradmin account and password behind the cat 192.168.1.1
Then download http://192.168.1.1/backupsettings.conf
to download the backupsettings.conf, proceed as follows:
(a) Log in using the user name password on the back of the router;
(b) After successful login, hit the http://192.168.1.1/backupsettings.conf in the address bar
(c) may also enter the login screen (previously logged in, how to log in again?) not normal Ah! Let's not do it. Enter the user name password on the back of the router, which may be repeated 3 times
(d) After successful login, repeat (b) until the download is successful.
Open with Notepad and findTelecomadmin+ 8 digits, this is your light cat.Telecomadmin's password.
First put url>Http://devacs.edatahome.com:9090/ACS-server/ACSFind it, change it into url>.Http://devacs.edatahome.com.disable:9090/ACS-server/ACS, making it impossible to connect to the remote Management Server, and then locate
<totalterminalnumber>5</totalterminalnumber>, change 5 to a larger number to remove the limit on the number of optical cat access devices.
and then useTelecomadminAccount number and the password you just found login 192.168.1.1
Open the Http://192.168.1.1/updatesettings.html page and restore the newly changed configuration.
Enter the broadband Settings screen to change the Internet connection from PPPoE to Bridge (Bridge), similar to the following interface
650) this.width=650; "Src=" http://dl2.iteye.com/upload/attachment/0101/8945/ F76a634c-a8b8-352b-a075-8af83f9f5c48.jpg "alt=" Broadband Settings "style=" border:0px; "/>
After setting up, let the Router connect the light cat, and then Host B (the computer where SQL Server is located) the number of routers, login 192.168.1.1, first set the Internet parameters (password), and then set the port mapping.
Note: At this time, the computer directly connected to the light cat will not be able to surf the internet , must be connected to the Tplink router, because the light cat only play bridge function.
Question: Why connect to Host B in LAN, not even the database of public network?
No, because the customer previously purchased a client software, the client software installed a database, and we do the site to get the data in the database, so can only connect to Host B database
Because the port number of the SQL Server database is 1433, we need to map1433Port number.
The steps are as follows:
Login to the Tp-link console,
650) this.width=650; "Src=" http://dl2.iteye.com/upload/attachment/0109/4188/ E404dfac-4aa3-33d8-837b-f165d345b6b1.png "alt=" virtual Server "title=" click to view original size picture "class=" Magplus "width=" "height=" 344 " Style= "border:0px none;"/>
650) this.width=650; "Src=" http://dl2.iteye.com/upload/attachment/0109/4190/ 86cb51d2-9152-3f1f-acf7-f9fc825498ec.png "alt=" Add Port "title=" click to view original size picture "class=" Magplus "width=" "height=" 281 " Style= "border:0px none;"/>
650) this.width=650; "Src=" http://dl2.iteye.com/upload/attachment/0109/4192/ 94d3dca6-62ef-3e52-afdc-4e24195ae72b.png "alt=" is mapped via port to LAN IP "title=" "style=" border:0px none; "/>
That is, access to the gateway's 1433 port number is equivalent to direct access to LAN computer 192.168.1.125
workaround for Puzzle 2 :
Using port mapping technology, the public network IP is always possible to change, at this time need to use the peanut shell software binding a domain name.
Peanut shell: http://pan.baidu.com/s/1pJFgLDL
Registration page: HTTPS://CONSOLE.ORAY.COM/PASSPORT/REGISTER.HTML&NBSP;
registered successfully: &NBSP;
650) this.width=650; "src="/HTTP/ Dl2.iteye.com/upload/attachment/0100/1927/62bd45f0-81f5-3ee5-af28-1c0ee8af6d9f.jpg "alt=" registered peanut Shell "title=" "style=" border:0px none; "/>
Peanut Shell client:
650) this.width=650; "Src=" http://dl2.iteye.com/upload/attachment/0100/1929/ Bad6a07b-69ea-398b-abc6-12a3be82eca5.jpg "alt=" Peanut Shell Client "title=" "style=" border:0px none; "/>
Open cmd and ping the peanut shell domain name directly:
650) this.width=650; "Src=" http://dl2.iteye.com/upload/attachment/0100/1935/ E451d8fa-8441-3677-a812-e9305edebcee.jpg "alt=" Ping registered domain name "title=" "style=" border:0px none; "/>
View domain Name resolution information, double-click the domain name:
650) this.width=650; "Src=" http://dl2.iteye.com/upload/attachment/0100/1939/ 757cff22-cf6b-3798-954c-d463c904acb5.jpg "alt=" view peanut Shell Domain name resolution "title=" "style=" border:0px none; "/>
start the peanut shell client on Host B (the computer where SQL Server is located), bind the peanut shell domain name to this computer, as long as the gateway's external IP changes, the peanut shell client will immediately monitor and update the binding.
So the public network of computers as long as access to the peanut shell domain name can access Host B (SQL Server computer)
650) this.width=650; "Src=" http://img.blog.csdn.net/ 20150610231818838 "alt=" public network JDBC Configuration "title=" "style=" border:0px none; "/>&NBSP;
(a) Peanut shell the client must be installed on the LAN computer to be accessed by the external network;
(b) Telecom light cat must be cracked, because the normal user login is not visible to the Broadband Settings feature interface.
(c) When the light cat is cracked, the computer must be connected to the light cat, Cannot pass through the tp-link between the light cat;
(d) Be sure to change the optical cat connection type to " Bridge "
Description: Host B is a computer in the client's local area network
The final topology diagram:
650) this.width=650; "src=" http://img.blog.csdn.net/20150610233513540 "alt=" Final Topology "title=" "style=" border:0px none; " />
Reference: Telecom light cat hack
Crack the telecom light Cat, the external network direct connection LAN database