To protect Intranet security, I believe that firewall programs are installed on the Intranet of the vast majority of organizations. As a result, the idea of many network administrators attempting to remotely control the Intranet workstation on the internet is forcibly "contained. This is not the case. Because my local network is installed with a firewall and only port 80 is opened on the Intranet, all other network ports are blocked. In the face of so many network restrictions, I try my best to solve them, it is also impossible to manage the Organization network through remote control programs at home. Later, after constant exploration, I finally crossed the Intranet restrictions and found a way to connect the Intranet and Internet to the "channel!
Thoughts on cross-Restriction
We know that to remotely control the Intranet over the Internet, closing the Intranet firewall and canceling the network access restriction is an option, however, this method is almost unacceptable for those organizations pursuing network security. Therefore, we must find a way to traverse the firewall and remotely connect to the Intranet and the Internet.
To achieve this, the pen specifically invited teamviewer's control software, and with the help of network control programs such as fport.exe?fportclient.exe, It is very convenient to penetrate the limitations of various network firewalls, and can quickly connect the Intranet and Internet "channels ", in this way, you can remotely control the Intranet over the Internet.
In this special control, we can first use the network management program fport.exe?fportclient.exe to map the content of the specific port in the Intranet workstation to the specified port in the Internet workstation, so that the Intranet and Internet can be connected to the "channel, then, a remote control connection is established through the TeamViewer control software to control the Intranet workstation over the Internet.
The biggest characteristic of this concept is that the master workstation and the controlled workstation do not require a fixed IP address of the device, and the workstation on both sides can control each other as long as the workstation can access the Internet, not limited by firewall programs!
Configure the masterWorkstation
The butler control program is used by the server and client for port ing. With these programs, we can easily simulate any port ing of the remote workstation to a local workstation. After obtaining the above software or program, copy them to the master control workstation and the controlled workstation respectively. Assume that the computer in the home is used as the master control workstation, and the computer in the Intranet is used as the controlled workstation.
Then, run the installation program of the TeamViewer control software on the master workstation. When the installation wizard displays the selection interface shown in.
Select the "Host Mode Installation" option, click the "Next" button, select the "Install TeamViewer as service" option, and set the access password of the service control end, click the "Install" button to Install the server program of the TeamViewer control software, we can also see the TeamViewer shortcut icon in the taskbar of the master workstation system.
Considering that the server program of the TeamViewer control software is set into a "DynGate Router" subroutine by default, and the subroutine must be registered before it can be used properly, in order to avoid the impact of this subroutine, we can go to the TeamViewer Control Software Configuration window and cancel the "DynGate Router" subroutine function.
Right-click the TeamViewer shortcut icon in the system tray area and run the "Options" command from the shortcut menu to open the option Setting Dialog Box as shown in.
On the "General" tab page of the dialog box, deselect the selected status of the "Use DynGate Router" project and click "OK, in this way, the "DynGate Router" subprogram function can be temporarily canceled.
Select the "Daily" option and click "Next" until the task plan creation is completed.
Next, return to the task scheduler List window, right-click the newly created task scheduler, and execute the "attribute" command from the shortcut menu, open the attribute setting interface of the corresponding task plan. On the "task" tab page of the Setting interface, we need to set "D: fport.exe 5900 the IP address of the controlled workstation 80 bytes of content is written in the runtime box. In this case, the Fport.exe program is saved in the root directory of drive D, and "5900" is the remote control port specially used by TeamViewer control software, the role of this string code is to control the workstation 5900 The information in the communication port is forwarded to port 80 of the controlled workstation.
On the "Schedule" tab page of the new task, click the "advanced" button to enter the advanced Options settings window, as shown in.
In this window, set the current task plan to be executed repeatedly and run once every minute. At the same time, select the option "if the task is still running, stop it, in this way, the master control workstation automatically tries to connect to the controlled workstation system every minute in the system background.
Configure the controlled Workstation
Install the client program of teamviewercontrol software by following the same procedure. Then, run the fportclient.exe Control Program, set the local communication port to 5900, set the remote communication port to 80, and click the start listening command. Then, the system displays the start listening port prompt.
When the fport.exeprogram in the main control station sends a connection request to the control station, the fportclient.exe program in the control station can listen to such connection requests, and a prompt will pop up automatically indicating that we have received connection requests from the remote workstation, as a result, the "channel" of an HTTP encapsulation will be smoothly connected.
In this case, you can open the client interface (as shown in) of the TeamViewer control software in the controlled workstation ).
Enter the IP address of the master workstation in the "Partner ID" field, select the "Remote Support" option in the interface, and click the "Connect to Partner" button, it will not take long for the remote connection between the master workstation and the controlled workstation to be created successfully, so that we can remotely control the workstation on the Internet.
Note that, by default, the firewall program of the master station and the controlled station does not enable the 5900 communication port, which requires us to remotely control the connection, you must first activate this port.
The method to open the communication port is very simple. You only need to open the firewall setting interface, click the "exception" tab, and click "add Port" on the corresponding tab page, set the name to "remote control" in the later interface, set the port number to "5900", and click "OK" to enable the 5900 communication port.