How does an Internet user access an intranet FTP server? From: csdn
FavoritesQ: My Netcom user has set up an FTP on the machine. In XP, The ipconfig command gets 10. XX. XX. XX Intranet IP address. My friend is a Telecom ADSL user. Is there a way for my friend to access my FTP?
Q: My Netcom user has set up an FTP on the machine. In XP, The ipconfig command gets 10. XX. XX. XX Intranet IP address. My friend is a Telecom ADSL user. Is there a way for my friend to access my FTP?
A mature solution is to configure the VPN Network (Virtual Private Network ). Using this network structure, remote computer users can securely access the FTP server on the network through the physical links of the existing network as needed. The biggest characteristic is that the speed is fast, just like in a LAN. Let's take a look at the details below.
1. Understand VPN
Virtual Private Network (VPN) is an extension of a private network, through VPN, data can be sent between two computers through a shared or public network by simulating a point-to-point dedicated link. We can understand it as follows: VPN is the "bus line" in the road, but it should be distinguished that the bus line composed of VPN does not exist physically, but is simulated by some technical means, it is "virtual", so it has good confidentiality and is not subject to renewal, so that both parties can freely and securely point-to-point connections.
Ii. VPN erection preparation
Generally, the Win9x/2000/XP operating system has a built-in VPN function and a dedicated Broadband Router that supports the VPN function. However, the investment is too large. In order to make better cooperation between different systems, we use third-party software to achieve (Wingate VPN ). The general setup process is: first apply for a free domain name, then install and configure the software on two computers separately, and then you can use the VPN network as in the LAN.
Windows VPN: http://www.cloudnet.com.cn/download/wgvpn.exe
3. setup process
1. Free Domain Name application
In general, the Internet addresses of broadband are dynamically changing. to communicate with each other remotely, we must have a fixed IP address to find each other, the solution is to apply for a domain name and install dynamic domain name resolution software. There are still many sites that provide such services online, such as www.phx.2mydns.com and Taobao! After applying for a domain name and activating it as prompted on the page, download the DNS software "peanut shell" provided on the website for installation (only on the provider server ), in this way, the domain name resolved by the other end can be accessed to the server.
2. install and configure Wingate VPN on the server (that is, the Netcom FTP Server)
At the beginning of configuration, set the directory to be shared on this computer to share. When the installation is complete and Wingate VPN is started, you are required to enter the Logon account and password. The default account name is "Administrator" and the password is blank, as shown in 1. (You can change the password in "Change Password" under "options" in the main menu, but the account does not seem to be able to be changed ).
Then you need to create a VPN user. The method is to switch to the "users" option on the left of the main interface, right-click "users" and choose "New User", enter the user name and password, and check "account enbled" below.
Step 1: click the "control" button in the toolbar and double-click "Add a new VPN" in the "VPNs hosted" column on the left "; enter the VPN name and node name under the "General" tab in the displayed dialog box. Remember to select "local" as "Local Network ", otherwise, the other party will not be able to enjoy the VPN service (as shown in Figure 2 );
Step 2: switch to the "X509 Certificate" tab and generate a private certificate for simple authentication on the VPN network. Select "generat A X509 Certificate first" and then click "generat certificate". In the window shown in figure 3, enter the certificate password twice and keep the other items as default, then, set the founder information, such as e-mail, and click Finish in the next step.
Step 3: configure the user information that can access the VPN connection. Switch to the "ies" tab and click the "add" button below to go to the window 4 shown. The "recipient" option is used to set the user groups that are allowed to access, either all or specified; further permission configuration can be made in the "location" and "time" options. We recommend that you keep the default value for the efficient and simple operation of the VPN instance. After the configuration is complete, return to "recipient" and click "Apply", and then click "OK ".
Now the VPN configuration of the server is complete, and the VPN name is displayed on the right of the main interface. To allow the other end to access the server, you must import the server configuration to the other end, which is a simple and convenient way to use this software. Method: Double-click "general" in the "Miscellaneous" box on the left of the main interface, select the created VPN project under the "VPNs to host" tab, and click "Export config" (export configuration ); in the dialog box shown in figure 5, enter the current IP address of the local machine or the free domain name applied for in the previous step. Click OK and select the Save path (generate a file suffixed with VPN ).
If you want to upload the configuration file to the other end, just think about it!
3. Access side settings. (Computer client)
First, install Wingate VPN on the receiving end using the Server Installation Method. Double-click the "General" option in the "Miscellaneous" box on the left of the main interface, and switch to "VPNs to join" and click "Import config" (import configuration ); select the configuration file provided by the server to import it, and then the window shown in 6 will appear. Let's further verify the configuration of the server; click OK. The VPN configuration name is displayed in the "VPNs to join" column on the main interface. Select "Connect" and the computer name on the server is displayed on the right. Similarly, if the VPN file configured at the receiving end is imported to the server, the two sides can also be connected successfully, which fully reflects the advantages of point-to-point network access.
Iv. Application
As long as the VPN connection is established, I think I know how to use it. If the connection is successful, the right side of the main window will show the directory shared by both sides, just like in the LAN, freely and securely access the pre-configured shared directory (that is, you can double-click the shared directory to open it, and all operations are the same as mutual access on the LAN ), of course, you can access various services on the server. Close the VPN service after using it to avoid some unexpected security risks.
Summary:
The above example shows the mutual access between two computers in a personal application, without too much consideration for security and other factors. If VPN is used between enterprise departments, because the VPN Network is a virtual network built on an open Internet platform, it is necessary to ensure that unauthorized users cannot access the VPN network; generally, dedicated VPN servers are installed, so that enterprise network administrators can specify that only users meeting specific identity requirements can connect to the VPN Server for access, in addition, all VPN data can be encrypted to ensure data security.
Tag: