Distributed Deployment¶
Sometimes you may encounter a situation where your phone is at home, but you are away. How can you use it? You can achieve distributed deployment through FIRERPA's built-in Frp or OpenVPN client, allowing you to connect to the distributed device from anywhere. Both solutions require you to have a public server and to configure the corresponding server-side software for proper use. Subsequent documentation describes how to deploy Frp and OpenVPN servers.
Danger
This chapter will not cover basic operations such as opening or closing firewall ports. We assume you understand and have completed the required settings, and that you have some knowledge of Frp and OpenVPN. Detailed instructions on how to deploy these two types of servers are provided in this article and subsequent chapters. If you choose to deploy them yourself, we strongly recommend using the OpenVPN networking method.
Via FIRERPA Hub¶
You can also deploy firerpa/hub + firerpa/hub-bridge yourself to achieve P2P access between devices. For specific operations, please refer to the project documentation.
Forwarding to an Internal Port via Frp¶
You need to first download the server program for fatedier/frp and start it strictly using the command we provide below. You can modify the port and token as needed. An frps version > v0.45.0 is required.
Danger
frps --token lamda --bind_addr 0.0.0.0 --bind_port 6009 --proxy_bind_addr 127.0.0.1 --allow_ports 10000-15000
Based on the command, write the properties.local configuration items as follows:
fwd.host=Your server's public IP address
fwd.port=6009
fwd.rport=Forwarding destination port (should be within the allow_ports range)
fwd.token=lamda
fwd.protocol=tcp
fwd.enable=true
Append or write the above configuration to properties.local and restart the FIRERPA service.
Forwarding to a Public Port via Frp¶
If you want to connect to the device from anywhere, we do not recommend this for security reasons. If you really need to do this, it is recommended to use OpenVPN-related features to place the device and your computer on the same network segment for access.
Danger
If you still plan to use the frp method mentioned above for arbitrary access, first ensure that the FIRERPA service is started with a service certificate. Then, change --proxy_bind_addr 127.0.0.1 in the frps startup command above to --proxy_bind_addr 0.0.0.0. This will cause the example port 12345 to be directly bound to the public network. If you do not start FIRERPA with a service certificate, anyone will be able to access it. This is extremely dangerous, and you should be prepared for the possibility of your data being maliciously accessed and destroyed.
Connecting to a Device Forwarded via Frp¶
Since the documentation above binds the forwarded port to the server's 127.0.0.1, the following content needs to be verified on the public server where frps is deployed. We assume your fwd.rport is 12345. The following demonstrates how to connect to the device using the Python library.
from lamda.client import *
d = Device("127.0.0.1", port=12345)
You can also open http?s://127.0.0.1:12345 in a browser on the server to access the device's remote desktop.
Implementation via OpenVPN Networking¶
Please refer to the relevant chapters on how to deploy an OpenVPN server to learn how to connect the device to the OpenVPN network.
Connecting to a Device on an OpenVPN Network¶
After networking with OpenVPN, the device operates no differently than in normal use. You just need to add your personal computer to this OpenVPN network to access the device directly via its OpenVPN private address. You can download the OpenVPN Connect client from the official OpenVPN website openvpn.net/client to connect to the same network.