|
| 1 | +## Setting up a TCP server manually |
| 2 | + |
| 3 | +In this tutorial we will set up a TCP tunnel server manually. |
| 4 | + |
| 5 | +## Pre-reqs |
| 6 | + |
| 7 | +* A Linux server, Windows and MacOS are also supported |
| 8 | +* The inlets-pro binary at /usr/local/bin/ |
| 9 | + |
| 10 | +## Log into your existing VM |
| 11 | + |
| 12 | +Generate an authentication token for the tunnel: |
| 13 | + |
| 14 | +```bash |
| 15 | +TOKEN="$(openssl rand -base64 32)" > token.txt |
| 16 | + |
| 17 | +# Find the instance's public IPv4 address: |
| 18 | +PUBLIC_IP="$(curl -s https://checkip.amazonaws.com)" |
| 19 | +``` |
| 20 | + |
| 21 | +Let's imagine the public IP resolved to `46.101.128.5` which is part of the DigitalOcean range. |
| 22 | + |
| 23 | +```bash |
| 24 | +inlets-pro tcp server \ |
| 25 | + --token "$TOKEN" \ |
| 26 | + --auto-tls-san $PUBLIC_IP \ |
| 27 | + --generate=systemd > inlets-pro.service |
| 28 | +``` |
| 29 | + |
| 30 | +Example: |
| 31 | + |
| 32 | +```ini |
| 33 | +[Unit] |
| 34 | +Description=inlets Pro TCP Server |
| 35 | +After=network.target |
| 36 | + |
| 37 | +[Service] |
| 38 | +Type=simple |
| 39 | +Restart=always |
| 40 | +RestartSec=5 |
| 41 | +StartLimitInterval=0 |
| 42 | +ExecStart=/usr/local/bin/inlets-pro tcp server --auto-tls --auto-tls-san=46.101.128.5 --control-addr=0.0.0.0 --token="ISgW7E2TQk+ZmbJldN9ophfE96B93eZKk8L1+gBysg4=" --control-port=8124 --auto-tls-path=/tmp/inlets-pro |
| 43 | + |
| 44 | +[Install] |
| 45 | +WantedBy=multi-user.target |
| 46 | +``` |
| 47 | + |
| 48 | +Next install the unit file with: |
| 49 | + |
| 50 | +```bash |
| 51 | +sudo cp inlets-pro.service /etc/systemd/system/ |
| 52 | +sudo systemctl daemon-reload |
| 53 | +sudo systemctl enable inlets-pro.service |
| 54 | + |
| 55 | +sudo systemctl restart inlets-pro.service |
| 56 | +``` |
| 57 | + |
| 58 | +You'll now be able to check the logs for the server: |
| 59 | + |
| 60 | +```bash |
| 61 | +sudo journalctl -u inlets-pro |
| 62 | +``` |
| 63 | + |
| 64 | +Finally you can connect your TCP client from a remote network. In this case, port 5900 is being exposed for VNC, along with port 2222 for SSH. Port 2222 is an extra port added to the `/etc/ssh/sshd_config` file on the Linux machine to avoid conflicting with SSH on the tunnel server itself. |
| 65 | + |
| 66 | +```bash |
| 67 | +inlets-pro tcp client \ |
| 68 | + --token "ISgW7E2TQk+ZmbJldN9ophfE96B93eZKk8L1+gBysg4=" \ |
| 69 | + --upstream 192.168.0.15 \ |
| 70 | + --port 2222 \ |
| 71 | + --port 5900 \ |
| 72 | + --url wss://46.101.128.5:8124 |
| 73 | +``` |
| 74 | + |
| 75 | +You can now connect to the public IP of your server via SSH and VNC: |
| 76 | + |
| 77 | +For example: |
| 78 | + |
| 79 | +```bash |
| 80 | + |
| 81 | +``` |
| 82 | + |
| 83 | +## Wrapping up |
| 84 | + |
| 85 | +You now have a TCP tunnel server that you can connect as and when you like. |
| 86 | + |
| 87 | +* You can change the ports of the connected client |
| 88 | +* You can change the upstream |
| 89 | +* You can run multiple `inlets-pro tcp client` commands to load-balance traffic |
| 90 | + |
| 91 | +But bear in mind that you cannot have two clients exposing different ports at the same time unless you're an [inlets uplink user](/uplink/become-a-provider). |
| 92 | + |
| 93 | +We would recommend creating TCP tunnel servers via [inletsctl](/tutorial/ssh-tcp-tunnel) which automates all of the above in a few seconds. |
0 commit comments