Web应用程序Nat遍历 [英] Web Application Nat Traversal
问题描述
我们正在使用tomcat在全国的客户端计算机上使用java部署Web应用程序。
We are deploying web applications in java using tomcat on client machines across the country.
安装后,我们希望允许通过中央服务器远程访问这些Web应用程序,但我们不希望我们的客户端必须在其路由器。
Once they are installed, we want to allow a remote access to these web applications through a central server, but we do not want our clients to have to open ports on their routers.
是否有一种方式来隧道化http流量,中央服务器可以访问防火墙后面的Web应用程序?
Is there a way to tunnel the http traffic in a way that the central server can access the web application that is behind the firewall ?
中央服务器有一个静态的ip地址,我们可以完全控制它。
The central server has a static ip address and we have full control over it.
我们不需要访问文件系统,我们只想通过浏览器访问Web应用程序本身。
We don't need to access the filesystem, we only want to access the web application itself through a browser.
推荐答案
对于NAT,你通常要做的是获取网络应用程序向您的中央服务器发出请求,这会在NAT中打开一个漏洞。然后您的中央服务器可以接管此连接并访问网络应用程序。
For NATs what you usually have to do is get the web applications to make a request to your central server - which opens a "hole" in the NAT. Then your central server can take over this connection and access the web app.
这本质上变成了一个持久连接(因为他们现在可以召唤需求,他们总是必须连接到你)。也就是说,网络应用程序具有内置的逻辑,定期说我连接到家庭基地吗?不是,然后电话回家。
This essentially becomes a persistent connection (since they're now way to "summon" web apps on demand, they always have to be connected to you). That is, the web apps have logic built in to them that periodically says "am I connected to home base? No? Then phone home". This will get around NAT issues since it's client initiated.
This technique is used by Skype, Buildbot, and others.
这篇关于Web应用程序Nat遍历的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
