本文参考自下面文档:

有时候我们需要远程访问自家家里的局域网设备,比如设备上的NAS服务、Web服务等,这种情况下,如果家里路由器的WAN口被直接分配了公网IP,那么在不考虑安全性的情况下,只要通过端口映射即可轻松达成目的,但一般家用路由器不太可能拿到公网IP,这种方法基本用不起来,这时便可采用另一种方法,称为内网穿透。

内网穿透需要一台具有公网IP的服务器作为中转,一种方法是直接使用成熟的第三方平台,例如花生壳,但免费用户每月只有一个G的流量,如果要付费的话,那倒不如去租一台服务器自己搭,因此我选择了后者。以下假设家里的内网设备为A,公网服务器为B,其IP为1.2.3.4,另一台未接入内网,但需要访问A的设备为C。以下假设需要通过访问1.2.3.4的8080端口来间接访问A设备上的Web服务(80端口)

使用软件为V2ray,需要在A和B上运行V2ray,但C上无需安装,以下给出A与B的配置。

A(内网设备)的配置:

{  
  "reverse":{
    "bridges":[  
      {  
        "tag":"bridge",
        "domain":"private.cloud.com"
      }
    ]
  },
  "outbounds": [
    {
      "tag":"tunnel",
      "protocol":"vmess",
      "settings":{  
        "vnext":[  
          {  
            "address":"1.2.3.4",
            "port":16384,
            "users":[  
              {  
                "id":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
                "alterId":64
              }
            ]
          }
        ]
      }
    },   
    {  
      "protocol":"freedom",
      "settings":{  
      },
      "tag":"httpout"
    }    
  ],
  "routing":{   
    "rules":[  
      {
        "type":"field",
        "inboundTag":[  
          "bridge"
        ],
        "domain":[  
          "full:private.cloud.com"
        ],
        "outboundTag":"tunnel"
      },
      {
        "type":"field",
        "inboundTag":[  
          "bridge"
        ],
        "outboundTag":"httpout"
      }
    ]
  }
}

B(公网设备)的配置:

{
  "log":{
    "access": "/var/log/v2ray/access.log",
    "error": "/var/log/v2ray/error.log",
    "loglevel": "warning"
  },
  "reverse": {
    "portals": [
      {
        "tag": "portal",
        "domain": "private.cloud.com"
      }
    ]
  },
  "inbounds": [
    {
      "tag": "http",
      "port": 8080,
      "protocol": "dokodemo-door",
      "settings": {
        "address": "127.0.0.1",
        "port": 80,
        "network": "tcp"
      }
    },
    {
      "tag": "tunnel",
      "port": 16384,
      "protocol": "vmess",
      "settings": {
        "clients": [
          {
            "id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
            "alterID": 64
          }
        ]
      }
    }
  ],
  "routing": {
    "rules": [
      {
        "type": "field",
        "inboundTag": [
          "http"
        ],
        "outboundTag": "portal"
      },
      {
        "type": "field",
        "inboundTag": [
          "tunnel"
        ],
        "domain": [
          "full:private.cloud.com"
        ],
        "outboundTag": "portal"
      }
    ]
  }
}

其中,”private.cloud.com”可以任选,无需是你注册的域名,公网服务器的对应端口(8080、16384)必须打开。通过这些配置,即可远程访问到内网设备,非常ez!。不过本文仅仅给了个配置,具体的细节还是前往开头的参考网址查看。