Skip to content

Instantly share code, notes, and snippets.

@Hansimov
Last active July 8, 2026 15:05
Show Gist options
  • Select an option

  • Save Hansimov/2c7f5b161c5d00ecdd29597dd17333f2 to your computer and use it in GitHub Desktop.

Select an option

Save Hansimov/2c7f5b161c5d00ecdd29597dd17333f2 to your computer and use it in GitHub Desktop.
Use FRP proxy to forward network traffic

Background

  • Machine PRIVATE has limited access to public network.
  • Machine PUBLIC has full access to publick network.

Target

  • Enable PRIVATE to visit public network with same access with PUBLIC.

Solution

Download related version of FRP, both in PRIVATE and PUBLIC:

For Linux, use:

wget https://github.com/fatedier/frp/releases/download/v0.48.0/frp_0.48.0_linux_amd64.tar.gz
tar xvf frp_0.48.0_linux_amd64.tar.gz

For Windows, download:

Use PUBLIC as Client and PRIVATE as Server.

  • Note: Do not confuse the meanings of 'server' and 'client' here with conventions.

Use ifconfig to get IP.

Set frpc.ini in PUBLIC (Client):

[common]
server_addr = 10.*.*.215  ; IP of PRIVATE (Server)
server_port = 9999        ; Port of FRP connection

[http_proxy]
type = tcp
remote_port = 11111            ; Port of localhost in PRIVATE (Server)
local_ip = proxy-*.<corp>.com  ; [Optional] IP which has full access to public network
local_port = 912               ; [Optional] Port related to above IP
; plugin = http_proxy          ; If no above local settings, this line should be added to make it work

Run in PUBLIC:

# Windows
.\frpc.exe -c frpc.ini

# Linux
./frpc -c frpc.ini

Set frps.ini in PRIVATE (Server):

[common]
bind_port = 9999 ; Port of FRP connection, same to PUBLIC

Run in PRIVATE:

# Windows
.\frps.exe -c frps.ini

# Linux
./frps -c frps.ini

Now PRIVATE has same access to network of PUBLIC.

You can use localhost:11111 (or http://localhost:11111 in some case) as proxy in PRIVATE to visit network.

curl --proxy "127.0.0.1:11111" http://ifconfig.me
# Should output the Public IP of PUBLIC

Possible issues

You may encounter some issues with frpc in PUBLIC like:

DialTcpByHttpProxy error, StatusCode [503]

Just check your proxy in env:

env | grep proxy

And unset them (unset in bash and unsetenv in csh):

# tsh:
unsetenv http_proxy
unsetenv https_proxy
unsetenv no_proxy


# bash:
unset http_proxy
unset https_proxy
unset no_proxy

And rerun ./frpc -c frpc.ini will work.

References

@benstokespk8

benstokespk8 commented Jun 30, 2026

Copy link
Copy Markdown

I also have the same question. I'm trying to achieve a similar setup where one machine has restricted network access and another has full internet connectivity, but I'm still a bit confused about the best way to configure FRP so that the restricted machine can reliably use the other system as a proxy. Your explanation is helpful, but I'd like to better understand which configuration works best across different environments. One point that initially caused me some confusion is that GSMNEO FRP bypass discussions use the same "FRP" acronym, but in that context it refers to Android Factory Reset Protection rather than the Fast Reverse Proxy software. To find more about it, visit gsmneofrpp.com.mx. I'm also curious whether anyone has tested this with newer versions of FRP, since I've seen mixed reports about compatibility between releases. It would be great to hear if there are any recommended settings or common issues to watch out for, especially when deploying this on both Windows and Linux systems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment