Help Center > > FAQs> FAQs (Administrators)> How Do End Users Access the Internet?

How Do End Users Access the Internet?

Updated at: Mar 12, 2019 GMT+08:00
The administrator can enable user desktops to access the Internet as follows:
  • using NAT gateway
  • using a proxy server

Method 1: using NAT gateway

The NAT gateway provides the Network Address Translation (NAT) service for Workspace desktops in a VPC so that multiple Workspace desktops can share an EIP to access the Internet.

For detailed operations, see the NAT Gateway User Guide.

After configuring the NAT gateway, you need to set the number of interface metrics on the user desktop.

  1. Log in to the desktop.
  2. Go to Network and Sharing Center.
  3. In the View your active networks area, click Local Area Connection 2 or Ethernet 2.

    The Local Area Connection 2 Status dialog box or the Ethernet 2 Status dialog box is displayed.

  4. Click Properties.

    The Local Area Connection 2 Properties dialog box or the Ethernet 2 Properties dialog box is displayed.

  5. Click Advanced.

    The Advanced TCP/IP Settings dialog box is displayed.

  6. Deselect Automatic metric, and set Interface metric to 2.
  7. Click OK in sequence to save the settings and close the dialog boxes.
  8. Click Close to close the Local Area Connection 2 Status dialog box or the Ethernet 2 Status dialog box.

Method 2: using a proxy server

Creating a proxy server

  1. Ceate a proxy server that runs, for example, CentOS. The proxy server must reside on a subnet different from the one where Workspace resides in the same VPC.
    NOTE:

    For details about how to configure the ECS, see the Elastic Cloud Server User Guide.

  2. Configure an elastic IP address for the proxy server to access the Internet.

Installing squid

NOTE:

The following operations use Cent OS 6.6 as an example.

  1. Log in to the proxy server as user root.
  2. Run the following command to check whether squid is installed:

    rpm -qa|grep squid

    • If it is installed, go to 4.
    • If it is not installed, go to 3.
  3. Run the following command to install squid:

    yum -y install squid

  4. Run the following command to edit the squid.conf configuration file:

    vi /etc/squid/squid.conf

  5. Check whether SSH is used for connection.
    • If SSH is used, go to 6.
    • If SSH is not used, go to 7.
  6. Press I to enter the edit mode and add the following content in a blank row.

    aclSafe_ports port 22

  7. Use # to comment out http_access deny CONNECT !SSL_ports.
  8. Press Esc to exit the edit mode. Type :wq and press Enter.

    Save configurations and exit the vi editor.

  9. Run the following command to restart the squid service.

    service squid restart

Configuring security group rules

  1. Configure security group rules to ensure that the extranet cannot access any port of the proxy server and the user desktop can access only the proxy port of the proxy server.
    NOTE:

    For details about how to configure security group policies, see the Virtual Private Cloud User Guide.

Configuring the user's browser

  1. Open the proxy server setting page of the browser.
  2. Set the IP address and the port of the proxy server to the IP address and the monitoring port configured in 1, respectively.

Did you find this page helpful?

Submit successfully!

Thank you for your feedback. Your feedback helps make our documentation better.

Failed to submit the feedback. Please try again later.

Which of the following issues have you encountered?







Please complete at least one feedback item.

Content most length 200 character

Content is empty.

OK Cancel