How to Expose Local Services to the Internet with Lanproxy – A Secure TCP Tunnel Guide

Lanproxy is a tool that proxies a LAN personal computer or server to the public internet, currently supporting only TCP traffic forwarding and any TCP‑based protocol (websites, local payment interfaces, SSH, remote desktop, etc.). Existing services like NatHole, TeamViewer, GoToMyCloud require third‑party servers and fees, impose restrictions, and pose data‑security risks because traffic passes through third parties.

Related Links

Home: https://lanproxy.thingsglobal.org

Release package: https://github.com/ffay/lanproxy/releases

Implementation Overview

Usage

Compile and Package

Clone the source code and run mvn package. The packaged resources are placed in the distribution directory, including the client and server binaries.

Server Configuration

The server configuration file resides in the conf directory as config.properties.

Access the proxy configuration UI at http://<em>ip</em>:8090 and log in with the username and password defined in the configuration file.

A single server can support multiple client connections; configuration data is stored in ~/.lanproxy/config.json .

Client Configuration

The client configuration file is also placed in the conf directory as config.properties.

Running the Proxy

One internal PC or server (runs proxy-client) and one public server (runs proxy-server).

Install Java 1.8 runtime environment.

On Linux/macOS, execute startup.sh in the bin directory.

On Windows, execute startup.bat in the bin directory.

Other Notes

You can test the setup by accessing http://devbook.thingsglobal.org/, which proxies the local machine via a VPS.

For normal websites, ports 80 and 443 can be used together; you can combine Lanproxy with proxygateway or Nginx to reverse‑proxy different domains to internal ports, then map those ports to the LAN. SSH, remote desktop, and other services can use any unused port.