Search

CN-116614487-B - Remote equipment connection method, device, medium and system

CN116614487BCN 116614487 BCN116614487 BCN 116614487BCN-116614487-B

Abstract

The application relates to a device remote connection method, a device, a medium and equipment, which are applied to an operation and maintenance platform and comprise the steps of receiving a remote connection request of a client, wherein the remote connection request comprises target access end equipment, notifying the target access end equipment to send a request for establishing the WebSocket connection to the operation and maintenance platform in a message queue mode when the target access end equipment and the operation and maintenance platform are not connected, establishing the WebSocket connection, establishing a remote connection session from the client to the target access end equipment through the WebSocket connection, and bidirectionally transmitting operation data of the client and response data of the target access end so that operation and maintenance personnel can remotely operate the target access end through the client. No additional agent program is required to be deployed on the access terminal equipment, so that the workload of operation and maintenance and the complexity of the system are reduced, and the communication cost and the processing time are reduced.

Inventors

  • ZHANG XIAOCONG
  • TONG JIAN
  • YANG PENG

Assignees

  • 贵州白山云科技股份有限公司

Dates

Publication Date
20260508
Application Date
20230407

Claims (10)

  1. 1. The remote equipment connection method is applied to an operation and maintenance platform and is characterized by comprising the following steps of: receiving a remote connection request of a client, wherein the remote connection request comprises target access terminal equipment; When the target access terminal equipment and the operation and maintenance platform do not establish the WebSocket connection, informing the target access terminal equipment to send a request for establishing the WebSocket connection to the operation and maintenance platform in a message queue mode, and establishing the WebSocket connection; establishing a remote connection session from the client to the target access terminal equipment through the WebSocket connection, and bidirectionally transmitting operation data of the client and response data of the target access terminal so as to enable operation and maintenance personnel to remotely operate the target access terminal through the client; Recording data transmitted in two directions, generating an operation log, and storing the operation log based on the identification of the remote connection session; The establishing the remote connection session from the client to the target access terminal device includes: Creating a first temporary service port and a second temporary service port for a remote connection session, wherein the first temporary service port is used for communicating with an access terminal device, the second temporary service port is used for communicating with the client, the first temporary service port and the second temporary service port are respectively in one-to-one correspondence with a session ID, and the first temporary service port and the second temporary service port are internal ports; the bidirectional transmission of the operation data of the client and the response data of the target access terminal comprises: creating an external service port, receiving operation data of the client and response data of the access terminal equipment through the external service port, and forwarding the operation data and the response data to a corresponding temporary service port; The receiving, by the external service port, the operation data of the client and the response data of the access terminal device, and forwarding the operation data to the corresponding temporary service port includes: When the data received by the external service port is the operation data of the client, the operation data is sent to a second temporary service port, so that the second temporary service port forwards the operation data to a first temporary service port, and the first temporary service port forwards the operation data to the access terminal equipment; and when the data received by the external service port is the response data of the access terminal equipment, the response data is sent to a first temporary service port, so that the first temporary service port forwards the response data to a second temporary service port, and the second temporary service port forwards the response data to the client.
  2. 2. The device remote connection method of claim 1, further comprising, prior to receiving the remote connection request of the client; Receiving registration information of access terminal equipment, verifying the registration information, and storing information of the access terminal equipment which is successfully registered; and providing a remote connection operation interface to enable the client to log in the Web service, search the successfully registered access terminal equipment and select the target access terminal equipment.
  3. 3. The device remote connection method of claim 1, further comprising: And monitoring the idle time length of the remote connection session, and closing the remote connection session when the idle time length reaches a preset threshold value.
  4. 4. The device remote connection method of claim 1, further comprising: and receiving an acquisition request of the client for the operation log, and displaying the corresponding operation log on the remote connection operation interface according to the identification of the remote connection session in the acquisition request.
  5. 5. A device remote connection apparatus applied to an operation and maintenance platform, comprising: The remote connection request receiving module is used for receiving a remote connection request of the client, wherein the remote connection request comprises target access terminal equipment; The WebSocket connection management module is used for notifying the target access terminal equipment to send a request for establishing WebSocket connection to the operation and maintenance platform in a message queue mode when the WebSocket connection is not established between the target access terminal equipment and the operation and maintenance platform, and establishing WebSocket connection; The connection session establishment module is used for establishing a remote connection session from the client to the target access terminal equipment through the WebSocket connection, and bidirectionally transmitting operation data of the client and response data of the target access terminal so as to enable operation and maintenance personnel to remotely operate the target access terminal through the client; The establishing the remote connection session from the client to the target access terminal device includes: Creating a first temporary service port and a second temporary service port for a remote connection session, wherein the first temporary service port is used for communicating with an access terminal device, the second temporary service port is used for communicating with the client, the first temporary service port and the second temporary service port are respectively in one-to-one correspondence with a session ID, and the first temporary service port and the second temporary service port are internal ports; the bidirectional transmission of the operation data of the client and the response data of the target access terminal comprises: creating an external service port, receiving operation data of the client and response data of the access terminal equipment through the external service port, and forwarding the operation data and the response data to a corresponding temporary service port; The receiving, by the external service port, the operation data of the client and the response data of the access terminal device, and forwarding the operation data to the corresponding temporary service port includes: When the data received by the external service port is the operation data of the client, the operation data is sent to a second temporary service port, so that the second temporary service port forwards the operation data to a first temporary service port, and the first temporary service port forwards the operation data to the access terminal equipment; When the data received by the external service port is the response data of the access terminal equipment, the response data is sent to a first temporary service port, so that the first temporary service port forwards the response data to a second temporary service port, and the second temporary service port forwards the response data to the client; And the log management module is used for recording the data transmitted in two directions, generating an operation log and storing the operation log based on the identification of the remote connection session.
  6. 6. The device remote connection apparatus of claim 5, further comprising: The registration module is used for receiving registration information of the access terminal equipment, verifying the registration information and storing information of the access terminal equipment which is successfully registered; And the Web service module is used for providing a remote connection operation interface so as to enable the client to log in Web service, search successfully registered access terminal equipment and select target access terminal equipment.
  7. 7. The device remote connection apparatus of claim 5, further comprising: And the session monitoring module is used for monitoring the idle time length of the remote connection session, and closing the remote connection session when the idle time length reaches a preset threshold value.
  8. 8. The device remote connection apparatus of claim 5, wherein the log management module is further configured to receive an acquisition request of the client for an operation log, and display a corresponding operation log on the remote connection operation interface according to an identifier of a remote connection session in the acquisition request.
  9. 9. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when executed, implements the steps of the method according to any one of claims 1-4.
  10. 10. A computer device comprising a processor, a memory and a computer program stored on the memory, characterized in that the processor implements the steps of the method according to any of claims 1-4 when the computer program is executed.

Description

Remote equipment connection method, device, medium and system Technical Field The present application relates to the field of the internet, and in particular, to a method, an apparatus, a medium, and a system for remotely connecting devices. Background In the SD-WAN (software defined wide area network) application scenario, traffic is introduced into an access terminal device of the SD-WAN network, and is typically deployed in an intranet environment of a client. The access terminal device may be a physical machine (CPE), a virtual machine, or a container (vCPE). Because the operation and maintenance personnel cannot directly access the access terminal equipment deployed in the intranet environment at the control center, the fault investigation or the execution of the emergency system instruction cannot be timely implemented. In the related technology, a client is required to use a remote desktop to assist in processing, the communication cost is high, the processing efficiency is low, the execution process cannot be kept secret, and sensitive information is easy to leak. And the complete execution process is not recorded, so that the operation process cannot be traced back, and knowledge accumulation and operation process examination of the problem processing process are not facilitated. To solve these problems, some other technical means may be considered. For example, an agent may be deployed on the access terminal device, through which the internal network is exposed to the control center. Therefore, the operation and maintenance personnel can directly access the access terminal equipment to conduct fault detection and execution of system instructions. In addition, it is also contemplated that the internal network may be securely exposed to the control center using Virtual Private Network (VPN) or Secure Socket Layer (SSL) technology, or the like. In this way, the operator can directly access the internal network. However, these approaches require additional agents to be deployed on the access terminal device, increasing the workload of operation and maintenance and complexity of the system, and additional network devices and configurations also increase the complexity and maintenance costs of the system, and exposing the internal network to the control center may increase the attack surface and security risk of the network, making the internal network more vulnerable to hacking and malware infection, or causing leakage of sensitive information, making confidential data and user privacy more vulnerable to illegal acquisition and abuse. Disclosure of Invention In order to overcome the problems in the related art, the application provides a device remote connection method, a device, a medium and equipment. According to a first aspect of the present application, there is provided a device remote connection method, applied to an operation and maintenance platform, including: receiving a remote connection request of a client, wherein the remote connection request comprises target access terminal equipment; When the target access terminal equipment and the operation and maintenance platform do not establish the WebSocket connection, informing the target access terminal equipment to send a request for establishing the WebSocket connection to the operation and maintenance platform in a message queue mode, and establishing the WebSocket connection; And establishing a remote connection session from the client to the target access terminal equipment through the WebSocket connection, and bidirectionally transmitting operation data of the client and response data of the target access terminal so as to enable operation and maintenance personnel to remotely operate the target access terminal through the client. Based on the foregoing, in some embodiments of the present application, before receiving the remote connection request of the client, the method further includes; Receiving registration information of access terminal equipment, verifying the registration information, and storing information of the access terminal equipment which is successfully registered; and providing a remote connection operation interface to enable the client to log in the Web service, search the successfully registered access terminal equipment and select the target access terminal equipment. Based on the foregoing, in some embodiments of the present application, establishing a remote connection session of the client to the target access terminal device includes: a first temporary service port and a second temporary service port are created for the remote connection session, wherein the first temporary service port is used for communicating with the access terminal equipment, and the second temporary service port is used for communicating with the client. Based on the foregoing, in some embodiments of the present application, the bi-directionally transmitting the operation data of the client and the response data of the target access termi