The invention discloses a method for realizing intranet penetration by using an Internet group management protocol (IGMP), and aims to overcome the shortcoming that a system using a Symmetric network address translator (NAT) cannot actively access another terminal by using one terminal. The method mainly comprises the following steps that: a first terminal transmits a request to a server, and is kept to be connected with the server; a second terminal transmits an IGMP message, establishes a multicast domain, is classified into a group, locally establishes a user datagram protocol (UDP) socket and performs snooping on a port; the second terminal transmits a multicast domain value and a port value to the server, and initiates an access request; the server forwards the access request to the first terminal; and the first terminal transmits data to a second router, and the second router forwards the data to the second terminal. The invention also discloses an intranet penetration system, which comprises at least two terminals, a router and the server. The method is applied to various systems of which each accesses another terminal by using one terminal, particularly to the system using the Symmetric NAT.