Dynamic connection method for virtual private network

A virtual private network and dynamic connection technology, applied in the network field, can solve problems such as inability to support NAT, lower security, and inability to accurately control network resources, and achieve the effects of occupying less network resources, convenient management, and low cost

Active Publication Date: 2007-08-01
MAIPU COMM TECH CO LTD
View PDF0 Cites 45 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this solution requires that all IPSes device access must use public network addresses, and cannot support NAT (Network Address Translation) access
At the same time, it cannot accurately control the network resources protected by users based on information such as high-level protocols and port numbers like a static IPSec VPN network, and the security is reduced

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic connection method for virtual private network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0055] Referring to Figure 1, there are three branch offices and one central node, and a dynamic IPSec VPN needs to be established. Branches need to visit each other, and the access IP address provided by the network service provider of branch C is the network service provider's own intranet address, which is a private IP address. Access to the Internet (that is, the public network) needs to pass through NAT. The access methods of the other two branches A and B both obtain dynamic public IP addresses.

[0056] To establish an IPSec tunnel between two points, in addition to negotiation parameters and authentication materials (pre-shared key / certificate), the most important thing is to learn the public network address of the peer IPSec device and the protected data flow. The present invention mainly uses the BGP routing protocol, uses unicast, and does not need to be directly connected between neighbors, and does not need to support IP addresses: the characteristics of the exten...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The disclosed dynamic IPSec VPN connection method related the implementation of dynamic VPN comprises: with BGP dynamic route protocol, sends local resource information to the remote VPN device by updating BGP route; the remote VPN device updates the next hop address according to the received route, and obtains the legal address of local VPN device according to expanded group attribution of BGP route. This invention needs less network resource and low cost, flexible to configure and manage, and has well security.

Description

technical field [0001] The present invention relates to network technology, in particular to the realization method of dynamic VPN (virtual private network). Background technique [0002] IPSec (IP Security, IP layer protocol security structure) protocol is an end-to-end protocol. Traditional IPSec VPN generally uses static configuration to establish an encrypted tunnel by specifying the protected data flow and the address of the opposite VPN device, so as to realize access across the Internet between branches in different locations. [0003] According to application requirements, IPSec VPN network can be formed into a star or mesh network topology by using IPSec. Among them, the most commonly used IPSec VPN network topology is the star topology, which is closely related to the hierarchical management topology of early user enterprise organizations. The headquarters of the enterprise organization is the central node of the IPSec VPN star network, and each branch establishe...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/46H04L29/06H04L12/56
CPCH04L12/66
Inventor 邹林
Owner MAIPU COMM TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap