Method for crossing NAT-PT by IPSec

A technology of NAT-PT and both parties, applied in the direction of data exchange through path configuration, digital transmission system, electrical components, etc., can solve the problem of not being able to detect the existence of NAT-PT

Inactive Publication Date: 2007-09-05
SUN YAT SEN UNIV
View PDF0 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0020] HASH=HASH(CKY-I|CKY-R|IP|Port), but because NAT-PT performs protocol conversion in addition to IP addre

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for crossing NAT-PT by IPSec
  • Method for crossing NAT-PT by IPSec
  • Method for crossing NAT-PT by IPSec

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] An example of the present invention is given below.

[0047] 1. IKE negotiation phase

[0048] In order to solve the compatibility problem of above-mentioned IPSec and NAT-PT, the present invention has made some improvements to the IKE negotiation process at first, and concrete process is as follows:

[0049] In step 1, add a vendor ID payload (Vendor id payload, VID), which contains a constant value defined by the vendor, and this constant value is used to identify the protocol implementation of the communication peer.

[0050] Step 2, add a NATPT-D payload, as shown in Figure 2, to determine whether there is a NAT-PT gateway between the communication parties. That is, a NAT-PT discovery mechanism is added in the main mode phase of IKE negotiation.

[0051] The specific process is shown in Figure 3, where the VID payload is used to identify the support for the improved IKE protocol. The NATPT-D payload includes the remote host address, the remote host port, the loca...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The method comprises: in main mode stage of IKE negotiation, newly adding the NATPT-D load used to realize the mechanism of finding 'NAT-PT'; in the communication stage under IPSec protection, after detecting the NAT-PT gateway, when calculating the Authentication Data of AH, using a 'pseudo IP header' to replace the original IP header to solve the incompatibility problem between AH and NAT-PT. By the invention, IPSec can cross over the NAT-PT gateway under the AH transmission mode, AH tunnel mode, ESP transmission mode and ESP tunnel mode.

Description

technical field [0001] The invention relates to a specific method for IPSec traversing a NAT-PT gateway, in particular to a specific method for traversing a NAT-PT gateway in an AH transmission mode, an AH tunnel mode, an ESP transmission mode, and an ESP tunnel mode. Background technique [0002] With the development of network technology and the expansion of network scale, IPv4 (Internet Protocol version 4) can no longer meet the requirements of network development. As an alternative version of IPv4, IPv6 (Internet Protocol version 6) can provide a huge address space and has many new features that IPv4 does not have, and has received more and more attention. Due to the small number of IPv4 addresses in our country, the problem of address exhaustion is particularly prominent, and our country is vigorously promoting the research and development of IPv6. However, due to the fact that the IPv4 protocol has been successfully used for nearly 20 years, the application programs a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/56H04L29/06H04L12/46H04L12/66H04L45/741
Inventor 马争鸣陈力超何尚桥冼广兴刘伟军
Owner SUN YAT SEN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap