Method and device for passing through firewall by mobile IP

A mobile device and firewall technology, applied in the field of communication, can solve the problems of blocking mobile node communication, affecting the implementation and promotion of mobile IPv6, etc., and achieves the effect of good scalability and fast firewall traversal

Inactive Publication Date: 2009-04-01
HUAWEI TECH CO LTD
View PDF0 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Unless the firewall can identify mobile IPv6 packets, such a large number of security devices will affect the implementation and promotion of mobile IPv6
When a mobile node leaves its hometown to access a foreign network, it first needs to initiate a BU to its hometown. Both BU and BA packets are protected by IPSec. Usually, for stateful inspection firewalls, the firewall discards IPSec packets because it cannot extract state information, which prevents prevents the mobile node from registering with its home, and also prevents the mobile node from further communication

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for passing through firewall by mobile IP
  • Method and device for passing through firewall by mobile IP
  • Method and device for passing through firewall by mobile IP

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] The following describes in detail in combination with specific embodiments.

[0048] Embodiment 1 of the present invention is applied to the scene where the mobile device leaves the home link and enters the network protected by the firewall. The scene includes the MN, the firewall and the HA. After the MN moves to a foreign network, it communicates with the HA through the firewall. The specific communication process Such as image 3 shown, including the following steps:

[0049] Step s301, when the MN leaves the home network and enters the foreign access network, obtains a CoA (Care of Address, care of address), and sends a BU message to the HA. At the same time, the MN sends an IKE (Internet Key Exchange, Internet Key Exchange Protocol) encapsulation negotiation message to the HA for negotiating the destination port number used by the mobile node when encapsulating the message. When the IKE negotiation message passes through the firewall, the firewall performs ACL (A...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for mobile IP to traverse the firewall and the method comprises the following steps: a mobile node negotiates with the home agent to encapsulate the information; the sender (the mobile node or the home agent) utilizes the negotiated encapsulated information to implement UDP encapsulation on the information to be transmitted to transverse the firewall; the receiver (the home agent or the mobile node) carries out decapsulation on the received UDP encapsulation message. The invention also discloses mobile equipment and a home agent. In the embodiment of the invention, different traverse signaling does not need to be issued aiming at different flows and the present firewall function and security can not be affected; moreover, the present firewall does not need to be upgraded and the expansibility of the present firewall is excellent. Therefore, fast firewall traverse can be realized.

Description

technical field [0001] The invention relates to the technical field of communication, in particular to a method and equipment for mobile IP traversal of firewalls. Background technique [0002] In the computer field, a firewall is a defense system installed between the internal network and the external network in order to ensure the security of the local computer network system. It controls, monitors, allows, and rejects the information flow entering and leaving the network according to the corresponding security policy. Strong anti-attack ability. A firewall is an infrastructure that provides information security services and realizes network and information security, isolates the internal network from the external network, and protects the internal network by restricting network mutual access. The firewall can protect the security of the internal network by monitoring, restricting, and changing the data flow across the firewall, and shielding the information, structure, a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/56H04L29/06H04W28/08
Inventor 李春强
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap