VPN management platform, and implementation method and system for VPN service

Abstract

The invention discloses an implementation method and a system for a virtual private network (VPN) service. The method comprises the following steps that: a VPN management platform receives VPN account number information from a VPN user and acquires corresponding gateway information according to the information on correspondence between the VPN account number and the gateway; the VPN management platform generates VPN parameter configuration information corresponding to the gateway and sends the VPN parameter configuration information to an auto-configuration server (ACS) management platform; the ACS management platform forwards the VPN parameter configuration information to the corresponding gateway; and the corresponding gateway receives and loads the VPN parameter configuration information. In the invention, the VPN management platform and the ACS management platform are used for collaborative operation, so that the unified management of VPN service for the enterprise gateway is realized, VPN configuration discrepancy between an end-to-end mode and a remote access mode of the enterprise gateway is eliminated, and the problems of complicated management and difficult maintenance of gateway VPN configuration are solved.

Description

technical field [0001] The invention relates to the technical field of virtual private network (VPN, Virtual Private Network), in particular to a method and a system for realizing unified management of a VPN management platform and VPN services. Background technique [0002] With the rapid development of enterprise informatization and e-commerce, the scale of enterprises is getting larger and wider, and more and more branches and mobile office workers make enterprises have higher and higher demands on the network. And rethink its WAN strategy. Due to its advantages such as security, low cost, and scalability, IP VPN has won the favor of more and more enterprises / operators. At present, operators are deploying enterprise gateway devices on a large scale within enterprises to provide enterprises with access networking and VPN services. The enterprise gateway establishes the VPN connection between the mobile VPN client and the enterprise gateway through the remote access mode ...

AI Technical Summary

Problems solved by technology

[0006] 1. In the prior art, the ACS management platform generates and automatically issues security policies, and the ACS is responsible for the management of VPN services, which increases the complexity of the ACS management platform and is not conducive to the simple realization of system functions;

[0007] 2. In the prior art, every time a user adds an end-to-end VPN node, the user needs to provide the device ID to the operator, so that the ACS management platform can send VPN configuration parameters to the corresponding gateway, which increases the difficulty and difficulty for the user to activate the VPN service. Complexity;

[0008] 3. In the existing technology, once the device identification provided by the user is wrong or the operation and maintenance personnel of the operator misuse it, it will lead to the establishment of a wrong VPN connection, causing security problems;

[0009] 4. The existing technology does not support automatic parameter configuration of client remote access mode VPN

Since the IP address of the client is not fixed and does not accept the unified management of the ACS management platform, the user needs to manually configure the VPN parameters of the VPN client, and it is also necessary to ensure the connection between the remote access client and the gateway to be accessed. The configuration of the VPN parameters is consistent, which increases the difficulty of configuring the remote access client

At the same time, if the gateway does not have a fixed IP address and is not bound to a domain name, the client cannot establish a VPN connection with the gateway

Images