Method, system and device for realizing mobility in layer 2 tunnel protocol virtual private network

Abstract

The invention provides a method, a system and a device for realizing mobility in a layer 2 tunnel protocol virtual private network (L2TP VPN). The method comprises that: after detecting an L2TP access concentrator (LAC) address of remote equipment is changed, an LAC transmits a tunnel re-association request carrying changed LAC address information and an L2TP tunnel identifier to an L2TP network server (LNS), and updates L2TP tunnel information comprising the L2TP tunnel identifier in the remote equipment by utilizing the changed LAC address; after receiving the tunnel re-association request, the LNS locally updates the L2TP tunnel information comprising the L2TP tunnel identifier by utilizing the changed LAC address information, and returns a tunnel re-association response to an LAC client; and the remote equipment and the LNS transmit data by utilizing the locally updated L2TP tunnel information. By the method, the system and the device, the security and convenience of the remote equipment in a mobile process are improved.

Description

technical field [0001] The invention relates to the technical field of network communication, in particular to a method and a system for realizing movement of a two-layer tunnel protocol virtual private network. Background technique [0002] The remote access virtual private network (Access VPN) provides a private network connection between the public network and the enterprise internal network (Intranet) for mobile employees on business trips, telecommuters and remote small offices. [0003] Layer 2 Tunneling Protocol Virtual Private Network (L2TP VPN) is a type of Access VPN. L2TP is used to build a virtual private network. Its typical networking is as follows: figure 1 As shown, it mainly includes: a remote device, an L2TP access concentrator (LAC) and a network server (LNS). Wherein, the remote device is a remote user device or a branch structure to be connected to the intranet network, and is usually a user host or a routing device of a private branch network. LAC is ...

AI Technical Summary

Problems solved by technology

This requires the remote device to remember the PPP authentication information entered by the user, which has certain security risks, or requires the user to re-enter the PPP authentication information to cause inconvenience to the user.

In addition, the re-negotiation of the PPP session will re-allocate the PPP address for the remote device, and the change of the PPP address often brings inconvenience to the business application

For example, if a remote user uses FTP to download data from the intranet, if the movement of the remote device causes the LAC address to change, the PPP session negotiation will re-allocate the PPP address for the remote device, which will cause the interruption of the FTP download, and the new PPP address needs to be used. Restart the FTP download task

Images