Processing system and method for internet key exchange (IKE) remote access

A remote access and processing system technology, applied in the field of IKE remote access processing system, can solve problems affecting server performance, limited number of firewall users, and other users cannot access the server, etc., to achieve the effect of improving performance

Inactive Publication Date: 2012-09-26
OPZOON TECH
View PDF7 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In the process of using the IKE remote access service, in the prior art, a maximum number of access users is usually limited according to the capabilities of the device. For example, when a user on the external network accesses a server on the internal network through a firewall, the The number of users that can be connected is limited. After the number of users connected to the firewall reaches the maximum value, other users may not be able to access the server, which seriously affects the performance of the server.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Processing system and method for internet key exchange (IKE) remote access
  • Processing system and method for internet key exchange (IKE) remote access
  • Processing system and method for internet key exchange (IKE) remote access

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0035] figure 1 It is a structural diagram of a processing system for IKE remote access according to an embodiment of the present invention. In this embodiment, a firewall is used as an example to illustrate the present invention, but it is not used to limit the protection scope of the present invention; refer to figure 1 , the system includes: a main firewall and a backup firewall, the server of the internal network and the user of the external network are connected through the main firewall, and when the main firewall receives the current IKE negotiation message, the total number of negotiations of the main firewall is judged Whether the maximum value has been reached, if so, then the current IKE negotiation message is sent to the standby firewall for negotiation, otherwise the main firewall negotiates the current negotiation message, preferably, the standby firewall and the standby firewall above the primary firewall connection.

[0036] In this embodiment, the four physic...

Embodiment 2

[0060] refer to figure 2 , the structure of the system of this embodiment is basically the same as that of the embodiment, the difference is that this embodiment is provided with two backup firewalls, the two backup firewalls are connected in a chain, and the backup firewall at the first end is connected to the above the primary firewall connection.

[0061] In this embodiment, the four physical interfaces on the main firewall are configured as transparent interfaces (that is, transparent interfaces "0 / 0", "0 / 1", "0 / 6" and "0" on the main firewall in the figure / 7"), and divide the transparent interfaces on the main firewall into two groups evenly (the transparent interfaces "0 / 0" and "0 / 1" on the main firewall in the figure are the first group, and "0 / 6" and "0 / 7" are the second group), and each group of transparent interfaces is configured with a virtual interface;

[0062] The four physical interfaces on the standby firewall at the first end are configured as transparent...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a processing system and a processing method for internet key exchange (IKE) remote access and relates to the technical field of network communication. The system comprises a main firewall and at least one standby firewall, wherein a server of an inner network is connected with users of an outer network through the main firewall; and when receiving a current IKE negotiation message, the main firewall judges whether the negotiation total amount of the main firewall reaches a maximum value, sends the current IKE negotiation message to at least one standby firewall for negotiation if the negotiation total amount of the main firewall reaches the maximum value, and negotiates for the current IKE negotiation message if the negotiation total amount of the main firewall does not reach the maximum value. The invention has the advantages that by sending the negotiation message which exceeds the maximum value of the negotiation total amount of the main firewall to the standby firewall for negotiation, the maximum value of the quantity of the users which can be connected with the server of the inner network is increased, and the performance of the server is improved.

Description

technical field [0001] The invention relates to the technical field of network communication, in particular to an IKE remote access processing system and method. Background technique [0002] Internet Key Exchange (IKE) solves the problem of securely establishing or updating a shared key in an insecure network environment such as the Internet. IKE is a very general protocol. It can not only negotiate security associations for Internet Protocol Security (IPSec), but also negotiate security parameters for any protocol that requires confidentiality, such as SNMPv3, RIPv2, and OSPFv2. [0003] In the process of using the IKE remote access service, in the prior art, a maximum number of access users is usually limited according to the capabilities of the device. For example, when a user on the external network accesses a server on the internal network through a firewall, the The number of users that can be connected is limited. After the number of users connected to the firewall ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 陈海滨
Owner OPZOON TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap