A method of external network mapping ipsec message to realize nat traversal

A technology of message and IP address, applied in the Internet field, can solve the problem that the message cannot realize NAT traversal, etc.

Inactive Publication Date: 2016-07-13
OPZOON TECH
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] The present invention provides a method for implementing NAT traversal by mapping IPsec messages on the external network, and solves the problem that NAT traversal cannot be realized for messages after IPsec tunnel full authentication

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method of external network mapping ipsec message to realize nat traversal
  • A method of external network mapping ipsec message to realize nat traversal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] The present invention will be described in further detail below in conjunction with the accompanying drawings and specific embodiments.

[0021] The present invention provides a method for implementing NAT traversal of IPsec messages mapped on an external network. The method is as follows: figure 1 shown, including:

[0022] S1. The NAT device receives the encapsulated message that has been fully authenticated by IPsec, and performs network address translation on the encapsulated message to obtain a converted message;

[0023] The intranet client sends a message to the external network terminal, and the IPsec tunnel is used between the internal and external security gateways for transmission. At this time, an IPsec tunnel needs to be negotiated. The NAT device receives the encapsulated message sent through full authentication, performs NAT address translation on it to obtain the converted message, and sends it to the external network.

[0024] S2. The external network...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method for realizing NAT (network address translation) traversal through extranet mapping IPsec (internet protocol security) massage. The method is characterized by the steps that NAT equipment receives a packaged massage fully certified by the IPsec and conducts network address conversion on the packaged massage so as to obtain a converted massage; and the extranet receives the converted massage and restores the IP address in the converted massage according to an address mapping table established by the extranet equipment in an IPsec tunnel consultation, and certifies the restored massage. According to the method, NAT traversal of the massage fully certified by the IPsec tunnel is realized.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to a method for realizing NAT traversal by mapping an IPsec message on an external network. Background technique [0002] The NAT (Network Address Translation) function is mainly to convert the original IP address of the internal network IP address into the public network IP address, so that the message can be forwarded on the public network. There are three methods for IPsec tunnels to process data packets: encrypt data packets, authenticate data packets, and authenticate data packets after adding a new IP header, as follows: [0003] |mac header|new IP header|IPsec encrypted authentication header|IP header|data| [0004] In the above message, the "|IP header|data|" part can be encrypted or authenticated. [0005] |mac header|new IP header|IPsec full authentication header|IP header|data| [0006] In the above message, the data in the "|new IP header|IPsec full authenticatio...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/12
Inventor 陈海滨
Owner OPZOON TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap