Supercharge Your Innovation With Domain-Expert AI Agents!

IPSec tunnel establishing method and device, branch equipment and central end equipment

A technology for establishing tunnels and end devices, which is applied in the field of computer networks and can solve problems such as conflicts in the process of establishing IPSec tunnels

Active Publication Date: 2021-01-19
MAIPU COMM TECH CO LTD
View PDF7 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In DVPN over IPSec, since the 5-tuple used by IPSec data flow includes source IP address, destination IP address, protocol value, source port, and destination port, in the transmission mode, the source IP seen by the DVPN center device Hub The address is the address converted by the Network Address Translation (Network Address Translation, NAT) device port address translation (Port Address Translation, PAT). Therefore, it may occur that the quintuples provided by different branch devices Spoke are exactly the same. At this time, Will cause conflicts during the establishment of IPSec tunnels

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IPSec tunnel establishing method and device, branch equipment and central end equipment
  • IPSec tunnel establishing method and device, branch equipment and central end equipment
  • IPSec tunnel establishing method and device, branch equipment and central end equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] Before introducing the network communication method provided by the embodiment of the present application, some concepts involved in the embodiment of the present application will be introduced first. Some concepts involved in the embodiment of the present application are as follows:

[0032] Network Address Translation (NAT) refers to the technology of mutual conversion between intranet IP addresses and public network addresses. This technology converts a large number of intranet IP addresses into one or a small number of public network IP addresses. , to reduce the occupation of public IP addresses.

[0033] Port Address Translation (PAT), a dynamic NAT translation rule. In PAT mode, one public network address can be used for multiple internal network addresses, and different internal network addresses are distinguished by converting different port information.

[0034] A dynamic virtual private network (Dynamic Virtual Private Network, DVPN) establishes a virtual pr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an IPSec tunnel establishment method and device, branch equipment and central end equipment, and is applied to the field of computer networks, and the method applied to Spoke comprises the steps: obtaining a DVPN tunnel interface address corresponding to Spoke, and generating a source port corresponding to Spoke; sending an IPSec negotiation message to Hub; receiving a firstresponse message returned by the Hub, and establishing an IPSec tunnel with the Hub. According to the scheme, before the Spoke triggers the establishment of the IPSec tunnel between the Spoke and theHub, the source port in the quintuple can be modified according to the DVPN tunnel interface address corresponding to the Spoke to enable the quintuple to be different, so that the IPSec tunnel between the Spoke and the Hub can be successfully established by utilizing the modified quintuple, and conflicts in the IPSec tunnel establishment process are avoided.

Description

technical field [0001] The present application relates to the field of computer networks, in particular, to a method and device for establishing an IPSec tunnel, a branch device, and a central end device. Background technique [0002] Dynamic Virtual Private Network (Dynamic Virtual Private Network, DVPN) is a technology proposed to solve the traditional Internet Security Protocol (Internet Protocol Security, IPSec) tunnel technology's complex configuration and inconvenient response to network topology changes and branch office address changes. [0003] Among them, DVPN does not support encryption, but only encapsulates a new Internet Protocol (Internet Protocol, IP) header, and can use intranet packets to reach the peer end through the public network after encapsulation; while IPSec supports encryption, but for the situation that the tunnel address changes frequently and Multiple end-to-end scenarios are too complicated to maintain. In addition, IPSec has strong security, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/46
CPCH04L12/4633H04L12/4641
Inventor 郭斌杰杨超徐耀
Owner MAIPU COMM TECH CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com