Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for establishing ipsec tunnel, branch equipment, central equipment

A technology of tunnel establishment and end device, applied in the field of computer network, can solve problems such as conflicts in IPSec tunnel establishment process

Active Publication Date: 2021-12-17
MAIPU COMM TECH CO LTD
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In this way, when establishing DVPN over IPsec, the 5-tuples of the multiple Spokes corresponding to the Hub may be the same, resulting in conflicts during the establishment of the IPSec tunnel

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for establishing ipsec tunnel, branch equipment, central equipment
  • Method and device for establishing ipsec tunnel, branch equipment, central equipment
  • Method and device for establishing ipsec tunnel, branch equipment, central equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] Prior to the introduction of the network communication method provided by the present application, some of the concepts involved in the present application will be described, and some of the concepts involved in the present application are as follows:

[0034] Network Address Translation (NAT) refers to the technology of mutual conversion between the IP address of the inner network and the address of the public network. This technology converts a large number of intranet IP addresses to one or a small amount of public IP address. Reduce the occupation of the public IP address.

[0035] Dynamic Virtual Private Network (DVPN) creates a virtual private network (VPN) connection by dynamically obtaining the peer information.

[0036] Internet Security Agreement (IPSec), is a protocol package that protects the network transport protocol of IP protocols (a collection of some interrelated protocols) by encrypting and certifying grouping and authentication of Internet ProtoCol, IP)....

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

This application provides a method and device for establishing an IPSec tunnel, a branch device, and a central end device, which are applied in the field of computer networks. If there is a conflict between the five-tuple corresponding to the text and the five-tuple corresponding to the established IPSec tunnel, the Hub can inform the Spoke to modify the initial protocol value to a modified protocol value, so as to use the second IPSec negotiation message to establish an IPSec tunnel with the Hub again. Therefore, when a conflict occurs during the establishment of an IPSec tunnel, by modifying the protocol value in the 5-tuple, a 5-tuple that does not conflict with the 5-tuple corresponding to the established IPSec tunnel is obtained, thereby successfully establishing a 5-tuple between the Spoke and the Hub. IPSec tunnel.

Description

Technical field [0001] The present application relates to computer networks, and in particular, to a method and apparatus for establishing the IPSec tunnel, branching device, the center side apparatus. Background technique [0002] In general, network address translation (Network Address Translation, NAT), in the process of establishing a dynamic virtual private network technology (Dynamic Virtual Private Network, DVPN), the branch network equipment Spoke DVPN general access to the Internet link on the Internet line Internet protocol address of the interface (Internet ProtocolAddress, IP address) of a private network address, the network center DVPN client device to access the Internet typically connected hub link interface IP address is a public network address. [0003] On the basis of the established DVPN can use Internet Protocol Security (Internet Protocol Security, IPSec) to ensure the security of data transmission, that is, all packets routed to the DVPN tunnel interface c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/46H04L29/12
CPCH04L12/4633H04L12/4641H04L61/2592
Inventor 林小洁刘浩圻卢祖友
Owner MAIPU COMM TECH CO LTD