System and method for traversing firewalls, NATs, and proxies with rich media communications and other application protocols

Abstract

A tunneling system and method is described for traversing firewalls, NATs, and proxies. Upon a request from a device on the secure private network or on a public network such as the Internet, a connection to a designated or permitted device of the secure private network by way of the public network can be established, allowing selected devices of the private network to access devices on the public network. A bi-directional channel can be established where information such as rich multimedia and real-time voice and video can be accessed or communicated.

Description

CROSS REFERENCE TO RELATED APPLICATIONS [0001] This application is a non-provisional application claiming the benefits of provisional application No. 60 / 367,826, filed Mar. 27, 2002, titled “System and Method for Traversing Firewalls, NATs, and Proxies with Rich Media Communications and Other Application Protocols”.FIELD OF THE INVENTION [0002] This invention relates generally to traversing communication network firewalls, NATs and proxies, and more particularly, relates to a novel tunneling approach using endpoint plug-ins that permit UDP-based or other connectionless-based protocol information from a public or private network to traverse firewalls, proxies and NATs emulated in real-time by encapsulating UDP-based information on a connection layer to appear as TCP-based or full duplex connection-based communication. BACKGROUND OF THE INVENTION [0003] The Internet allows geographically and logically dispersed applications and nodes to easily communicate and exchange data. These data...

AI Technical Summary

Benefits of technology

[0017] A method and computerized system are provided for transmitting and receiving voice, video, and other data over the Internet and allowing the exchange of TCP / IP and / or UDP type data packets through tunnel connections created between devices on opposite sides of a firewall. The tunnels are created using TCP / IP to a single destination port to encapsulate multiple channels of TCP and UDP data destined to various other ports, across a firewall, NAT or HTTP Proxy, as well as emulate real-time performance for UDP data channels.

Problems solved by technology

But with the ease of networking, also introduced are potential security threats to any computer publicly accessible on the Internet.

These approaches block or restrict unauthorized incoming data and unauthorized incoming requests from devices on a private network.

Thus, external devices may not be able to identify or communicate with a specific local device because private addresses behind NATs are not directly accessible by entities on a public network.

However, for end-to-end rich media applications, such as videoconferencing, methods for initiating and maintaining a session through a gateway or firewall can be complex, requiring several channels to the same or different destinations just to establish a two-way or multi-way real-time conference.

In contrast, TCP is used for reliable transfer of data and has built in packet loss detection and retransmission and thus is not appropriate for real-time audio and video data.

When a public network transmission utilizes a connectionless type of protocol, like UDP as a transport for the voice and video data packets, the incoming and outgoing packets are often blocked by the firewall security.

As a result, connectionless type communications with third parties outside a private network are commonly disabled or blocked.

Images