CN113709741A - Authentication access system of local area network - Google Patents
Authentication access system of local area network Download PDFInfo
- Publication number
- CN113709741A CN113709741A CN202111117607.4A CN202111117607A CN113709741A CN 113709741 A CN113709741 A CN 113709741A CN 202111117607 A CN202111117607 A CN 202111117607A CN 113709741 A CN113709741 A CN 113709741A
- Authority
- CN
- China
- Prior art keywords
- access point
- identity
- wireless access
- server
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Abstract
The invention discloses an authentication access system of a local area network, which comprises: the wireless access point is connected with a plurality of terminal devices and receives an access request; the remote authorization platform is connected to the wireless access point, receives the access request, judges whether the terminal equipment is allowed to access or not, and returns a first authentication result; the remote authorization platform requests identity information from the terminal equipment and forwards the identity information to the identity authentication server through the wireless access point; and the identity authentication server judges whether the terminal equipment is allowed to access the first resource in the local area network or not according to the identity information and generates a second authentication result. The invention has the beneficial effects that: the wireless access point is used as a remote authorization platform and the bridge node of the identity authentication server in the local area network, so that the system design is simplified, the problem that an encryption channel server needs to be additionally arranged in the prior art is solved, the maintenance cost is reduced, and the integral use of the system is more convenient.
Description
Technical Field
The invention relates to the technical field of network security, in particular to an authentication access system of a local area network.
Background
LDAP is a Lightweight Directory Access Protocol, generally referred to as LDAP for short, and is known as Lightweight Directory Access Protocol. The objective of LDAP birth is to respond quickly and to query in large capacity and to provide the information replication function of a multi-directory server, which is specially optimized for read-intensive operations, LDAP is based on the Internet protocol and runs directly on a simple and general TCP/IP or other reliable transport protocol layer, so that the establishment of connections and the processing of packets are simple and quick, and it is very convenient for the application of the Internet and enterprise networks. The LDAP server may be any one of the open source code or commercially available LDAP directory servers (or possibly a relational database with LDAP interfaces) because the same protocol, client connection software packages and query commands may be used to interact with the LDAP server, the entries in LDAP are organized and stored in a tree structure, and the basic model of LDAP is based on "entries" (Entry). An entry is a collection of one or more attributes and has a globally unique "distinguishable name" (denoted by dn). According to different implementation systems, the LDAP protocol implementation mainly comprises openldap based on a linux system and Active Directory based on a windows system. Currently, many enterprises often use an AD or an LDAP server to manage their employee information, and their wireless network management/authentication systems are all deployed in the cloud, in many scenarios, wireless security authentication requires that the authentication system can be connected to an Active Directory or LDAP server already deployed by the enterprise, and these servers generally have a private IP, and the authentication system cannot be integrated with any Active Directory/LDAP server through a private IP address.
In the prior art, a common solution to this problem is to connect a public network and an enterprise On-premise AD/LDAP server inside a tunnel by encrypting the tunnel, which requires that the enterprise has a very strong network management capability and needs to adjust the existing network planning, and the tunnel brings some loss to the communication performance. The additional VPN server is required to be added as a springboard to complete the butt joint of the enterprise On-premise AD/LDAP server and the cloud server.
Disclosure of Invention
In view of the above problems in the prior art, an authenticated access system for a local area network is provided.
The specific technical scheme is as follows:
an authenticated access system for a local area network, comprising:
the wireless access point is connected with a plurality of terminal devices and receives access requests of the terminal devices;
the remote authorization platform is connected to the wireless access point and receives the access request, judges whether the terminal equipment is allowed to access or not, and returns a first authentication result to the wireless access point;
when the terminal equipment initiates an access request, the wireless access point forwards the access request to the remote authorization platform, and the remote authorization platform requests identity information from the terminal equipment and forwards the identity information to an identity authentication server through the wireless access point;
the identity authentication server judges whether the terminal equipment is allowed to access the first resource in the local area network or not according to the identity information and generates a second authentication result;
and the remote authorization platform enables the terminal equipment to access the first resource through the wireless access point according to the second authentication result.
Preferably, the remote authorization platform comprises:
the authorization server is connected with the wireless access point and is used for judging whether the terminal equipment is allowed to initiate the access request or access the first resource;
the page server is connected with the terminal equipment and the wireless access point and is used for generating an interactive page;
the interactive page is used for inputting the identity information and sending feedback information whether the first resource can be accessed to the terminal equipment.
Preferably, the authorization server includes an authentication judgment sub-module, and the authentication judgment sub-module judges whether to allow the terminal device to initiate the access request through the wireless access point according to whether the terminal device is authenticated by the identity authentication server.
Preferably, the wireless access point includes a remapping sub-module, and when the terminal device fails to perform identity authentication by the identity authentication server, the remapping sub-module remaps a destination address of the access request to a connection address of the wireless access point;
and then the wireless access point returns the connection address of the page server to the terminal equipment so that the terminal equipment accesses the interactive page.
Preferably, the wireless access point has a credential extraction submodule;
when the terminal equipment sends the identity information, the wireless access point redirects the identity information to the certificate extraction submodule;
the certificate extraction submodule extracts an identity certificate from the identity information and forwards the identity certificate to the identity authentication server;
and the identity authentication server judges whether the terminal equipment is allowed to access the first resource or not according to the identity certificate and generates a second authentication result.
Preferably, a plurality of preset identity authentication information is stored in the identity authentication server;
the identity authentication server comprises an information comparison submodule;
and the information comparison sub-module compares the identity authentication information with the identity certificate one by one, and allows the terminal equipment to access the first resource when the identity authentication information consistent with the identity certificate exists.
Preferably, the wireless access point comprises a forwarding sub-module, when the identity authentication server determines to allow the terminal device to access the first resource,
the forwarding sub-module receives the second authentication result sent by the identity authentication server and forwards the second authentication result to the page server through the interactive page;
the page server comprises a communication submodule;
the communication sub-module forwards the second authentication result to the authorization server, so that the authorization server controls the wireless access point to allow the terminal device to access the first resource.
Preferably, when the wireless access point allows the terminal device to access the first resource, the wireless access point sends an authorization result to the identity authentication server, and the identity authentication server forwards the authorization result to the page server for generating feedback information through the interaction page, where the feedback information is used to indicate that the terminal device allows the terminal device to access the first resource.
Preferably, the wireless access point and the identity authentication server are arranged in the same local area network.
The technical scheme has the following advantages or beneficial effects: the wireless access point is used as a remote authorization platform and the bridge node of the identity authentication server in the local area network, so that the system design is simplified, the problem that an encryption channel server needs to be additionally arranged in the prior art is solved, the maintenance cost is reduced, and the integral use of the system is more convenient.
Drawings
Embodiments of the present invention will now be described more fully hereinafter with reference to the accompanying drawings. The drawings are, however, to be regarded as illustrative and explanatory only and are not restrictive of the scope of the invention.
FIG. 1 is an overall schematic diagram of an embodiment of the present invention;
FIG. 2 is a schematic diagram of a sub-module of a remote authorization platform according to an embodiment of the present invention;
FIG. 3 is a diagram of an authorization server sub-module according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of a wireless access point sub-module according to an embodiment of the invention;
FIG. 5 is a schematic diagram of an identity authentication server sub-module according to an embodiment of the present invention;
fig. 6 is a schematic access flow diagram according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict.
The invention is further described with reference to the following drawings and specific examples, which are not intended to be limiting.
The invention comprises the following steps:
an authentication access system of a local area network, as shown in fig. 1, includes:
the wireless access point 2 is connected with a plurality of terminal devices 1, and receives access requests of the terminal devices 1;
the remote authorization platform 4 is connected to the wireless access point 2 and receives the access request, and the remote authorization platform 4 judges whether the terminal device 1 is allowed to access or not and returns a first authentication result to the wireless access point 2;
when the terminal equipment 1 initiates an access request, the wireless access point 2 forwards the access request to the remote authorization platform 4, and the remote authorization platform 4 requests identity information from the terminal equipment 1 and forwards the identity information to the identity authentication server 3 through the wireless access point 2;
the identity authentication server 3 judges whether the terminal equipment 1 is allowed to access the first resource in the local area network or not according to the identity information and generates a second authentication result;
the remote authorization platform 4 enables the terminal device 1 to access the first resource through the wireless access point 2 according to the second authentication result.
In a preferred embodiment, as shown in FIG. 2, the remote authorization platform 4 comprises:
the authorization server 41, the authorization server 41 is connected to the wireless access point 2, and is configured to determine whether to allow the terminal device 1 to initiate an access request or access the first resource;
the page server 42, the page server 42 connects the terminal device 1 and the wireless access point 2, and is used for generating an interactive page;
the interactive page is used for entering identity information and sending feedback information whether the first resource can be accessed to the terminal device 1.
Specifically, in one embodiment, the wireless access point is configured as a wireless AP device with a wireless network (WLAN) function, which is used for connecting with a terminal device 1 such as a mobile phone or a computer with a wireless network function, and serves as a relay node between the authorization server 41 and the authentication server 3, so as to replace a cryptographic tunnel server (VPN) that is common in the prior art. The authorization server 41 is configured as an AAA authentication server deployed on a cloud platform, and is configured to process an access request and an access request of the terminal device 1 to provide an authentication and authorization service. The page server 42 is configured as a Portal server deployed on a cloud platform, and can send a graphical interactive page, which is equivalent to a Portal page, to the terminal device 1. The terminal device 1 fills corresponding identity information on the interactive page, and automatically feeds back the second authentication result to the page server 42 through the JS script at the rear end of the Portal page when receiving the second authentication result. The identity authentication server 3 is set as an LDAP server, stores preset employee account numbers and identity credentials, is used for authenticating whether an access user of a terminal device accessing a network is an enterprise employee, and establishes communication connection with the wireless access point 2 in a manner of LDAP, LDAPs, LDAP Over TLS or the like.
In a preferred embodiment, as shown in fig. 3, the authorization server 41 includes an authentication judgment sub-module 411, and the authentication judgment sub-module 411 judges whether to allow the terminal device 1 to initiate an access request through the wireless access point 2 according to whether the terminal device 1 is authenticated by the identity authentication server 3.
In a preferred embodiment, the wireless access point 2 includes a remapping submodule 21, and when the terminal device 1 does not pass through the identity authentication server 3 for identity authentication, the remapping submodule 21 remaps the target address of the access request to the connection address of the wireless access point 2;
the wireless access point 2 then returns the connection address of the page server 42 to the terminal device 1 to enable the terminal device 1 to access the interaction page.
Specifically, when the terminal device 1 completes authentication to access the corporate lan, the current user of the terminal device 1 is not authenticated, and therefore cannot directly access the first resource that needs to be viewed through the corporate lan and is set in the lan. At this time, the wireless access point 2 as a relay module needs to return the address of the page server 42 to the terminal device 1, so that the current user of the terminal device 1 can further verify the identity thereof.
In a preferred embodiment, as shown in fig. 4, the wireless access point 2 has a credential extraction submodule 22;
when the terminal device 1 sends the identity information, the wireless access point 2 redirects the identity information to the certificate extraction submodule 22;
the certificate extraction submodule 22 extracts the identity certificate from the identity information and forwards the identity certificate to the identity authentication server 3;
the identity authentication server 3 judges whether the terminal device 1 is allowed to access the first resource according to the identity certificate and generates a second authentication result.
As an alternative embodiment, the identity credential is an ID, a physiological characteristic, a password, or an electronic key of the employee of the company.
Specifically, when the terminal device 1 checks the identity information in the interactive page, since the interactive page is set based on the HTTPS protocol, the content of the identity information is automatically forwarded to the connection address of the page server 42 located in the remote authentication platform 4. At this time, the wireless access point 2 monitors the data packet sent by the terminal device 1 according to the connection address of the page server 42, screens out the data packet used for sending the identity information to the page server 42 from the data packet, redirects the data packet to the credential extraction submodule 22, analyzes the data packet by the credential extraction submodule 22, extracts the identity credential, and forwards the identity credential to the identity authentication server 3 arranged in the company local area network, so that better security is realized.
In a preferred embodiment, as shown in fig. 5, a plurality of preset identity authentication information are stored in the identity authentication server 3;
the identity authentication server 3 comprises an information comparison submodule 31;
the information comparison submodule 31 compares the identity authentication information with the identity credential one by one, and allows the terminal device 1 to access the first resource when the identity authentication information consistent with the credential exists.
In a preferred embodiment, the wireless access point 2 comprises a forwarding sub-module 23 which, when the identity authentication server 3 determines to allow the terminal device 1 to access the first resource,
the forwarding sub-module 23 receives the second authentication result sent by the self-identity authentication server 3, and forwards the second authentication result to the page server 42 through the interactive page;
the page server 42 includes a communication sub-module;
the communication sub-module forwards the second authentication result to the authorization server 41, so that the authorization server 41 controls the wireless access point 2 to allow the terminal device 1 to access the first resource.
In a preferred embodiment, when the wireless access point 2 allows the terminal device 1 to access the first resource, the wireless access point 2 sends the authorization result to the authentication server 3, and the authentication server 3 forwards the authorization result to the page server 42 for generating feedback information through the interactive page, where the feedback information is used to indicate that the terminal device 1 allows the access to the first resource.
In a preferred embodiment, the wireless access point 2 and the authentication server 3 are located in the same lan.
When a terminal device 1 tries to access a local area network and accesses a first resource, as shown in fig. 6, the process specifically includes:
1. when the terminal device 1 establishes a connection with the wireless access point 2 to attempt to access the local area network of the company, the terminal device 1 initiates an access request to the wireless access point 2;
2. when the wireless access point 2 receives the access request, the wireless access point 2 initiates an authentication request to an authorization server 41 deployed in the remote authorization platform 4 to determine whether the terminal device 1 can access the local area network; the authentication request includes information of the terminal device 1, such as a MAC address.
3. The authorization server 41 determines whether the terminal device 1 is authenticated by a corresponding data source, such as an identity authentication server local to an enterprise, according to a matching policy built in the authorization server. If yes, allowing the terminal device 1 to access the local area network, and sending a first authentication result to the wireless access point 2 to inform the wireless access point 2 of authorization for the terminal device 1 to enable the terminal device 1 to access the local area network. At the same time, the authorization server 41 also updates the connection address (url) of the page server 42 to the wireless access point 2, so that the wireless access point 2 can redirect the access request of the terminal device 1 to the page server when the terminal device 1 has not been authenticated by the authentication server.
4. When the wireless access point 2 receives the authentication result returned from the first authorization server 41, the wireless access point 2 authorizes the terminal apparatus 1 so that it can access the local area network through the wireless access point 2, and notifies that the terminal apparatus 1 has accessed the local area network.
5. When the terminal device 1 initiates an access request, the wireless access point 2 receives this access request.
6. Since the terminal device 1 has not been authenticated, i.e. the identity of the user of the terminal device 1 has not been confirmed, the user is required to perform identity authentication. At this time, the wireless access point 2 sets the return information of the access request as the connection address of the page server 42 by the DNAT method, and returns a status code, which is HTTP 302.
7. The terminal device 1 receives the returned connection address of the page server 42 and the HTTP302 status code.
8. The terminal device 1 initiates a page request to the page server 42 according to the connection address.
9. The page server 42 returns an interaction page to the terminal device 1 for the user to fill out identity information on the terminal device 1.
10. After the user completes the identity information on the interactive page, the identity information is sent to the wireless access point 2.
11. When the wireless access point 2 receives the identity information sent by the user, the wireless access point 2 redirects the identity information to the CGI module arranged at the wireless access point 2 by the DNAT method, and the CGI module extracts the identity credential from the identity information.
12. The wireless access point 2 establishes connection with an identity authentication server 42 which is also arranged in a company local area network through LDAP over TLS, and requests the identity authentication server 42 to verify the identity certificate;
13. and judging whether the authentication of the identity certificate passes according to preset identity authentication information, and returning a second authentication result representing successful authentication to a CGI module of the wireless access point 2 through LDAP over TLS connection.
14. The CGI module forwards the second authentication result to the terminal device 1 through the wireless access point 2.
15. When the terminal device 1 receives the second authentication result, it does not generate related feedback information at the front end, and receives the second authentication result only through the interactive page opened by the terminal device 1.
16. A JS script has been preset in the interactive page, and is used to automatically return the second authentication result to the page server 42 at the browser back end.
17. When the page server 42 receives the authentication result, the second authentication result is forwarded to the authorization server 41.
18. The authorization server 41 determines whether to allow the terminal device 1 to access the first resource according to the authentication result, and if so, sends a COA request to the wireless access point 2 so that the terminal device 1 can access the first resource.
19. After the wireless access point 2 completes the authorization of the terminal device 1, the authorization result is fed back to the authorization server 41 in a COA ACK/NAK manner.
20. The authorization server 41 forwards the authorization result to the page server 42 so that the page server can generate feedback information for prompting the user whether the authorization passes.
21. The page server 42 displays the feedback information of the successful authorization to the terminal device 1 through the interactive page.
The invention has the advantages that the wireless access point is arranged as the remote authorization platform and the bridging node of the identity authentication server arranged in the local area network, thereby simplifying the system design, avoiding the problem that an encryption channel server needs to be additionally arranged in the prior art, reducing the maintenance cost and ensuring that the whole system is more convenient to use.
While the invention has been described with reference to a preferred embodiment, it will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the spirit and scope of the invention.
Claims (9)
1. An authenticated access system for a local area network, comprising:
the wireless access point is connected with a plurality of terminal devices and receives access requests of the terminal devices;
the remote authorization platform is connected to the wireless access point and receives the access request, judges whether the terminal equipment is allowed to access or not, and returns a first authentication result to the wireless access point;
when the terminal equipment initiates an access request, the wireless access point forwards the access request to the remote authorization platform, and the remote authorization platform requests identity information from the terminal equipment and forwards the identity information to an identity authentication server through the wireless access point;
the identity authentication server judges whether the terminal equipment is allowed to access the first resource in the local area network or not according to the identity information and generates a second authentication result;
and the remote authorization platform enables the terminal equipment to access the first resource through the wireless access point according to the second authentication result.
2. The authenticated access system of claim 1, wherein the remote authorization platform comprises:
the authorization server is connected with the wireless access point and is used for judging whether the terminal equipment is allowed to initiate the access request or access the first resource;
the page server is connected with the terminal equipment and the wireless access point and is used for generating an interactive page;
the interactive page is used for inputting the identity information and sending feedback information whether the first resource can be accessed to the terminal equipment.
3. The system according to claim 2, wherein the authorization server includes an authentication judgment sub-module, and the authentication judgment sub-module judges whether the terminal device is allowed to initiate the access request through the wireless access point according to whether the terminal device is authenticated by the identity authentication server.
4. The authentication access system according to claim 2, wherein the wireless access point comprises a remapping sub-module, and when the terminal device fails to perform authentication by the authentication server, the remapping sub-module remaps a destination address of the access request to a connection address of the wireless access point;
and then the wireless access point returns the connection address of the page server to the terminal equipment so that the terminal equipment accesses the interactive page.
5. The authenticated access system of claim 2, wherein the wireless access point has a credential extraction sub-module;
when the terminal equipment sends the identity information, the wireless access point redirects the identity information to the certificate extraction submodule;
the certificate extraction submodule extracts an identity certificate from the identity information and forwards the identity certificate to the identity authentication server;
and the identity authentication server judges whether the terminal equipment is allowed to access the first resource or not according to the identity certificate and generates a second authentication result.
6. The authentication access system according to claim 5, wherein a plurality of preset authentication information are stored in the authentication server;
the identity authentication server comprises an information comparison submodule;
and the information comparison sub-module compares the identity authentication information with the identity certificate one by one, and allows the terminal equipment to access the first resource when the identity authentication information consistent with the identity certificate exists.
7. The authenticated access system of claim 2, wherein the wireless access point comprises a forwarding sub-module, and when the identity authentication server determines to allow the terminal device to access the first resource,
the forwarding sub-module receives the second authentication result sent by the identity authentication server and forwards the second authentication result to the page server through the interactive page;
the page server comprises a communication submodule;
the communication sub-module forwards the second authentication result to the authorization server, so that the authorization server controls the wireless access point to allow the terminal device to access the first resource.
8. The system according to claim 7, wherein when the wireless access point allows the terminal device to access the first resource, the wireless access point sends an authorization result to the authentication server, and the authentication server forwards the authorization result to the page server for generating feedback information through the interaction page, where the feedback information is used to indicate that the terminal device allows the terminal device to access the first resource.
9. The authenticated access system of claim 1, wherein the wireless access point and the identity authentication server are located within the same local area network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111117607.4A CN113709741A (en) | 2021-09-23 | 2021-09-23 | Authentication access system of local area network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111117607.4A CN113709741A (en) | 2021-09-23 | 2021-09-23 | Authentication access system of local area network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113709741A true CN113709741A (en) | 2021-11-26 |
Family
ID=78661664
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111117607.4A Pending CN113709741A (en) | 2021-09-23 | 2021-09-23 | Authentication access system of local area network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113709741A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116633687A (en) * | 2023-07-20 | 2023-08-22 | 深圳市永达电子信息股份有限公司 | Terminal safety access method, system and controller |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070271598A1 (en) * | 2006-05-16 | 2007-11-22 | A10 Networks, Inc. | Systems and methods for user access authentication based on network access point |
| CN102984173A (en) * | 2012-12-13 | 2013-03-20 | 迈普通信技术股份有限公司 | Network access control method and system |
| CN103139772A (en) * | 2011-11-23 | 2013-06-05 | 中国移动通信集团上海有限公司 | Method for processing terminal accessed to local area network and method and device for used data statistic |
| CN105744521A (en) * | 2016-04-15 | 2016-07-06 | 上海斐讯数据通信技术有限公司 | Access authentication management method of wireless network |
| CN106656911A (en) * | 2015-10-29 | 2017-05-10 | 华为技术有限公司 | Portal authentication method, access device and management server |
| CN109862565A (en) * | 2019-02-11 | 2019-06-07 | 广东省城乡规划设计研究院 | A kind of WLAN unaware control method, system and readable storage medium storing program for executing |
-
2021
- 2021-09-23 CN CN202111117607.4A patent/CN113709741A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070271598A1 (en) * | 2006-05-16 | 2007-11-22 | A10 Networks, Inc. | Systems and methods for user access authentication based on network access point |
| CN103139772A (en) * | 2011-11-23 | 2013-06-05 | 中国移动通信集团上海有限公司 | Method for processing terminal accessed to local area network and method and device for used data statistic |
| CN102984173A (en) * | 2012-12-13 | 2013-03-20 | 迈普通信技术股份有限公司 | Network access control method and system |
| CN106656911A (en) * | 2015-10-29 | 2017-05-10 | 华为技术有限公司 | Portal authentication method, access device and management server |
| CN105744521A (en) * | 2016-04-15 | 2016-07-06 | 上海斐讯数据通信技术有限公司 | Access authentication management method of wireless network |
| CN109862565A (en) * | 2019-02-11 | 2019-06-07 | 广东省城乡规划设计研究院 | A kind of WLAN unaware control method, system and readable storage medium storing program for executing |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116633687A (en) * | 2023-07-20 | 2023-08-22 | 深圳市永达电子信息股份有限公司 | Terminal safety access method, system and controller |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9015855B2 (en) | Secure tunneling platform system and method | |
| JP4291213B2 (en) | Authentication method, authentication system, authentication proxy server, network access authentication server, program, and recording medium | |
| US8996603B2 (en) | Method and apparatus for user domain based white lists | |
| US7940656B2 (en) | System and method for authenticating an element in a network environment | |
| US7035281B1 (en) | Wireless provisioning device | |
| US8806608B2 (en) | Authentication server and method for controlling mobile communication terminal access to virtual private network | |
| US20090064291A1 (en) | System and method for relaying authentication at network attachment | |
| CA2419853A1 (en) | Location-independent packet routing and secure access in a short-range wireless networking environment | |
| CN108768979B (en) | Method for accessing intranet, device and system for accessing intranet | |
| CN105007579A (en) | Wireless local area network access authentication method and terminal | |
| JP2008518533A (en) | Method and system for transparently authenticating mobile users and accessing web services | |
| US10277586B1 (en) | Mobile authentication with URL-redirect | |
| CN103312744A (en) | Business management method, platform and system based on cloud desktop | |
| US7853705B2 (en) | On demand session provisioning of IP flows | |
| MXPA06002182A (en) | Preventing unauthorized access of computer network resources. | |
| CN109548022B (en) | Method for mobile terminal user to remotely access local network | |
| US7694015B2 (en) | Connection control system, connection control equipment and connection management equipment | |
| CN113709741A (en) | Authentication access system of local area network | |
| AU2017344389B2 (en) | Portal aggregation service mapping subscriber device identifiers to portal addresses to which connection and authentication requests are redirected and facilitating mass subscriber apparatus configuration | |
| CN110049024A (en) | A kind of data transmission method, transfer server and access site server | |
| CN106162645B (en) | A kind of the quick of Mobile solution reconnects method for authenticating and system | |
| JP5982706B2 (en) | Secure tunneling platform system and method | |
| WO2013034108A1 (en) | Cloud service establishment system and method | |
| CN107800569B (en) | VPN quick access system and method based on ONT | |
| CN113271285A (en) | Method and device for accessing network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |