JP6146105B2 - Gateway system, extended gateway, extended edge device, mobile terminal connection method and program - Google Patents

Description

  The present invention relates to a gateway system, an extended gateway, an extended edge device, a mobile terminal connection method, and a program, and more particularly to a gateway system that connects a mobile terminal to a mobile communication network via a fixed communication network.

  In mobile communication services, mobile terminals used by users are rapidly being replaced by conventional feature phones with smartphones. A survey conducted by a private research organization described in Non-Patent Document 1 as of October 2012 showed that 39.9% of individual mobile phone users use smartphones. By the end of 2013, it is expected that the majority of mobile phones for personal use will become smartphones.

  Smartphones can handle more data than feature phones. Accordingly, when smartphones become widespread, data traffic will increase dramatically and congestion of the wireless communication network will occur. For communication service providers, a part of smartphone traffic is accommodated in a fixed communication network using so-called WiFi (also known as wireless LAN: IEEE802.11a / b / g / n) to avoid congestion of the wireless communication network. So-called off-load is an urgent task. Non-Patent Document 2 describes an outline of such offloading.

  However, smart phones include not only services provided for the entire Internet, but also services specific to mobile communications (for specific communication service providers). More specifically, this corresponds to services associated with contracts for individual terminals such as parental control, e-mail service, and closed content. Users cannot use such services if they are accommodated in the fixed communication network.

  Therefore, a connection form in which a mobile terminal is allowed to access a mobile communication network using a part of a fixed communication network has been studied among various vendors. The 3GPP (3rd Generation Partnership Project), an international organization for standardizing the technical specifications of mobile communication systems, uses a S2a interface based on the premise of a reliable fixed communication network and an unreliable fixed communication network as a method for that purpose. The assumed accommodation by the S2b interface is defined in the 3GPP TS 23.402 standard of Non-Patent Document 3.

  There are the following as technical documents related to the above. Patent Document 1 describes a technique for reducing signaling when a mobile node such as a mobile terminal roams a home domain. Patent Document 2 describes a home gateway network address translation method (such as translation between IPv6 and IPv4). Japanese Patent Application Laid-Open No. 2004-228561 describes a technique that allows the home agent's home address to be set without changing the setting of the mobile terminal.

  Non-Patent Document 1 describes the survey results regarding the usage trend of mobile phones as described above. Non-Patent Document 2 describes the outline of the aforementioned offload. Non-Patent Document 3 describes the above-mentioned TS23.402 standard. Non-Patent Document 4 describes a technique that enables handover between different wireless systems.

Re-specialized WO2009 / 153944 JP 2006-246464 A JP 2005-143095 A

“The smartphone usage rate almost doubled to 39.9% for individuals and 41.7% for companies. Facebook usage rate for personal smartphone users was 38.7% in the 9th year, 1762 individuals in charge of companies,“ Smartphone / mobile phone usage trend survey 2013 "Released on Thursday, November 22", November 20, 2012, [April 9, 2013 search], Impress R & D, Inc., Internet <URL: http://www.impressrd.jp/ news / 121120 / kwp2013> "What is off-road, the trump card for realizing" connected smartphones "?" November 2011, [Search April 9, 2013], TDK Corporation, Internet <URL: http://www.tdk .co.jp / techmag / knowledge / 201111u / ＞ “3GPP TS 23.401: General Packet Radio Service (GPRS) enhancements for Evolved Universal Terrestrial Radio Access Network (E-UTRAN) access”, [Search April 9, 2013], 3GPP, Internet <URL: http: // www .3gpp.org / ftp / Specs / html-info / 23401.htm> Katsutoshi Nishida et al., “SAE Basic Control Technology for Realizing All-IP Network”, October 2009, [Search April 9, 2013], NTT DOCOMO, INC., NTT DOCOMO Technical Journal, Vol. No. 3, Internet <URL: http://www.nttdocomo.co.jp/binary/pdf/corporate/technology/rd/technical_journal/bn/vol17_3/vol17_3_006jp.pdf>

  As described above, a technique for allowing a mobile terminal to access a mobile communication network by using a part of a fixed communication network from Wi-Fi using a connection using the S2a / S2b interface of the TS23.402 standard is already established. Has been.

  However, when this portable terminal is connected to a PGW (Packet Dana Network Gateway) via an S2b interface using an ePDG (evolved Packet Data Gateway) deployed in a mobile communication network, IPsec (as a SWu interface between the mobile terminal and the ePDG) Security Architecture for IP) protocol is required. This protocol is not standard in all portable terminals.

  If the fixed communication network is assumed to be reliable, a model that is standardized by the above-mentioned TS23.402 standard and that connects directly to the PGW through the S2a interface from the gateway provided in the fixed communication network can be used.

  However, there is no clear means for ensuring the reliability of the fixed communication network. For this reason, a specific configuration for connecting the mobile terminal and the accommodation device with a P2P (Peer to Peer) link has not been established. Further, such a P2P link function is not provided as standard in all portable terminals.

  Furthermore, in the existing method, a global address is assigned to the mobile terminal from the mobile communication network, so that the mobile terminal connected to the WiFi is another terminal having the same fixed communication network private address. In order to communicate with the Internet, it is necessary to change NAT connection over the Internet or change the WiFi connection by changing the setting of the mobile terminal.

  The above problems are not mentioned in Patent Documents 1 to 3 and Non-Patent Documents 1 to 4 described above, and techniques that can be used to solve this problem are not described in these documents.

  An object of the present invention is to provide a gateway system, an extended gateway, an extended edge device, which can connect to a mobile communication network via a fixed communication network even if it is a portable terminal that does not have an IPsec protocol or a P2P link function, To provide a mobile terminal connection method and program.

  In order to achieve the above object, a gateway system according to the present invention includes an extended home gateway that can connect a mobile terminal and a fixed terminal, and an extended edge device that interposes fixed communication between the extended home gateway and the Internet. A gateway system, in which an extended edge device can transfer data to and from a mobile communication service to which a mobile terminal belongs via an S2a interface defined in the 3GPP TS23.402 standard, which is an international standard. SWu provided with an ePDG (evolved Packet Data Gateway), an extended home gateway connected to a subscriber-side mobile terminal by Wi-Fi (Wi-Fi), and defined by the TS23.402 standard between the station-side ePDG Connected via the interface, which allows mobile terminals and mobiles Further comprising a mobile terminal user agent mediating connection between the signal services, characterized by.

  In order to achieve the above object, an extended gateway according to the present invention is an extended home gateway capable of connecting a mobile terminal and a fixed terminal, intervening fixed communication between the extended home gateway and the Internet, and An extended edge device provided with an ePDG (evolved Packet Data Gateway) capable of transferring data by connecting to an associated mobile communication service via the S2a interface defined in the 3GPP TS23.402 standard, which is an international standard; Connected to the mobile terminal on the subscriber side via Wi-Fi and connected to the ePDG on the station side via the SWu interface defined in the TS23.402 standard. Mobile terminal user age intervening connection between mobile terminal and mobile communication service by Further comprising a cement, characterized by.

  In order to achieve the above object, an extended edge apparatus according to the present invention is an extended edge apparatus that interposes fixed communication between an extended home gateway that can connect a mobile terminal and a fixed terminal and the Internet, and to which the mobile terminal belongs An ePDG (evolved packet data gateway) that can be connected to a mobile communication service via the S2a interface defined in the 3GPP TS23.402 standard, which is an international standard, and can transfer data is provided. TWAP (Trusted WLAN AAA Proxy) that connects to the AAA server provided for the communication service via the STa interface defined in the TS23.402 standard to authenticate the mobile terminal by EAP (Extensible Authentication Protocol), and the authenticated mobile Intervene connection between terminal and mobile communication service via S2a interface And TWAG (Trusted WLAN Access Gateway).

  To achieve the above object, a mobile terminal connection method according to the present invention includes an extended home gateway that can connect a mobile terminal and a fixed terminal, and an extended edge device that interposes fixed communication between the extended home gateway and the Internet. The mobile terminal user agent of the extended home gateway connects to the mobile terminal on the subscriber side by WiFi (Wi-Fi), and the mobile terminal user agent of the extended home gateway is connected to the station side. The extended edge device is connected via the SWu interface defined by the 3GPP TS23.402 standard, which is an international standard, and the extended edge device ePDG (evolved Packet Data Gateway) is connected to the mobile communication service to which the mobile terminal belongs. S2a interface defined by TS23.402 standard It can be connected via the vinegar, and said.

To achieve the above object, a mobile terminal connection program according to the present invention includes an extended home gateway that can connect a mobile terminal and a fixed terminal, and an extended edge device that interposes fixed communication between the extended home gateway and the Internet. The extended edge device ePDG (evolved Packet Data Gateway) is connected to the mobile communication service to which the mobile terminal belongs via the S2a interface defined by the 3GPP TS23.402 standard, which is an international standard. Then, a procedure for connecting the mobile terminal on the subscriber side to the processor provided in the extended home gateway by Wi-Fi, and the 3GPP TS23. 402 to connect via SWu interface defined by the standard, expansion After the edge device is connected between a mobile communication service, the global IP address and private IP issued instructions to issue a private IP address that is used between the mobile terminal and the fixed terminal, and the mobile services It is characterized in that a procedure for mutual conversion between addresses is executed.

  In the present invention, since the extended home gateway includes the mobile terminal user agent as described above, the mobile terminal user agent can perform the IPsec protocol and the P2P link function.

  As a result, even a mobile terminal that does not have an IPsec protocol or a P2P link function can be connected to a mobile communication network via a fixed communication network. An extended edge device, a mobile terminal connection method, and a program can be provided.

It is explanatory drawing shown about the structure of the gateway system which concerns on the basic form of this invention. It is explanatory drawing shown about the structure of the gateway system which concerns on the 1st Embodiment of this invention. It is explanatory drawing which shows in more detail the internal structure of the expansion HGW shown in FIG. It is explanatory drawing which shows in more detail the internal structure of the extended edge apparatus shown in FIG. 3 is a flowchart showing an operation when a mobile terminal connects to a mobile communication service via an extended HGW in the gateway system shown in FIG. It is a continuation of FIG. It is a continuation of FIGS. It is explanatory drawing shown about the structure of the gateway system which concerns on the 2nd Embodiment of this invention. It is explanatory drawing which shows in more detail the internal structure of the expansion HGW shown in FIG. It is explanatory drawing which shows in more detail the internal structure of the extended edge apparatus shown in FIG. FIG. 9 is a flowchart showing an operation when a fixed terminal connects to the Internet via an extended HGW in the gateway system shown in FIG. 8. It is a continuation of FIG. FIG. 9 is a flowchart showing an operation when a mobile terminal connects to a mobile communication service or the Internet via an extended HGW in the gateway system shown in FIG. 8.

(Basic form)
Hereinafter, the basic configuration of the present invention will be described with reference to FIG.
A gateway system 1 according to a basic form includes a extended home gateway 2 that can connect a mobile terminal 4 and a fixed terminal 5, and an extended edge device 3 that interposes fixed communication between the extended home gateway and the Internet 7. System. The extended edge device 3 is connected to a mobile communication service to which a mobile terminal belongs via an S2a interface defined by the 3GPP TS23.402 standard, which is an international standard, and can transfer data by ePDG 3a (evolved Packet Data The extended home gateway 2 is connected to the mobile terminal on the subscriber side via Wi-Fi and connected to the ePDG on the station side via the SWu interface defined in the TS23.402 standard. In addition, the mobile terminal user agent 2a that intervenes the connection between the mobile terminal 4 and the mobile communication service 6 is provided.

As a result, the gateway system 1 can connect the mobile terminal to the mobile communication network via the fixed communication network.
A more detailed configuration of each unit / means will be described as the next embodiment.

(First embodiment)
Then, the structure of the 1st Embodiment of this invention is demonstrated based on attached FIGS.
First, the basic content of the present embodiment will be described, and then more specific content will be described.
The gateway system 100 according to the present embodiment includes an extended home gateway (extended HGW 10) that can connect the mobile terminal 30 and the fixed terminal 40, and an extended edge device 20 that interposes fixed communication between the extended home gateway and the Internet 70. The extended edge device 20 is connected to the mobile communication service 60 to which the mobile terminal belongs via the S2a interface defined in the 3GPP TS23.402 standard that is an international standard. An ePDG (evolved Packet Data Gateway) 21 capable of data transfer is provided. The extended home gateway 10 is connected to a subscriber-side mobile terminal by Wi-Fi, and TS23. When connected via the SWu interface specified in the 402 standard Together, this comprises a mobile terminal user agent 11 which intervenes a connection between the mobile terminal and the mobile communication service.

  In addition, the extended HGW 10 includes a private DHCP unit 14 that issues a private IP address used between the mobile terminal and the fixed terminal, and the mobile terminal user agent 11 has a global IP address issued by the mobile communication service. A fixed communication network local IP processing unit 11d that mutually converts between private IP addresses is provided. In addition, the distribution processing unit 15 that determines whether the destination of the IP packet transmitted from the mobile terminal is addressed to the mobile communication service and transmits the IP packet addressed to the mobile communication service to the mobile terminal user agent is also provided. Prepare.

  The TWAP 22 (Trusted) authenticates the mobile terminal by EAP (Extensible Authentication Protocol) by connecting to the ePDG 21 of the extended edge device 20 via the STa interface defined in the TS23.402 standard to the AAA server provided for the mobile communication service. WLAN AAA Proxy) and a TWAG 23 (Trusted WLAN Access Gateway) that intervenes a connection by the S2a interface between the authenticated mobile terminal and the mobile communication service.

As a result, the gateway system 1 can be connected to a mobile communication network via a fixed communication network even if it is a portable terminal that does not have an IPsec protocol or a P2P link function.
Hereinafter, this will be described in more detail.

  FIG. 2 is an explanatory diagram showing the configuration of the gateway system 100 according to the first embodiment of the present invention. The gateway system 100 includes an extended home gateway device (hereinafter referred to as an extended HGW 10) that intervenes a connection between the fixed communication network 50 and the fixed terminal 40, and a connection between the fixed communication network 50 and the service provider 71 (Internet 70). It is comprised with the extended edge apparatus 20 which interposes.

  In this specification, they are called an extended HGW 10 and an extended edge device 20, respectively, in the sense that a function related to connection of a mobile terminal is added to a normal home gateway and an edge device. The extended HGW 10 includes a mobile terminal user agent 11 that interposes a Wi-Fi connection with the mobile terminal 30. The extended edge device 20 includes an evolved packet data gateway (ePDG) 21 that is connected to the mobile terminal user agent 11 via the SWu interface and mediates a connection with the mobile communication service 60.

  The ePDG 21 can be connected to the mobile PGW 61 of the mobile communication service 60 via the TWAG (Trusted WLAN Access Gateway) 23 and the S2a interface. At that time, a mobile terminal based on EAP (Extensible Authentication Protocol) is connected to an AAA (Authentication, Authorization, and Accounting) server 62 of the mobile communication service 60 via a STa interface via a TWAP (Trusted WLAN AAA Proxy) 22. 30 authentications are performed.

  Here, the S2a interface, the STa interface, and the SWu interface are all defined by the TS23.402 standard described in Non-Patent Document 3.

  The mobile terminal 30 is a UE (User Equipment) defined by the TS23.402 standard. Although the mobile communication service 60 can be used also by cellular radio, it has a non-3GPP access radio function such as Wi-Fi separately. After being authenticated by the mobile AAA 62 using the IEEE 802.1x protocol and the EAP protocol, the mobile communication service 60 can be used for data communication using IP (Internet Protocol).

  The mobile AAA 62 is an authentication server defined by the TS23.402 standard, and exchanges authentication information with the mobile terminal 30 by EAP. The mobile PGW 61 is a gateway device stipulated by the TS23.402 standard, extracts IP packets originating from the mobile terminal 30 from a GTP (GPRS Tunneling Protocol) tunnel or GRE (Generic Routing Encapsulation) tunnel in the S2a interface, and moves A function of transferring to the body communication service 60 is provided.

  The mobile communication service 60 is a service specific to the mobile communication network associated with the contract for each individual terminal as described above, such as parental control, e-mail service, closed content, and a service that provides connection to the Internet. Etc.

  In addition to the extended HGW 10 and the extended edge device 20, the fixed communication network 50 includes a gate device 51 interposed between the extended edge device 20 and the service provider 71. The gate device 51 is connected to the extended HGW 10 via the extended edge device 20 through an ISP communication tunnel, takes out an IP packet having the extended HGW 10 as a transmission source, and transfers the IP packet to the service provider 71. The service provider 71 is a service that provides a connection with the Internet 70.

  The fixed terminal 40 is a general information processing apparatus such as a personal computer. The fixed terminal 40 accesses the Internet 70 via the extended HGW 10 by IP, and at the same time performs IP communication with other apparatuses such as the mobile terminal 30. Provide communication function. The connection between the fixed terminal 40 and the extended HGW 10 may be a wireless connection such as Wi-Fi or a wired connection such as cable Ethernet (registered trademark). As will be described later, in the present embodiment, an example in which the fixed terminal 40 and the extended HGW 10 are wired is shown.

  FIG. 3 is an explanatory diagram showing the internal configuration of the extended HGW 10 shown in FIG. 2 in more detail. The extended HGW 10 includes the above-described mobile terminal user agent 11, the WiFi processing unit 101, the LAN-side Ethernet processing unit 102, the 802.1X processing unit 12, the private IP processing unit 13, the private DHCP (Dynamic Host Configuration Protocol) unit 14, and the WAN. Side Ethernet processing unit 17, global IP address processing unit 16, and distribution processing unit 15.

  The WiFi processing unit 101 is wirelessly connected to the mobile terminal 30 via WiFi. The LAN-side Ethernet processing unit 102 is wired to the fixed terminal 40 via cable Ethernet. The private DHCP unit 14 issues a private IP address used only in the fixed communication network 50 to the mobile terminal 30 and the fixed terminal 40. The private IP processing unit 13 performs conversion between the private IP address and the global IP address issued from the service provider 71.

  The WAN-side Ethernet processing unit 17 is wired to the extended edge device 20 via cable Ethernet. The global IP address processing unit 16 performs processing based on the global IP address required at that time. Further, an ISP tunneling processing unit 103 that performs tunneling processing using a protocol such as PPPoE necessary for data transmission / reception with the service provider 71 is also provided.

  The mobile terminal user agent 11 includes an EAP relay unit 11a, a mobile communication network global IP processing unit 11b, an IKE (Internet Key Exchange) v2 / IPsec processing unit 11c, a fixed communication network local IP processing unit 11d, and a buffer 11e.

  The EAP relay unit 11a is inserted between the 802.1X processing unit 12 and the IKEv2 / IPsec processing unit 11c, and transfers an EAP frame, which is authentication information of the mobile terminal 30, to the extended edge device 20. The mobile communication network global IP processing unit 11 b is inserted between the distribution processing unit 15 and the IKEv2 / IPsec processing unit 11 c and transfers the IP packet of the mobile terminal 30 to the extended edge device 20.

  The IKEv2 / IPsec processing unit 11c performs processing necessary for transferring IP packets between the mobile terminal 30 and the extended edge device 20. The fixed communication network local IP processing unit 11d performs a process of mutually converting between the private IP address and the acquired global IP address. The buffer 11e is provided in the fixed communication network local IP processing unit 11d, and stores a part of the authentication data included in the IP packet or the global IP address obtained through the authentication procedure.

  The distribution processing unit 15 cooperates with the 802.1X processing unit 12 and the private DHCP server 14 to determine whether the IP packet transmitted from the fixed terminal 40 and the mobile terminal 30 is addressed to an external network other than the private network under the extended HGW 10 After determining whether or not, the packet is distributed to either the mobile communication network global IP processing unit 11b or the ISP global IP processing unit 16.

  FIG. 4 is an explanatory diagram showing the internal configuration of the extended edge device 20 shown in FIG. 2 in more detail. The extended edge device 20 includes the ePDG 21, the TWAP 22, and the TWAG 23, the extended HGW side Ethernet processing unit 201, the ISP communication tunnel processing unit 202, and the gate device side Ethernet processing unit 203.

  The extended HGW-side Ethernet processing unit 201 is wired to the extended HGW 10 via cable Ethernet. The gate device side Ethernet processing unit 203 is wired to the gate device 51 via cable Ethernet. The ISP communication tunnel processing unit 202 cooperates with the ISP tunneling processing unit 103 of the extended HGW 10 to perform tunneling processing using a protocol such as PPPoE, and at the same time, performs a tunneling connection with the gate device 51 using a protocol such as L2TP.

  The ePDG 21 includes a fixed communication network local IP processing unit 21a, an IKEv2 / IPsec processing unit 21b, and an EAP relay unit 21c. In cooperation with each functional unit having the same name of the mobile terminal user agent 11 of the extended HGW 10, the ePDG 21 Make an IPsec tunneling connection.

  The TWAP 22 includes an STa interface processing unit 22a, an IP processing unit 22b, and an Ethernet processing unit 22c, and transfers the EAP frame, which is authentication information of the mobile terminal 30 received via the EAP relay unit 21c of the ePDG 21, to the mobile AAA 62.

  The TWAG 23 includes an S2a interface processing unit 23a, an IP processing unit 23b, and an Ethernet processing unit 23c, and transfers the IP packet of the mobile terminal 30 received through the IKEv2 / IPsec processing unit 21b of the ePDG 21 to the mobile communication service 60. .

  5 to 7 are flowcharts showing operations when the mobile terminal 30 connects to the mobile communication service 60 via the extended HGW 10 in the gateway system 100 shown in FIG. 5 to 7 show a series of operations divided into three sheets due to space limitations.

  When the mobile terminal 30 tries to connect to the extended HGW 10 (step S101), the mobile terminal 30 starts processing for WiFi connection (step S102). Note that the security in this WiFi connection is based on the premise that the reliability sufficient for performing the S2a interface connection with the mobile communication network is secured, and the management user of the extended HGW 10 cannot change the security settings on the setting screen or the like. It has become.

  Subsequently, the mobile terminal 30 transmits EAPOL-Start to the extended HGW 10 in accordance with the 802.1X procedure in order to perform EAP-AKA (Extensible Authentication Protocol Method for UMTS Authentication and Key Agreement) authentication (step S103).

  In response to this, the extended HGW 10 transmits EAP-Request / Identity to the mobile terminal 30 to request authentication start (step S104), and the mobile terminal 30 returns EAP-Response / Identity to return EAP-AKA authentication. Is started (step S105).

  The extended HGW 10 performs an IKE_SA_INIT procedure with the extended edge device 20 as an agent of the mobile terminal 30 (step S106). Thereafter, as an authentication procedure for connecting to the mobile communication service 60 via the fixed communication network 50 and the mobile communication network, IKE_AUTH Request is transmitted to the extended edge device 20 (step S107).

  The extended edge device 20 transmits a Diameter EAP Request to the mobile AAA 62 via the STa interface based on the authentication destination included in the IKE_AUTH Request (step S108), and a Diameter EAP Answer (returned from the mobile AAA 62). The EAP-Request / AKA-Challenge included in step S109) is replaced with IKE_AUTH Response and transmitted to the extended HGW 10 (step S110).

  The extended HGW 10 forwards the received EAP-Request / AKA-Challenge to the mobile terminal 30 (step S111), performs calculations necessary for authentication in the mobile terminal 30, and then sends it to the extended HGW 10 as EAP-Response / AKA-Challenge. Return it (step S112).

  Further, the extended HGW 10 transmits the EAP-Response / AKA-Challenge to the IKE_Auth Request and transmits it to the extended edge device 20 (step S113), and the extended edge device 20 loads the EAP-Response / AKA-Challenge on the mobile AAA 62. Instead, Authentication & Authorization Request is transmitted (step S114).

  Up to this point, the mobile AAA 62 completes the authentication of the mobile terminal 30 by confirming the consistency of the calculation results. The mobile AAA 62 returns an Authentication & Authorization Answer including the EAP-Success that means authentication completion to the extended edge device 20 (Step S115), and the extended edge device 20 replaces this EAP-Success with the IKE_AUTH Response and transmits it to the extended HGW 10 (Step S116).

  The extended HGW 10 transmits IKE_Auth Request for communication between the mobile terminal 30 and the mobile communication service 60 while temporarily storing the EAP-Success in the buffer 11e (step S117), and the extended edge device 20 transmits to the mobile PGW 61. Then, Create Session Request is transmitted through the S2a interface (step S118).

  The extended edge device 20 replaces the mobile communication network global IP address assigned to the mobile terminal 30 included in the Create Session Response (step S119) returned from the mobile PGW 61 with the IKE_AUTH Response, and transmits it to the extended HGW 10 ( Step S120).

Through the processing up to this point, the extended HGW 10 stores the mobile communication network global IP address assigned to the mobile terminal 30 as an agent of the mobile terminal 30 in the buffer 11e, and uses the GTP tunnel (S2a) and the corresponding IPsec. Communication through the tunnel becomes possible. (Step S121)
Thereafter, the extended HGW 10 transmits the EAP-Success received in step S116 and buffered in the buffer 11e to the mobile terminal 30 (step S122), and then transmits EAPOL-Key (step S123). Then, the mobile terminal 30 is notified of the completion of the EAP-AKA authentication in the 802.1X procedure.

  The mobile terminal 30 notified of the completion of the EAP-AKA authentication transmits a DHCP Discover (Step S124) to the extended HGW 10, and through DHCP Offer (Step S125), DHCP Request (Step S126), and DHCP Ack (Step S127). A private IP address is acquired from the extended HGW 10 (step S128).

  At this time, the extended HGW 10 returns the private IP address issued by the private DHCP server 14 to the mobile terminal 30 in response to the MAC (Media Access Control) address of the mobile terminal 30 acquired by the 802.1X processing unit 12. This is stored, and IP packets whose transmission source is the private IP address of the mobile terminal 30 and whose transmission destination is the external network are transferred to the mobile communication network global IP processing unit 112 and processed by the distribution processing unit 15. It will be.

  With this process, the mobile terminal 30 can perform communication such as HTTP Request with the mobile communication service 60 via the IPsec tunnel in the fixed communication network 50 and the GTP tunnel connecting the fixed communication network 50 and the mobile communication network. (Step S129).

  At this time, in the extended HGW 10, the source address such as HTTP Request is determined from the private IP address assigned to the mobile terminal 30 by the mobile communication network global IP processing unit 11b and the fixed communication network local IP processing unit 11d. The mobile communication network global IP address assigned to the mobile terminal 30 possessed by the mobile terminal 30 is converted.

  Further, when the destination such as HTTP Request by the mobile terminal 30 is the same private network under the extended HGW 10 as that of itself, this determination processing is not performed, but based on the MAC address table possessed by the private IP processing unit in the extended HGW 10 Transfer is performed. Therefore, it is possible to communicate with the fixed terminal 40 under the extended HGW 10 without particularly changing the WiFi connection of the mobile terminal 30 or accessing via the Internet.

  As described above, in the operations described in FIGS. 5 to 7, the Diameter protocol is shown as an example of the STa interface as a protocol for transferring the EAP protocol to and from the TWAP 22 mobile AAA 62. Instead, the RADIUS (Remote Authentication Dial In User) is used. Service) protocol or GSM (registered trademark) -MAP (Mobile Application Part) protocol can be used for equivalent processing.

  In addition, although the GTP protocol is shown as an example for the S2a interface between the TWAG 23 and the mobile PGW 61, it is also possible to generate a GRE tunnel by performing equivalent processing using the PMIP (Proxy Mobile IP) v6 protocol. is there.

(Overall operation of the embodiment)
Next, the overall operation of the above embodiment will be described.
The mobile terminal connection method according to the present embodiment includes the extended home gateway 10 that can connect the mobile terminal 30 and the fixed terminal 40, and the extended edge device 20 that interposes fixed communication between the extended home gateway and the Internet. In the gateway system 100, the mobile terminal user agent of the extended home gateway connects with the mobile terminal on the subscriber side by Wi-Fi (FIG. 5, steps S101 to 102), and The mobile terminal user agent connects with the extended edge device on the station side via the SWu interface defined in the 3GPP TS23.402 standard (FIG. 5, steps S106 to 107), and the ePDG of the extended edge device. (Evolved Packet Data Gateway) is a mobile unit to which the mobile terminal belongs. The communication service is connected via the S2a interface defined in the TS23.402 standard (FIGS. 5-7 and steps S108-120). After that, the private DHCP unit of the extended home gateway issues a private IP address used between the mobile terminal and the fixed terminal (steps S124 to 128 in FIG. 7), and the fixed communication network local IP processing of the mobile terminal user agent The unit mutually converts between the global IP address issued by the mobile communication service and the private IP address (step S129 in FIG. 7).

Here, each of the above-described operation steps may be programmed to be executable by a computer, and may be executed by a processor included in the extended home gateway 10 and the extended edge device 20 that directly execute the steps. The program may be recorded on a non-temporary recording medium, such as a DVD, a CD, or a flash memory. In this case, the program is read from the recording medium by a computer and executed.
By this operation, this embodiment has the following effects.

  In this embodiment, the extended HGW 10 includes the mobile terminal agent 11. As a result, even if the mobile terminal 30 does not have the IPsec function and the P2P link function, the mobile terminal agent 11 can perform these functions, so that the mobile body via the extended edge device 20 via the S2a interface. It becomes possible to connect to a communication network.

  Further, since the mobile terminal user agent 11 holds the global address issued by the mobile communication network and can perform address conversion with the private address assigned to the mobile terminal 30, the mobile terminal 30 60 and communication with other terminals (such as the fixed terminal 40) under the extended HGW 10 can be performed using the same private address.

  Furthermore, the mobile terminal user agent 11 in the extended HGW 10 and the ePDG 30 in the extended edge device 20 are connected by the SWu interface defined in TS23.402. As a result, the reliability of the fixed communication network can be ensured as long as a certain level of security is set for WiFi.

(Second Embodiment)
In the gateway system 300 according to the second embodiment of the present invention, in addition to the configuration of the first embodiment described above, the ePDG of the extended edge device is defined in the TS23.402 standard in the AAA server provided for fixed communication. A function of connecting via the authenticated SWm interface and authenticating the fixed terminal, and a function of interposing a connection between the authenticated fixed terminal and the fixed communication through the S2b interface defined in the TS23.402 standard It was.

  In addition to the same effects as those of the first embodiment described above, this configuration can also be used to connect the mobile communication service and the fixed communication to a common interface. It becomes possible to simplify the configuration of the apparatus. Hereinafter, this will be described in more detail.

  FIG. 8 is an explanatory diagram showing the configuration of the gateway system 300 according to the second embodiment of the present invention. The gateway system 300 includes an extended HGW 310 and an extended edge device 320 that are different from those in the first embodiment. Since most of the elements other than the extended HGW 310 and the extended edge device 320 shown in FIG. 8 are the same as those of the first embodiment shown in FIG. 2, they are referred to by the same names and reference numerals.

  However, the fixed communication network 350 includes a fixed PGW 351 and a fixed AAA 352 instead of the extended HGW 310 and the extended edge device 320 instead of the gate device 51 of the first embodiment. The fixed PGW 351 has the same function as the mobile PGW 61, and the fixed AAA 352 has the same function as the mobile AAA 62. The connection destination is simply changed to the service provider 71. The connection from ePDG 321 (described later) in the extended edge device 320 to the fixed PGW 351 is the S2b interface, and the connection to the fixed AAA 352 is the SWm interface.

  FIG. 9 is an explanatory diagram showing the internal configuration of the extended HGW 310 shown in FIG. 8 in more detail. The extended HGW 310 includes many of the same elements as the extended HGW 10 of the first embodiment shown in FIG. 3, and thus the same elements are referred to by the same names and reference numbers.

  The extended HGW 310 newly includes a mobile terminal user agent 311 different from that of the first embodiment, a fixed communication network local IP processing unit 318, an IKEv2 / IPsec processing unit 319, an EAP processing unit 420, and an authentication information processing unit 421. ing. The ISP tunneling processing unit 103 in the extended HGW 10 is omitted. The mobile terminal user agent 311 includes only the same EAP relay unit 11a and mobile communication network global IP processing unit 11b as in the first embodiment.

  That is, the fixed communication network local IP processing unit 318 and the IKEv2 / IPsec processing unit 319 move the fixed communication network local IP processing unit 11d and the IKEv2 / IPsec processing unit 11c, which were included in the mobile terminal user agent 11 in the extended HGW 10, The terminal 30 and the fixed terminal 40 are commonly used for communication. The fixed communication network local IP processing unit 318 is also provided with a buffer 318a similar to that of the first embodiment.

  The authentication processing unit 421 manages information necessary for device authentication of the extended HGW 310, and performs authentication for connecting to the extended edge device 20 via the EAP processing unit 420.

  FIG. 10 is an explanatory diagram showing the internal configuration of the extended edge device 320 shown in FIG. 8 in more detail. Since the extended edge device 320 includes many of the same elements as those of the extended edge device 20 of the first embodiment shown in FIG. 4, the same elements are referred to by the same names and reference numerals. The extended edge device 320 includes an ePDG 321 different from that in the first embodiment, and the same TWAP 22, TWAG 23, and extended HGW-side Ethernet processing unit 201 as in the first embodiment.

  The ePDG 321 includes the same fixed communication network local IP processing unit 21a, IKEv2 / IPsec processing unit 21b, and EAP relay unit 21c as in the first embodiment, but the connection with the extended HGW 310 is unified to the SWu interface. EPDG 321 terminates all of the connections. That is, the ePDG 321 selects an interface addressed to either the mobile AAA 62 and the mobile PGW 61 in the mobile communication network or the fixed AAA 352 and the fixed PGW 351 in the fixed communication network according to the destination of the packet, and transfers the communication.

  For the fixed AAA 352, the SWm interface processing unit 325a, the IP processing unit 325b, and the Ethernet processing unit 325c transfer the EAP frame received from the EAP relay unit 21c of the ePDG 321 via the SWm interface.

  For the fixed PGW 351, the S2b interface processing unit 324a, the IP processing unit 324b, and the Ethernet processing unit 324c transfer the IP packet received from the IKEv2 / IPsec processing unit 21b in the ePDG 30 via the S2b interface. .

  The operation when the mobile terminal 30 connects to the mobile communication service 60 via the extended HGW 310 in the gateway system 300 shown in FIG. 8 is the same as that in the first embodiment shown in FIGS. . The operation when the mobile terminal 30 connects to the Internet 70 will be described later.

  FIGS. 11 to 12 are flowcharts showing operations when the fixed terminal 40 connects to the Internet 70 via the extended HGW 310 in the gateway system 300 shown in FIG. FIGS. 11 to 12 show a series of operations divided into two sheets due to space limitations.

  When the power is turned on (step S201), the extended HGW 310 acquires a local IP address from the fixed communication network 350 and stores it in the buffer 11e (step S202). The acquisition of the local IP address is performed by a general method such as DHCP or ICMP (Internet Control Message Protocol).

  The IKE_SA_INIT procedure is performed between the extended HGW 310 and the extended edge device 320 by the IKEv2 protocol using the local IP address (step S203). Thereafter, the extended HGW 310 transmits IKE_AUTH Request to the extended edge device 320 as an authentication procedure for connecting to the service provider 71 via the fixed communication network 350 (step S204).

  In response to this, the extended edge device 320 transmits a Diameter EAP Request to the fixed AAA 352 via the SWm interface (Step S205), and an EAP-Request included in the Diameter EAP Answer (Step S206) returned from the fixed AAA 352. Is replaced with IKE_AUTH Response and transmitted to the extended HGW 310 (step S207).

  The extended HGW 310 processes the EAP-Request received from the extended edge device 320, and transmits the EAP-Response including necessary authentication information on the IKE_Auth Request to the extended edge device 320 (step S208).

  In response to this, the extended edge device 320 retransmits the EAP-Response to the fixed AAA 352 and transmits an Authentication & Authorization Request (step S209), and confirms the authentication information to the fixed AAA 352.

  Thus far, the authentication of the extended HGW 310 in the fixed communication network 350 is completed. Depending on the method for authenticating the extended HGW 310, the required EAP frame exchange procedure may be further increased from steps S206 to S209.

  The fixed AAA 352 returns an Authentication & Authorization Answer including EAP-Success that means authentication completion to the extended edge device 320 (step S210), and the extended edge device 320 replaces the EAP-Success with IKE_AUTH Response and transmits it to the extended HGW 310 ( Step S211).

  The extended HGW 310 transmits an IKE_Auth Request for communication with the service provider 71 (step S212), and the extended edge device 320 transmits a Create Session Request to the fixed PGW 351 via the S2b interface (step S213).

  The extended edge device 320 replaces the ISP global IP address included in the Create Session Response (step S214) returned from the fixed PGW 351 with the IKE_AUTH Response and transmits it to the extended HGW 310 (step S215).

  Through the processing so far, the extended HGW 310 can communicate through the IPsec tunnel and the GTP tunnel (S2b) using the ISP global IP address (step S216).

  When the fixed terminal 40 tries to connect to the extended HGW 310 from this state (step S217), the fixed terminal 40 performs the DHCP Discover (step S218), the DHCP Offer (step S219), the DHCP Request (step S220), and the DHCP Ack (step S217). S221) is continuously transmitted, thereby obtaining a private IP address from the extended HGW 310 (step S222).

  With this processing, the fixed terminal 40 can perform communication such as HTTP Request with the service provider 71 via the GTP tunnel (S2b) in the fixed communication network 350 and the corresponding IPsec tunnel (step S223).

  At this time, the extended HGW 310 performs processing for converting the source address such as HTTP Request from the private IP address of the fixed terminal 40 to its own ISP global IP address.

  FIG. 13 is a flowchart showing an operation when the mobile terminal 30 connects to the mobile communication service 60 or the Internet 70 via the extended HGW 310 in the gateway system 300 shown in FIG. When the mobile terminal 30 performs communication such as HTTP Request (step S301), the extended HGW 310 has the destination IP address used by the mobile communication service 60 or the destination port number set by the mobile communication service 60. It is determined whether the service to be provided (parental control or the like) is a target (step S302).

  If the result of this determination processing is mobile communication service access, the extended HGW 310 assigns a source address such as HTTP Request from the private IP address of the mobile terminal 30 to the mobile terminal 30 assigned to the mobile terminal 30 itself. A process of converting to a network global IP address is performed, and it is distributed and transferred to an IPsec tunnel corresponding to the GTP tunnel (S2a) (step S303).

  If the result of this determination processing is not mobile communication service access, the extended HGW 310 performs processing to convert the source address such as HTTP Request from the private IP address of the mobile terminal 30 to its own ISP global IP address, It sorts and transfers to an ISP communication tunnel (step S304).

  If the destination of the HTTP request by the mobile terminal 30 is a private network under the same extended HGW 310 as that of itself, this determination processing is not performed, but based on the MAC address table possessed by the private IP processing unit in the extended HGW 310 Transfer is performed.

  As described above, in this embodiment, the connection with the mobile communication service and the fixed communication is a common interface (Swu interface and S2b interface). As a result, the configuration of the extended HGW 310 is simplified and the processing of the extended edge device 320 is shared.

  In addition, it is possible to perform device authentication of the extended HGW 310 on the service provider 71 side (by the fixed PGW 351 and the fixed AAA 352). Therefore, even if there is a change in access line or a change in accommodation of the extended edge device due to a user's move, it is possible to easily authenticate the device and continue the same service. By this authentication, the reliability necessary for connecting the mobile terminal 30 to the mobile communication service 60 via the S2a interface is continuously ensured.

  The present invention has been described with reference to the specific embodiments shown in the drawings. However, the present invention is not limited to the embodiments shown in the drawings, and any known hitherto provided that the effects of the present invention are achieved. Even if it is a structure, it is employable.

  Regarding the embodiment described above, the main points of the new technical contents are summarized as follows. In addition, although part or all of the said embodiment is summarized as follows as a novel technique, this invention is not necessarily limited to this.

(Appendix 1) A gateway system comprising an extended home gateway that can connect a mobile terminal and a fixed terminal, and an extended edge device that interposes fixed communication between the extended home gateway and the Internet,
An ePDG (evolved Packet) that allows the extended edge device to transfer data by connecting to the mobile communication service to which the mobile terminal belongs via the S2a interface defined by the 3GPP TS23.402 standard. Data Gateway)
The extended home gateway is connected to the mobile terminal on the subscriber side by Wi-Fi, and is connected to the ePDG on the station side via the SWu interface defined in the TS23.402 standard. A gateway system comprising a mobile terminal user agent that intervenes a connection between the mobile terminal and the mobile communication service.

(Supplementary Note 2) The extended home gateway includes a private DHCP unit that issues a private IP address used between the mobile terminal and the fixed terminal.
The mobile terminal user agent includes a fixed communication network local IP processing unit that converts between a global IP address issued by the mobile communication service and the private IP address. The gateway system according to 1.

(Supplementary Note 3) The extended home gateway determines whether the destination of the IP packet transmitted from the mobile terminal is addressed to the mobile communication service, and determines the IP packet addressed to the mobile communication service as the IP packet. The gateway system according to appendix 1, further comprising a distribution processing unit that transmits to the mobile terminal user agent.

(Supplementary Note 4) In the ePDG of the extended edge device,
TWAP (Trusted WLAN AAA Proxy) that connects to the AAA server provided in the mobile communication service via the STa interface defined in the TS23.402 standard and authenticates the mobile terminal by EAP (Extensible Authentication Protocol);
The gateway system according to claim 1, further comprising a TWAG (Trusted WLAN Access Gateway) that intervenes a connection through the S2a interface between the authenticated mobile terminal and the mobile communication service. .

(Supplementary Note 5) The ePDG of the extended edge device is:
A function of connecting to the AAA server provided for the fixed communication via the SWm interface defined in the TS23.402 standard to authenticate the fixed terminal;
The gateway system according to supplementary note 1, comprising a function of interposing a connection between the authenticated fixed terminal and the fixed communication through the S2b interface defined in the TS23.402 standard.

(Appendix 6) An extended home gateway that can connect a mobile terminal and a fixed terminal,
Connected via the S2a interface defined by the 3GPP TS23.402 standard, which is an international standard, through fixed communication between the extended home gateway and the Internet and to the mobile communication service to which the mobile terminal belongs Connected to an extended edge device equipped with ePDG (evolved Packet Data Gateway) capable of transferring data,
Connected to the mobile terminal on the subscriber side by WiFi (Wi-Fi) and connected to the ePDG on the station side via the SWu interface defined in the TS23.402 standard. An extended home gateway comprising a mobile terminal user agent that mediates a connection between a terminal and the mobile communication service.

(Supplementary Note 7) A private DHCP unit that issues a private IP address used between the mobile terminal and the fixed terminal is provided.
Appendix 6 characterized in that the mobile terminal user agent includes a fixed communication network local IP processing unit that mutually converts between a global IP address issued by the mobile communication service and the private IP address. Extended home gateway as described in

(Additional remark 8) It is determined whether the destination of the IP packet transmitted from the mobile terminal is addressed to the mobile communication service, and the IP packet addressed to the mobile communication service is transmitted to the mobile terminal user agent. The extended home gateway according to appendix 6, further comprising a distribution processing unit that performs the distribution processing.

(Supplementary Note 9) An extended edge device that interposes fixed communication between an extended home gateway capable of connecting a mobile terminal and a fixed terminal and the Internet,
An ePDG (evolved Packet Data Gateway) that can be connected to the mobile communication service to which the mobile terminal belongs via the S2a interface defined in the 3GPP TS23.402 standard, which is an international standard;
In the ePDG,
TWAP (Trusted WLAN AAA Proxy) that connects to the AAA server provided in the mobile communication service via the STa interface defined in the TS23.402 standard and authenticates the mobile terminal by EAP (Extensible Authentication Protocol);
An extended edge device, characterized in that a TWAG (Trusted WLAN Access Gateway) that intervenes a connection through the S2a interface between the authenticated mobile terminal and the mobile communication service is provided.

(Supplementary Note 10) The ePDG is
A function of connecting to the AAA server provided for the fixed communication via the SWm interface defined in the TS23.402 standard to authenticate the fixed terminal;
The extended edge device according to appendix 9, further comprising a function of interposing a connection between the authenticated fixed terminal and the fixed communication through the S2b interface defined in the TS23.402 standard.

(Additional remark 11) In the gateway system provided with the extended home gateway which can connect a mobile terminal and a fixed terminal, and the extended edge apparatus which interposes the fixed communication between the said extended home gateway and the internet,
The mobile terminal user agent of the extended home gateway connects to the mobile terminal on the subscriber side by WiFi (Wi-Fi),
The mobile terminal user agent of the extended home gateway connects to the extended edge device on the station side via the SWu interface defined in the 3GPP TS23.402 standard that is an international standard.
An ePDG (evolved Packet Data Gateway) of the extended edge device connects to a mobile communication service to which the mobile terminal belongs via an S2a interface defined in the TS23.402 standard. Connection method.

(Supplementary Note 12) After the extended edge device connects to the mobile communication service, the private DHCP unit of the extended home gateway issues a private IP address used between the mobile terminal and the fixed terminal And
Supplementary note 11 wherein the fixed communication network local IP processing unit of the mobile terminal user agent mutually converts between a global IP address issued by the mobile communication service and the private IP address. Mobile terminal connection method.

(Supplementary Note 13) When the mobile terminal user agent of the extended home gateway connects to the extended edge device, a TWAP (Trusted) attached to the ePDG on an AAA server provided for the mobile communication service WLAN AAA Proxy) connects via the STa interface defined by the TS23.402 standard, authenticates the mobile terminal by EAP (Extensible Authentication Protocol), and only when authenticated is between the extended edge device. The mobile terminal connection method according to supplementary note 11, characterized by connecting.

(Supplementary Note 14) A gateway system comprising: an extended home gateway that can connect a mobile terminal and a fixed terminal; and an extended edge device that interposes fixed communication between the extended home gateway and the Internet,
In the processor included in the extended home gateway,
A procedure for connecting to the mobile terminal on the subscriber side by Wi-Fi;
A procedure for connecting to the extended edge device on the station side via the SWu interface defined in the 3GPP TS23.402 standard that is an international standard;
Issuing a private IP address used between the mobile terminal and the fixed terminal;
And a mobile terminal connection program for executing a procedure for mutually converting between a global IP address issued by the mobile communication service and the private IP address.

  INDUSTRIAL APPLICABILITY The present invention can be used for Internet connection using a home gateway and WiFi, and is particularly effective in smartphone off-loading as described above.

1, 100, 300 Gateway system 2, 10, 310 Extended home gateway (extended HGW)
2a, 11, 311 Mobile terminal user agent 3, 20, 320 Extended edge device 3a, 21, 321 ePDG
4, 30 Mobile terminal 5, 40 Fixed terminal 6, 60 Mobile communication service 7, 70 Internet 11a, 21c EAP relay unit 11b Mobile communication network global IP processing unit 11c, 21b, 319 IKEv2 / IPsec processing unit 11d, 21a, 318 Fixed communication network local IP processing unit 11e, 318a Buffer 12 802.1X processing unit 13 Private IP processing unit 14 Private DHCP unit 15 Distribution processing unit 16 Global IP address processing unit 17 WAN side Ethernet processing unit 22 TWAP
22a, 23a STa interface processing unit 22b, 23b, 324b, 325b IP processing unit 22c, 23c, 324c, 325c Ethernet processing unit 23 TWAG
50 Fixed communication network 51 Gate device 61 Mobile PGW
62 Moving AAA
71 Service Provider 101 WiFi Processing Unit 102 LAN Side Ethernet Processing Unit 103 ISP Tunneling Processing Unit 201 Extended HGW Side Ethernet Processing Unit 202 ISP Communication Tunnel Processing Unit 203 Gate Device Side Ethernet Processing Unit 325a SWm Interface Processing Unit 351 Fixed PGW
352 Fixed AAA
420 EAP processing unit 421 Authentication information processing unit

Claims (10)

A gateway system comprising: an extended home gateway that can connect a mobile terminal and a fixed terminal; and an extended edge device that interposes fixed communication between the extended home gateway and the Internet,
An ePDG (evolved Packet) that allows the extended edge device to transfer data by connecting to the mobile communication service to which the mobile terminal belongs via the S2a interface defined by the 3GPP TS23.402 standard. Data Gateway)
The extended home gateway is connected to the mobile terminal on the subscriber side by Wi-Fi, and is connected to the ePDG on the station side via the SWu interface defined in the TS23.402 standard. A gateway system comprising a mobile terminal user agent that intervenes a connection between the mobile terminal and the mobile communication service. The extended home gateway includes a private DHCP unit that issues a private IP address used between the mobile terminal and the fixed terminal,
The mobile terminal user agent includes a fixed communication network local IP processing unit that converts between a global IP address issued by the mobile communication service and the private IP address. The gateway system according to 1.   The extended home gateway determines whether the destination of the IP packet transmitted from the mobile terminal is addressed to the mobile communication service, and determines the IP packet addressed to the mobile communication service as the mobile terminal user agent The gateway system according to claim 1, further comprising a distribution processing unit that transmits to the network. In the ePDG of the extended edge device,
TWAP (Trusted WLAN AAA Proxy) that connects to the AAA server provided in the mobile communication service via the STa interface defined in the TS23.402 standard and authenticates the mobile terminal by EAP (Extensible Authentication Protocol);
2. The gateway according to claim 1, further comprising a TWAG (Trusted WLAN Access Gateway) that interposes a connection through the S2a interface between the authenticated mobile terminal and the mobile communication service. system. An extended home gateway that can connect a mobile terminal and a fixed terminal,
Connected via the S2a interface defined by the 3GPP TS23.402 standard, which is an international standard, through fixed communication between the extended home gateway and the Internet and to the mobile communication service to which the mobile terminal belongs Connected to an extended edge device equipped with ePDG (evolved Packet Data Gateway) capable of transferring data,
Connected to the mobile terminal on the subscriber side by WiFi (Wi-Fi) and connected to the ePDG on the station side via the SWu interface defined in the TS23.402 standard. An extended home gateway comprising a mobile terminal user agent that mediates a connection between a terminal and the mobile communication service. A private DHCP unit for issuing a private IP address used between the mobile terminal and the fixed terminal;
The mobile terminal user agent includes a fixed communication network local IP processing unit that converts between a global IP address issued by the mobile communication service and the private IP address. 5. The extended home gateway according to 5. An extended edge device that interposes fixed communication between an extended home gateway capable of connecting a mobile terminal and a fixed terminal and the Internet,
An ePDG (evolved Packet Data Gateway) capable of transferring data by connecting to the mobile communication service to which the mobile terminal belongs via the S2a interface defined in the 3GPP TS23.402 standard, which is an international standard;
In the ePDG,
TWAP (Trusted WLAN AAA Proxy) that connects to the AAA server provided in the mobile communication service via the STa interface defined in the TS23.402 standard and authenticates the mobile terminal by EAP (Extensible Authentication Protocol);
An extended edge device, characterized in that a TWAG (Trusted WLAN Access Gateway) that intervenes a connection through the S2a interface between the authenticated mobile terminal and the mobile communication service is provided. In a gateway system comprising an extended home gateway that can connect a mobile terminal and a fixed terminal, and an extended edge device that interposes fixed communication between the extended home gateway and the Internet,
The mobile terminal user agent of the extended home gateway connects to the mobile terminal on the subscriber side by WiFi (Wi-Fi),
The mobile terminal user agent of the extended home gateway connects to the extended edge device on the station side via the SWu interface defined in the 3GPP TS23.402 standard that is an international standard.
An ePDG (evolved Packet Data Gateway) of the extended edge device connects to a mobile communication service to which the mobile terminal belongs via an S2a interface defined in the TS23.402 standard. Connection method. After the extended edge device connects with the mobile communication service, a private DHCP unit of the extended home gateway issues a private IP address used between the mobile terminal and the fixed terminal,
9. The fixed communication network local IP processing unit of the mobile terminal user agent mutually converts between a global IP address issued by the mobile communication service and the private IP address. The mobile terminal connection method as described. An extended home gateway capable of connecting a mobile terminal and a fixed terminal, and an extended edge device that interposes fixed communication between the extended home gateway and the Internet, and the ePDG (evolved Packet Data Gateway) of the extended edge device includes : A gateway system for connecting to a mobile communication service to which the mobile terminal belongs via an S2a interface defined in the 3GPP TS23.402 standard that is an international standard ,
In the processor included in the extended home gateway,
A procedure for connecting to the mobile terminal on the subscriber side by Wi-Fi;
To connect via SWu interface was defined by the 3GPP TS23.402 specification between the extended edge device of the station side,
A procedure for issuing a private IP address used between the mobile terminal and the fixed terminal after the extended edge device is connected to the mobile communication service ;
And a mobile terminal connection program for executing a procedure for mutually converting between a global IP address issued by the mobile communication service and the private IP address.

Images