CN102075339A - VPN management platform, and implementation method and system for VPN service - Google Patents
VPN management platform, and implementation method and system for VPN service Download PDFInfo
- Publication number
- CN102075339A CN102075339A CN2009102235636A CN200910223563A CN102075339A CN 102075339 A CN102075339 A CN 102075339A CN 2009102235636 A CN2009102235636 A CN 2009102235636A CN 200910223563 A CN200910223563 A CN 200910223563A CN 102075339 A CN102075339 A CN 102075339A
- Authority
- CN
- China
- Prior art keywords
- vpn
- gateway
- management platform
- acs
- parameter configuration
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses an implementation method and a system for a virtual private network (VPN) service. The method comprises the following steps that: a VPN management platform receives VPN account number information from a VPN user and acquires corresponding gateway information according to the information on correspondence between the VPN account number and the gateway; the VPN management platform generates VPN parameter configuration information corresponding to the gateway and sends the VPN parameter configuration information to an auto-configuration server (ACS) management platform; the ACS management platform forwards the VPN parameter configuration information to the corresponding gateway; and the corresponding gateway receives and loads the VPN parameter configuration information. In the invention, the VPN management platform and the ACS management platform are used for collaborative operation, so that the unified management of VPN service for the enterprise gateway is realized, VPN configuration discrepancy between an end-to-end mode and a remote access mode of the enterprise gateway is eliminated, and the problems of complicated management and difficult maintenance of gateway VPN configuration are solved.
Description
Technical field
The present invention relates to Virtual Private Network (VPN, Virtual Private Network) technical field, relate in particular to the method and system that realize VPN management platform, vpn service unified management.
Background technology
Along with IT application in enterprises and rapid development of electronic commerce, the scale of enterprise is increasing, and the region is also more and more wider, and increasing branch and mobile office personnel make enterprise more and more higher to the demand of network, and rethink its WAN strategy.IP VPN has won the favor of more and more enterprises/operator owing to its fail safe, low cost, advantage such as can expand.At present, operator is just at enterprises large scale deployment enterprise gateway equipment, for enterprise provides networking and the VPN service of inserting.Enterprise gateway is set up mobile personnel VPN client by long-range access module and is connected with VPN between the enterprise gateway, for the mobile office personnel provide the telecommuting service; Set up the VPN of end-to-end pattern between the enterprise gateway of enterprise branch office, satisfied the interconnected demand of enterprise mobile working and branch.But IP VPN configuration parameter complexity, respectively the VPN of long-range access module and end-to-end pattern is configured but also need to distinguish occupation mode, seriously hindered the application of IP VPN in enterprise, especially the medium-sized and small enterprises user is short in understanding to computer, network knowledge, and the ability of maintenance is poor.
Be widely used and dispose based on the terminal management system ACS (Automatic Configuration Server) of TR069 agreement, ACS is as the management system variation of IP address of terminal on top of of various terminals, as first perception point of terminal configuration change.By ACS obtain terminal the IP address, to issue the VPN configuration parameter to terminal be fully feasible technically.
Fig. 1 illustrates the structural representation that ACS management platform in the prior art disposed and issued the system of gateway automatically.(application number is 200610109663.2 to patent application " automatic configuration system of ipsec security strategy and method in the home gateway ", the applying date is 2006.08.15, the applicant is a China Telecommunication Stock Co., Ltd, publication number is CN1905452A, is 2007.01.31 in open day) in provided the detailed description of this system.As shown in Figure 1, this system 100 provides device id by the user, and ACS management platform 102 generates configuration and is issued to gateway 104 automatically.After user and operator sign vpn service, the ACS management platform is formulated corresponding security strategy according to operation situation and/or customer requirement, and realize by the mode of policy database or Policy Directories table, security strategy is converted into the TR069 parameter is handed down to the appointment gateway by device id, and realize the loading of security strategy, thereby reach the purpose of automatic configuration VPN parameter by gateway.
But based on the instruction of prior art, those skilled in the art know it and also have following defective:
1, generates security strategy and issuing automatically by the ACS management platform in the prior art, and be responsible for the management of vpn service, increased the complexity of ACS management platform, be unfavorable for the simple realization of systemic-function by ACS;
2, in the prior art during the whenever newly-increased end-to-end VPN node of user, all needing provides the device id sign to operator, so that the ACS management platform issues the VPN configuration parameter to respective gateway, has increased difficulty and complexity that the user opens vpn service;
3, in the prior art,, cause safety problem in case when device identification mistake that the user provides or the O﹠M personnel of operator misoperation, can cause setting up wrong VPN and connect and set up;
4, prior art does not support the parameter of the long-range access module VPN of client to dispose automatically.Because the IP address of client is unfixing, do not accept the unified management of ACS management platform again, need the user to adopt manual mode to dispose the VPN parameter of VPN client, but also need to guarantee that the client of long-range access is consistent with VPN parameter configuration between the gateway that will insert, increased the configuration difficulty of long-range access client.Simultaneously, if gateway does not possess fixed ip address, do not have binding domain name again, client can't be set up VPN with this gateway and be connected.
Summary of the invention
The technical problem that the present invention will solve provides a kind of unified method and system that insert of vpn service that realize, need not user's h.323-configured gateway parameter, user-friendly, maintenance and management.
Another technical problem that the present invention will solve provides a kind of VPN management platform, be responsible for the configuration management of vpn service by the VPN management platform, the ACS management platform is responsible for the conversion of agreement and the forwarding of parameter configuration, reduces the realization difficulty and the complexity of ACS management platform.
Another technical problem that the present invention will solve is to give user self with VPN connection status, VPN user's etc. management, and the user can increase and delete VPN user, be convenient to the user newly-built, remove and rebuild VPN and be connected.
Another technical problem that the present invention will solve is to solve the problem that prior art can not realize that the VPN parameter disposes automatically under the long-range access module of client.The invention provides following technical scheme:
One aspect of the present invention provides a kind of implementation method of vpn service, and this method comprises: the VPN management platform receives the VPN account information from VPN user, obtains corresponding gateway information according to the VPN number of the account of storage and the corresponding informance of gateway; The VPN management platform generates the VPN parameter configuration of corresponding gateway, and the VPN parameter configuration is sent to the ACS management platform; The ACS management platform is transmitted to corresponding gateway with the VPN parameter configuration; Corresponding gateway receives and loads the VPN parameter configuration.
Among the embodiment of the implementation method of vpn service provided by the invention, when VPN user was the VPN client, VPN user's corresponding gateway information was the accessing gateway information of VPN client; The VPN management platform generates the VPN parameter configuration of long-range access module, and this method also comprises: the VPN management platform sends to the VPN client with the VPN parameter configuration of VPN client; The VPN client is connected with the VPN that IAD is set up long-range access module.
Among the embodiment of the implementation method of vpn service provided by the invention, when VPN user was gateway, the gateway information of VPN user's correspondence was for to set up the end-to-end opposite end gateway information that is connected with gateway; This method also comprises: the VPN management platform sends to the opposite end gateway with the parameter configuration of gateway by ACS; Gateway is set up end-to-end VPN with the opposite end gateway and is connected.
Among the embodiment of the implementation method of vpn service provided by the invention, this method also comprises: after setting up the VPN connection of long-range access module, and after the VPN client ip address changes, the VPN account information that the VPN client resends to the VPN management platform; Wherein the VPN account information comprises: domain name, username and password.
Among the embodiment of the implementation method of vpn service provided by the invention, this method also comprises: when gateway is reached the standard grade, device id, place domain name, the username and password of gateway is transmitted to the VPN management platform by the ACS management platform; The VPN management platform to gateway authentication by after device id, domain name and user name are bound, and the state of gateway is updated to the VPN login state.
Among the embodiment of the implementation method of vpn service provided by the invention, this method comprises that also when the IP address of gateway changes, gateway will send the IP change notification to the ACS management platform; The ACS management platform is revised the binding relationship of " device id " and " IP address " of gateway, simultaneously by ACS management platform notice VPN management platform; The VPN management platform is checked out affected gateway and VPN client in the same VPN territory, directly issues new VPN configuration parameter to the VPN client, and issue new VPN configuration parameter by the ACS management platform again to affected gateway.
Another aspect of the present invention provides a kind of realization system of vpn service, and this system comprises: the VPN management platform, be used to receive VPN account information from VPN user, and obtain corresponding gateway information according to the VPN number of the account of storage and the corresponding informance of gateway; Generate the VPN parameter configuration of corresponding gateway, and the VPN parameter configuration is sent to the ACS management platform; The ACS management platform is used to receive the VPN parameter configuration that sends from the VPN management platform, and the VPN parameter configuration is sent to corresponding gateway; Corresponding gateway is used to receive the VPN parameter configuration that the ACS management platform is transmitted, and loads the VPN parameter configuration.
Among the embodiment of the realization system of vpn service provided by the invention, the VPN management platform also is used to VPN user that VPN account management interface is provided, the query interface of current VPN connection status is provided to VPN user, and newly-built, remove or rebuild the interface that VPN connects, check request to ACS management platform transmit status, and the VPN connection status that receives the current gateway that the ACS management platform returns; Send VPN to the ACS management platform and connect maintenance request, the VPN connection of gateway is safeguarded; The state that the ACS management platform also is used to receive from the VPN management platform is checked request, and is transmitted to gateway; Receive the VPN connection status that gateway reports, and be transmitted to the VPN management platform; Reception connects maintenance request from the VPN of VPN management platform, and is transmitted to gateway; Receive the VPN state information that gateway reports, and be transmitted to the VPN management platform; Gateway also is used to receive the state that the ACS management platform transmits and checks request, and returns the VPN connection status of current gateway to the ACS management platform; Receive that VPN that the ACS management platform transmits connects maintenance request so that the VPN of gateway connected safeguard, and return to the ACS management platform and to safeguard the result.
Another aspect of the present invention provides a kind of VPN management platform, and this VPN management platform comprises: VPN configuration parameter transceiver module, be used to receive VPN account information from VPN user, and the VPN account is sent to the VPN parameter configuration module; Reception sends to the ACS management platform from the VPN parameter configuration of VPN parameter configuration module with the VPN parameter configuration; The VPN account management module, the VPN number of the account that is used to store and the corresponding informance of gateway; The VPN parameter configuration module, be used to receive the VPN account information, obtain corresponding gateway information according to the VPN number of the account of VPN account management module storage and the corresponding informance of gateway, generate the VPN parameter configuration of corresponding gateway, the VPN parameter configuration is sent to VPN configuration parameter transceiver module.
Among the embodiment of VPN management platform provided by the invention, the VPN management platform also comprises: the VPN state is checked and maintenance module, be used for providing query interface to VPN user, send the VPN status query request to VPN configuration parameter transceiver module, the VPN user's that reception ACS management platform is returned VPN connection status, obtain current VPN connection status, and to VPN configuration parameter transceiver module send newly-built, remove or rebuild the VPN connection requests, so that VPN user is newly-built with corresponding gateway, remove or reconstruction VPN connection.
Among the embodiment of VPN management platform provided by the invention, the VPN account management module also is used to the VPN account number that VPN account management interface is provided, and VPN user is the unit creation territory with the enterprise, and creates a plurality of user names in same territory; Wherein, the combination of territory and user name sign VPN account number.
The invention provides the implementation method and the system of a kind of VPN management platform, vpn service, the user only need dispose domain name, user name, password, and by the automatic configuration of VPN management platform realization to VPN user; Enterprise operation and attendant do not need to provide the IP address of terminal or device identification, complicated VPN configuration parameter can finish the configuration of the long-range access module of enterprise gateway, end-to-end pattern VPN yet, can check the state that VPN connects by remote live simultaneously, promote the application of VPN technologies in medium-sized and small enterprises.
Description of drawings
Fig. 1 illustrates the structural representation that ACS management platform in the prior art disposed and issued the system of gateway automatically;
Fig. 2 illustrates the structural representation of an embodiment of the realization system of the vpn service according to the present invention;
Fig. 3 illustrates the schematic flow sheet of an embodiment of the implementation method of vpn service of the present invention;
Fig. 4 illustrates the structural representation of the embodiment of VPN management platform according to the present invention;
Fig. 5 illustrates the structural representation of an embodiment of the realization system of the vpn service according to the present invention;
Fig. 6 illustrates the structural representation of an embodiment of the realization system of the vpn service according to the present invention;
Fig. 7 illustrates the structural representation of an embodiment of the realization system of the vpn service according to the present invention;
Fig. 8 shows the schematic flow sheet of the embodiment that gateway in the implementation method of the vpn service according to the present invention is registered to the VPN management platform;
Fig. 9 shows that VPN management platform in the implementation method of the vpn service according to the present invention sends the schematic flow sheet of an embodiment of VPN parameter configuration to gateway;
Figure 10 illustrates in the implementation method of the vpn service according to the present invention the VPN client to the flow chart of an embodiment of the long-range access of VPN management platform.
Embodiment
With reference to the accompanying drawings the present invention is described more fully, the various embodiment that the present invention is exemplary are described.
Fig. 2 illustrates the structural representation of an embodiment of the realization system of the vpn service according to the present invention.
As shown in Figure 2, the realization system 200 of vpn service mainly comprises: VPN management platform 202, ACS management platform 204 and VPN user (gateway 206 or VPN client 208 as shown), VPN user can be VPN client or the gateways that enterprise or family use.
Wherein, VPN management platform 202 is used to receive the VPN account information from VPN user, obtains corresponding gateway information according to the VPN number of the account of its storage and the corresponding informance of gateway; Generate the VPN parameter configuration of corresponding gateway, and the VPN parameter configuration is sent to ACS management platform 204.The VPN account information comprises in the embodiments of the invention: domain name, username and password.
ACS management platform 204 is used to receive the VPN parameter configuration that sends from VPN management platform 202, and the VPN parameter configuration is sent to corresponding gateway.Among the present invention, the object that the VPN management platform can connect according to customer requirements generates the VPN parameter configuration of corresponding gateway according to VPN parameter configuration template (as the parameter configuration with predetermined formatization that generates according to information such as gateway or client domain name, device id, user names).
Gateway is used to receive the VPN parameter configuration that ACS management platform 204 is transmitted, and loads the VPN parameter configuration, thereby realizes that setting up VPN with VPN user is connected.
Among the embodiment of the realization system of vpn service provided by the invention, VPN management platform 202 also is used to VPN user that VPN account management interface is provided, the query interface of current VPN connection status is provided to VPN user, and newly-built, remove or rebuild the interface that VPN connects, check request to ACS management platform transmit status, and the VPN connection status that receives the current gateway that the ACS management platform returns; Send VPN to the ACS management platform and connect maintenance request, the VPN connection of gateway is safeguarded.Specifically, VPN management platform 202 provides VPN account management interface for operator and/or user, the user can be territory of unit creation with the enterprise by VPN account management interface, in each territory, can create a plurality of users' information such as user name, and identify a VPN account by the combination in " territory " and " user name "; This VPN account can a corresponding gateway or the VPN client of a long-range access.In the present invention, the VPN management platform is responsible for setting up the VPN account number, the binding relationship of the device id of gateway and IP address; When the VPN that will set up long-range access module connects, the VPN account of the gateway correspondence that will insert be searched and be specified to VPN management platform 202 need for the user of the VPN client of long-range access.VPN management platform 202 also is used for the object that connects according to customer requirements, generates the VPN parameter configuration with configuration of enterprise gateway and VPN client according to VPN parameter configuration template (as the parameter configuration with predetermined formatization that generates according to information such as gateway or client domain name, device id, user names); Provide the query interface of current VPN connection status to the user, and newly-built, remove or rebuild the interface that VPN connects and make attended operation with current VPN is connected so that check the current VPN connection status of gateway.
Among the embodiment of the realization system of vpn service provided by the invention, the state that ACS management platform 204 also is used to receive from the VPN management platform is checked request, and is transmitted to gateway; Receive the VPN connection status that gateway reports, and be transmitted to the VPN management platform; Reception connects maintenance request from the VPN of VPN management platform, and is transmitted to gateway; Receive the VPN state information that gateway reports, and be transmitted to the VPN management platform.Realize between ACS management platform 204 and VPN management platform 202 and the gateway exchanging visits, the main management of being responsible for gateway is used to receive the log-on message that enterprise gateway sends, and transmits log-on message to the VPN management platform; Reception converts this VPN parameter configuration to TR069 agreement (CPE wide area network management agreement, widely used RPC method based on SOAP in Web service of new generation from the VPN parameter configuration of VPN management platform 202; For subscriber equipment, the TR069 agreement mainly realizes the function of following four aspects: subscriber equipment is configuration and dynamic business configuration automatically; Management to the software and the firmware of subscriber equipment; State and performance to subscriber equipment are monitored; Diagnosis to communication failure), be forwarded to again and specify gateway so that the VPN relevant parameter of new gateway more; Be responsible for receiving the VPN state information that gateway reports simultaneously, and state information from gateway to VPN management platform 202 that transmit.
Among the embodiment of the realization system of vpn service provided by the invention, gateway also is used to receive the state that the ACS management platform transmits and checks request, and returns the VPN connection status of current gateway to the ACS management platform; Receive that VPN that the ACS management platform transmits connects maintenance request so that the VPN of gateway connected safeguard, and return to the ACS management platform and to safeguard the result.Gateway can be home gateway or an enterprise gateway of supporting the TR069 agreement among the present invention, be mainly used in by ACS management platform 204 and send registration message (account of gateway) to the VPN management platform, this log-on message comprises: gateway device ID, (enterprise) domain name and user name also can comprise the log-in password of user name correspondence.202 pairs of gateways that send registration message of VPN management platform authenticate, and after authentication, VPN management platform 202 is carried out bindings with device id, domain name and the user name of this gateway, wherein " domain name+user name " corresponding gateway.The VPN parameter configuration that gateway receives from VPN management platform 202 by ACS management platform 204 is to upgrade the VPN relevant parameter of this gateway device; Reception is checked request from the state of VPN management platform 202, feeds back the current VPN connection status of gateways by ACS management platform 204 to VPN management platform 202; Reception connects maintenance request from the VPN of VPN management platform 202, VPN is connected safeguard, and safeguard the result to ACS management platform 204 feedbacks.
Among the embodiment of the realization system of vpn service provided by the invention, VPN user comprises the VPN client of long-range access; The VPN client can increase following function by forms such as software or firmwares on the basis of general VPN client: can accept the VPN configuration parameter from the VPN management platform, and dispose according to the VPN of parameter modification client; Can directly submit enterprise domain name, user name and password to by the software that the VPN client provides to the VPN management platform; And the VPN client is regularly obtained configuration parameter and loading from the VPN management platform.When the VPN of long-range access client inserts the system 200 that realizes the unified access of vpn service, submit log-on message (as submitting log-on messages such as enterprise domain name, user name and password to the VPN management platform) to VPN management platform 202 by connection interface, VPN management platform 202 is handed down to the VPN client with the VPN relevant parameter after finishing authentification of user.After VPN management platform 202 received the log-on message of VPN client, finding needed remote access gateway; VPN management platform 202 generates the VPN parameter configuration of gateway, and the VPN parameter configuration is sent to ACS management platform 204; ACS management platform 204 is transmitted to gateway with the VPN parameter configuration; Gateway receives and also to load the VPN parameter configuration, and is connected with VPN that the VPN client is set up long-range access module.Thereby realize that client is connected with specifying the VPN between the gateway.
Among the embodiment of the realization system of vpn service provided by the invention, when gateway is reached the standard grade, accounts such as the device id of gateway, place domain name, username and password are transmitted to the VPN management platform by the ACS management platform register; The VPN management platform to gateway authentication by after device id, domain name and user name are bound, and the state of gateway is updated to the VPN login state.
Among the embodiment of the realization system of vpn service provided by the invention, when gateway was restarted at every turn or the IP address changes, gateway sent log-on message via ACS management platform 204 to VPN management platform 202; When VPN management platform 202 finds that the IP of gateways changes, can reconfigure the VPN parameter of affected gateway in the territory that VPN connects or client.Specifically, the VPN connection for end-to-end pattern when the IP address of gateway changes, can have influence on the VPN parameter configuration of opposite end gateway; VPN for long-range access module connects, and when the IP address of gateway changes, can have influence on the VPN parameter configuration of the client of long-range access.The ACS management platform is safeguarded the device id of gateway and the binding relationship of IP address, when gateway ip address changes, gateway can be with change notification ACS management platform, and then revise the binding relationship of " device id " and " IP address " of gateway by the ACS management platform, notify the VPN management platform by the ACS management platform simultaneously; The VPN management platform can be checked out affected gateway and VPN client in the same VPN territory, directly issues new configuration parameter to the VPN client, and issue configuration parameter by the ACS management platform again to affected gateway.
Among the embodiment of the realization system of vpn service provided by the invention, VPN management platform 202 can adopt the gateway management system of the standard of supporting the TR069 agreement, and the account management function that increases in this gateway management system, VPN parameter configuration function, the VPN state is checked and function such as maintenance module.
Among the embodiment of the realization system of vpn service provided by the invention, ACS management platform 204 can adopt the terminal management system of the standard of supporting the TR069 agreement, and needs to increase VPN parameter forwarding capability functions of modules in this terminal management system.
Among the embodiment of the realization system of vpn service provided by the invention, gateway can be home gateway or an enterprise gateway of supporting the TR069 agreement, and in this gateway, increase the function that sends the VPN log-on messages to VPN management platform 202, and obtain the VPN parameter configuration and to functions such as VPN management platform 202 feedback configuration object informations from ACS management platform 204 by the TR069 agreement.
Among the embodiment of the realization system of vpn service provided by the invention, the VPN client can be to support the VPN client of long-range access module, the function that has parameters such as regularly reporting log-on message to the VPN management platform and load the VPN parameter configuration.
The realization system of vpn service provided by the invention, the corresponding software installation kit of the client software of in the VPN client, packing into, can be installed on user's the PC or on other terminal equipment, the user just can long-rangely be linked on the gateway of appointment by input enterprise domain name, user name and password, realizes by VPN remote access.Insert client software with general remote and compare, the unified system that inserts of realization vpn service provided by the invention does not need manually to dispose complicated VPN configuration parameter, generates the VPN configuration parameter automatically by VPN management platform parameter configuration template; The management of VPN management platform can be accepted, the state that VPN connects can be checked by the VPN management platform; When the IP address of gateway changed, the VPN management platform can proactive notification VPN client be revised corresponding configuration parameters.
Fig. 3 illustrates the schematic flow sheet of an embodiment of the implementation method of vpn service of the present invention.
As shown in Figure 3, in the flow process 300 of the implementation method of vpn service, step 302, VPN user sends the VPN account information to the VPN management platform.For example, VPN user can be VPN client or the gateway that enterprise or family use among the present invention, and the VPN account information comprises: domain name, username and password.
The implementation method of vpn service provided by the invention and system, set up the VPN management platform, adopt VPN management platform and the collaborative work of ACS management platform, realize unified management, eliminated the otherness of end-to-end pattern of gateway and long-range access module VPN configuration the gateway vpn service.
Fig. 4 illustrates the structural representation of the embodiment of VPN management platform according to the present invention.
As shown in Figure 4, VPN management platform 400 mainly comprises: VPN account management module 402, VPN parameter configuration module 404 and VPN configuration parameter transceiver module 406.
Wherein, VPN account management module 402, the VPN number of the account that is used to store and the corresponding informance of gateway.
VPN parameter configuration module 404, be used to receive the VPN account information, obtain corresponding gateway information according to the VPN number of the account of VPN account management module 402 storages and the corresponding informance of gateway, generate the VPN parameter configuration, the VPN parameter configuration is sent to VPN configuration parameter transceiver module.
VPN configuration parameter transceiver module 406 is used for receiving the VPN account information from VPN user's (as gateway 403 or VPN client 405), and the VPN parameter configuration is sent to VPN parameter configuration module 404; Reception sends to ACS management platform 401 from the VPN parameter configuration of VPN parameter configuration module 404 with the VPN parameter configuration.
Among the embodiment of VPN management platform provided by the invention, VPN account management module 402 also is used to the VPN account number that VPN account management interface is provided, and VPN user is the unit creation territory with the enterprise, and can create a plurality of user names in same territory; Wherein, the combination of territory and user name sign VPN account number.
Among the embodiment of VPN management platform provided by the invention, VPN management platform 400 further comprises: the VPN state is checked and maintenance module 408, be used for providing query interface to VPN user, send the VPN status query request to VPN configuration parameter transceiver module, the VPN user's that reception ACS management platform 401 is returned VPN connection status, obtain current VPN connection status, and to VPN configuration parameter transceiver module send newly-built, remove or rebuild described VPN connection requests, so that VPN user is newly-built with corresponding gateway, remove or reconstruction VPN connection.
Fig. 5 illustrates the structural representation of an embodiment of the realization system of vpn service of the present invention.
As shown in Figure 5, the realization system 500 of vpn service mainly comprises the VPN client 508 of VPN management platform 502, ACS management platform 504, gateway 506 and long-range access; Wherein the VPN client 508 of ACS management platform 504, gateway 506 and long-range access can be respectively that VPN client with ACS management platform 204 shown in Figure 2, gateway and long-range access has same or analogous functional module; For for purpose of brevity, repeat no more here.
As shown in Figure 5, realize that the VPN management platform 502 in the unified system 500 that inserts of vpn service comprises that VPN account management module 5022, VPN parameter configuration module 5024, VPN state are checked and maintenance module 5026 and VPN configuration parameter transceiver module 5028.
Wherein, VPN account management module 5022, the VPN number of the account that is used to store and the corresponding informance of gateway, and provide VPN account management interface to manage VPN account for operator and/or user, the user can be the unit creation territory with the enterprise, and can create a plurality of users' information such as user name in each territory; And can identify VPN account's (as a gateway or client) by the combination in " territory " and " user name ".
VPN parameter configuration module 5024, be used to receive the VPN account information, obtain corresponding gateway information according to the VPN number of the account of VPN account management module 5022 storages and the corresponding informance of gateway, generate the VPN parameter configuration, the VPN parameter configuration is sent to VPN configuration parameter transceiver module.
The VPN state is checked and maintenance module 5026, be used for providing query interface to VPN user, send the VPN status query request to VPN configuration parameter transceiver module, the VPN user's that reception ACS management platform 504 is returned VPN connection status, obtain current VPN connection status, and to VPN configuration parameter transceiver module send newly-built, remove or rebuild described VPN connection requests, connect so that VPN user is newly-built with corresponding gateway, remove or rebuild VPN, make attended operation with current VPN is connected so that check the current VPN connection status of gateway.When VPN connects when breaking down, the VPN management platform can display alarm information, and telecom operation and attendant or enterprise administrator can land the VPN management platform and check warning information.
VPN configuration parameter transceiver module 5028 is used for receiving the VPN account information from VPN user's (as gateway 506 or VPN client 508), and the VPN parameter configuration is sent to VPN parameter configuration module 5024; Reception sends to ACS management platform 504 from the VPN parameter configuration of VPN parameter configuration module 5024 with the VPN parameter configuration; Receive the VPN state that the VPN state is checked and maintenance module 5026 sends and check request, and check request to ACS management platform 504 transmit statuss, and the VPN connection status that receives the VPN user that ACS management platform 504 returns; The VPN that reception VPN state is checked and maintenance module 5026 sends connects maintenance request, and sends VPN connection maintenance request to ACS management platform 504, and VPN user's VPN connection is safeguarded.
Fig. 6 illustrates the structural representation of an embodiment of the realization system of vpn service of the present invention.
As shown in Figure 6, the realization system 600 of vpn service mainly comprises the VPN client 608 of VPN management platform 602, ACS management platform 604, gateway 606 and long-range access; Wherein the VPN client 608 of VPN management platform 602, gateway 606 and long-range access can be respectively that VPN client 508 with VPN management platform 502 shown in Figure 5, gateway 506 and long-range access has same or analogous functional module; For for purpose of brevity, repeat no more here.
As shown in Figure 6, ACS management platform 604 in the realization system 600 of vpn service comprises VPN parameter forwarding module 6042, be used to receive the VPN account information that gateway 606 sends, and transmit this VPN account information to the VPN of VPN management platform 602 account management module 6022; The VPN parameter configuration that reception issues from the VPN parameter configuration module 6024 of VPN management platform 602, and transmit these VPN parameter configuration with the VPN relevant parameter of new gateway 606 more to gateway 606; Reception is checked request from the state that the VPN turntable is checked and maintenance module 6026 issues of VPN management platform, and is transmitted to gateway 606; Receive the VPN connection status that gateway 606 reports, and the VPN turntable that is transmitted to VPN management platform 606 is checked and maintenance module 6026; Reception connects maintenance request from the VPN that the VPN turntable is checked and maintenance module 6026 issues of VPN management platform 602, the VPN of gateway 606 is connected safeguard, and check and maintenance module 6026 returns and safeguards the result to the VPN of VPN management platform turntable; Receive the VPN state information that gateway reports, to the state of VPN management platform feedback gateway.There is not VPN parameter forwarding module in the prior art scheme in the ACS management platform.
Fig. 7 illustrates the structural representation of an embodiment of the realization system of the vpn service according to the present invention.
As shown in Figure 7, realize that the unified system 700 that inserts of vpn service mainly comprises the VPN client 708 of VPN management platform 702, ACS management platform 704, gateway 706 and long-range access; Wherein the VPN client 708 of VPN management platform 702, ACS management platform 704 and long-range access can be respectively that VPN client 608 with VPN management platform 602 shown in Figure 6, ACS management platform 604 and long-range access has same or analogous functional module; For for purpose of brevity, repeat no more here.
As shown in Figure 7, realize that the gateway 706 in the unified system 700 that inserts of vpn service comprises: gateway registration module 7062 and VPN parameter configuration module 7064.
Wherein, gateway registration module 7062 is used for the VPN log-on message to VPN management platform 702 these gateways of transmission.
VPN parameter configuration module 7064 is used for obtaining the VPN parameter configuration that VPN management platform 702 issues by the TR069 agreement from ACS management platform 704, and to VPN management platform 702 feedback configuration object informations.
The unified system that inserts of realization vpn service provided by the invention, the VPN management platform is responsible for the configuration management of vpn service, not needing to specify in the process of configuration VPN is long-range access module or end-to-end pattern VPN, realize the fusion of long-range access module and end-to-end pattern VPN, solved the allocation problem that the prior art scheme can not realize long-range access module VPN.Secondly, the VPN management platform is responsible for the configuration management of vpn service among the present invention, the ACS management platform only is responsible for the conversion of agreement and the forwarding of configuration, has reduced the complexity of ACS management platform; Give the user with VPN account's management, the user can increase and delete VPN account, is convenient to the user and safeguards that (as operations such as increase, deletion or changes) VPN connects; Also reduce simultaneously owing to the user provides the device identification of mistake or the possibility that operator's O﹠M personnel misoperation causes safety problem.
Fig. 8 shows the schematic flow sheet of an embodiment who realizes that according to the present invention gateway in the unified method that inserts of vpn service is registered to the VPN management platform.
As shown in Figure 8, step 802, gateway sends log-on message to the ACS management platform.For example, when gateway is reached the standard grade, information such as this gateway corresponding equipment ID, (enterprise) domain name, user name and/or password are reported the ACS management platform.
Step 804, the ACS management platform is transmitted to the VPN management platform with the gateway registration information that receives.ACS management platform and VPN management platform all are to support the network element device of TR09 agreement, can transmit with equipment by this agreement realization information and exchange visits.
Step 806, the VPN management platform authenticates gateway according to the log-on message of gateway.For example, after the VPN management platform received the gateway registration information of ACS management platform forwarding, the VPN management platform authenticated gateway according to the log-on message of gateway, after authentication is passed through, and execution in step 808; Otherwise, execution in step 810.
Step 808, the VPN management platform is carried out the binding of gateway registration information.The VPN management platform is by after the authentication to gateway registration information, and the VPN management platform is carried out bindings with log-on messages such as device id, enterprise domain name, user names, and to upgrade this gateway status be the VPN login state.
Step 810, if the log-on message of this gateway does not pass through the authentication of VPN management platform, the VPN management platform is refused the registration and the access of this gateway so.
VPN for end-to-end pattern connects, and when the IP address of gateway changes, can have influence on the VPN parameter configuration of opposite end gateway; VPN for long-range access module connects, and when the IP address of gateway changes, can have influence on the VPN parameter configuration of the client of long-range access.Gateway is in the embodiment that the VPN management platform is registered in the unified method that inserts of realization vpn service provided by the invention, and when gateway was restarted at every turn or the IP address changes, gateway sent log-on message via the ACS management platform to the VPN management platform; When the VPN management platform finds that the IP of gateway changes, can reconfigure the VPN parameter of affected respective gateway in the VPN territory or client.
Fig. 9 shows that VPN management platform in the implementation method of the vpn service according to the present invention sends the schematic flow sheet of an embodiment of VPN parameter configuration to gateway.
As shown in Figure 9, step 902, VPN management platform generate the VPN parameter configuration of described gateway.For example, the user selects to set up the account number that VPN connects, and the user of account correspondence succeeds in registration before being; The VPN parameter configuration module of VPN management platform generates the VPN parameter configuration of its gateway correspondence according to the user account number that will set up the VPN connection.
The VPN management platform sends among the embodiment of VPN parameter configuration to gateway in the unified method that inserts of realization vpn service provided by the invention, this method flow also comprises: operator and/or user at first create the territory by the VPN management platform, and in the territory newly-built user account.For example, the VPN account management module that the user provides by the VPN management platform is created the territory, and in the territory newly-built user account number (comprising username and password).
The VPN management platform sends among the embodiment of VPN parameter configuration to gateway in the unified method that inserts of realization vpn service provided by the invention, load the message of VPN configuration information success back at gateway to the success of VPN management platform feedback configuration, the VPN management platform will be upgraded the VPN connection state information of this gateway after receiving the feedback information of the gateway configuration success that the ACS management platform transmits.
Figure 10 illustrates in the implementation method of the vpn service according to the present invention the VPN client to the flow chart of an embodiment of the long-range access of VPN management platform.
As shown in figure 10, step 1002, the VPN client sends registration message to the VPN management platform.For example, the VPN client is initiated long-range access request to the VPN management platform, and sends the message contain log-on message to the VPN management platform, and log-on message can comprise the domain name, username and password of this client etc.
Step 1004, VPN management platform are searched the gateway that the long-range access of VPN client will connect.For example, after the VPN management platform receives the log-on message of VPN client of long-range access, find it to need information such as remote access vpn gateway, corresponding user name, device id.
Step 1006, VPN management platform generate the VPN parameter configuration template under the long-range access module, and the message that will contain VPN parameter configuration template is issued to the ACS management platform.For example, the VPN management platform generates long-range access module VPN parameter configuration template by the VPN parameter configuration module, and the message that will contain VPN parameter configuration template and device id is issued to the ACS management platform.
The message that step 1008, ACS management platform will contain the VPN parameter configuration module transforms and is handed down to the appointment gateway according to the TR09 agreement.
Step 1010, gateway receive and will contain the message of VPN parameter configuration module and load this VPN parameter configuration template, thereby this VPN client is connected with specifying the VPN that sets up long-range access module between the gateway.
Step 1012, VPN management platform generate the VPN parameter configuration template under the long-range access module and are issued to the VPN client.For example, the VPN management platform generates long-range access module VPN parameter configuration template by the VPN parameter configuration module, and the message that will contain VPN parameter configuration template directly is issued to the VPN client of long-range access.
The VPN client is in an embodiment of VPN management platform registration in the implementation method of vpn service provided by the invention, after the IP address of client changes, the VPN client reports register requirement again to the VPN management platform, thereby finishes the flow process of registration and long-range access request again.
The implementation method of vpn service provided by the invention and system, by setting up the VPN management platform, with the collaborative work of ACS management platform, realize unified management, and eliminate the otherness of end-to-end pattern of enterprise gateway and long-range access module VPN configuration the enterprise gateway vpn service.With reference to the exemplary description of aforementioned the present invention, those skilled in the art can clearly know the present invention and have the following advantages:
1, at the complexity of ACS management platform in the prior art, the problem that is unfavorable for the simple realization of systemic-function, the present invention adopts the VPN management platform to be responsible for the configuration and the management of vpn service, and the ACS management platform is responsible for that the configuration that the VPN management platform generates is converted into the TR069 agreement and is issued to appointment gateway and VPN client; Thereby simplified the complexity that the ACS management platform realizes, be user-friendly to and safeguard.
2, do not support the problem that the parameter of the long-range access module VPN of client disposes automatically at prior art, the present invention carries out the management of branch territory with VPN, can distribute a plurality of VPN accounts in the same territory; In the VPN management platform, territory and VPN account can identify a gateway or client uniquely, realize the fusion of long-range access module and end and end pattern VPN by the VPN management platform, set up end-to-end VPN between the same intradomain gateway and connect, set up long-range access VPN between pc client and the gateway and be connected.
During 3, at the whenever newly-increased end-to-end VPN node of user in the prior art, all needing provides the device id sign to operator, has increased the user and has opened the difficulty of vpn service and the problem of complexity; Give the user by the VPN management platform with VPN account's management among the present invention, the user can increase and delete VPN account, and being convenient to the user increases, deletes or change VPN connection.
In case 4, when device identification mistake that provides at user in the prior art or the O﹠M personnel of operator misoperation, can cause setting up wrong VPN and connect and set up, cause safety problem; The user only needs configuration domain name, user name, password among the present invention on the VPN client, just can pass through the long-range IAD of VPN.In addition, the user does not need the state that logging in gateway just can real time inspection VPN connects.
Embodiments of the invention provide for example with for the purpose of describing, and are not exhaustively or limit the invention to disclosed form.Many modifications and variations are conspicuous for the ordinary skill in the art.Selecting and describing embodiment is for better explanation principle of the present invention and practical application, thereby and makes those of ordinary skill in the art can understand the various embodiment that have various modifications that the present invention's design is suitable for special-purpose.
Claims (11)
1. the implementation method of a vpn service is characterized in that, described method comprises:
The VPN management platform receives the VPN account information from VPN user, obtains corresponding gateway information according to the described VPN number of the account of storage and the corresponding informance of gateway;
Described VPN management platform generates the VPN parameter configuration of the gateway of described correspondence, and described VPN parameter configuration is sent to the ACS management platform;
Described ACS management platform is transmitted to described VPN parameter configuration the gateway of described correspondence;
The gateway of described correspondence receives and loads described VPN parameter configuration.
2. method according to claim 1 is characterized in that, when described VPN user was the VPN client, described VPN user's corresponding gateway information was the accessing gateway information of described VPN client; Described VPN management platform generates the VPN parameter configuration of long-range access module, and described method also comprises:
Described VPN management platform sends to described VPN client with the VPN parameter configuration of described VPN client;
Described VPN client is connected with the VPN that IAD is set up long-range access module.
3. method according to claim 1 is characterized in that, when described VPN user was gateway, the gateway information of described VPN user's correspondence was for to set up the end-to-end opposite end gateway information that is connected with described gateway; Described method also comprises:
Described VPN management platform sends to described opposite end gateway with the parameter configuration of described gateway by described ACS;
Described gateway is set up end-to-end VPN with described opposite end gateway and is connected.
4. method according to claim 2, it is characterized in that, described method also comprises: after setting up the VPN connection of long-range access module, and after described VPN client ip address changes, the described VPN account information that described VPN client resends to described VPN management platform; Wherein said VPN account information comprises: domain name, username and password.
5. method according to claim 3 is characterized in that, described method also comprises: when described gateway is reached the standard grade, device id, place domain name, the username and password of described gateway is transmitted to described VPN management platform by described ACS management platform; Described VPN management platform to described gateway authentication by after described device id, domain name and described user name are bound, and the state of described gateway is updated to the VPN login state.
6. method according to claim 1 is characterized in that, described method comprises that also when the IP address of described gateway changes, described gateway will send the IP change notification to described ACS management platform;
Described ACS management platform is revised " device id " of described gateway and the binding relationship of " IP address ", notifies described VPN management platform by described ACS management platform simultaneously;
Described VPN management platform is checked out affected described gateway and VPN client in the same VPN territory, directly issue new VPN configuration parameter, and issue described new VPN configuration parameter again to affected described gateway by described ACS management platform to described VPN client.
7. the realization system of a vpn service is characterized in that, described system comprises:
The VPN management platform is used to receive the VPN account information from VPN user, obtains corresponding gateway information according to the described VPN number of the account of storage and the corresponding informance of gateway; Generate the VPN parameter configuration of the gateway of described correspondence, and described VPN parameter configuration is sent to the ACS management platform;
Described ACS management platform is used to receive the described VPN parameter configuration that sends from described VPN management platform, and described VPN parameter configuration is sent to the gateway of described correspondence;
The gateway of described correspondence is used to receive the described VPN parameter configuration that described ACS management platform is transmitted, and loads described VPN parameter configuration.
8. system according to claim 7, it is characterized in that, described VPN management platform also is used to described VPN user that VPN account management interface is provided, the query interface of current VPN connection status is provided to described VPN user, and newly-built, remove or rebuild the interface that described VPN connects, check request to described ACS management platform transmit status, and the VPN connection status that receives the current described gateway that described ACS management platform returns; Send VPN to described ACS management platform and connect maintenance request, the VPN connection of described gateway is safeguarded;
The state that described ACS management platform also is used to receive from described VPN management platform is checked request, and is transmitted to described gateway; Receive the described VPN connection status that described gateway reports, and be transmitted to described VPN management platform; Reception connects maintenance request from the VPN of described VPN management platform, and is transmitted to described gateway; Receive the VPN state information that described gateway reports, and be transmitted to described VPN management platform;
Described gateway also is used to receive the described state that described ACS management platform transmits and checks request, and returns the VPN connection status of current described gateway to described ACS management platform; Receive that described VPN that described ACS management platform transmits connects maintenance request so that the VPN of described gateway connected safeguard, and return to described ACS management platform and to safeguard the result.
9. a VPN management platform is characterized in that, described VPN management platform comprises:
VPN configuration parameter transceiver module is used to receive the VPN account information from VPN user, and described VPN account is sent to the VPN parameter configuration module; Reception sends to the ACS management platform from the VPN parameter configuration of described VPN parameter configuration module with the VPN parameter configuration;
The VPN account management module, the described VPN number of the account that is used to store and the corresponding informance of gateway;
Described VPN parameter configuration module, be used to receive described VPN account information, obtain corresponding gateway information according to the described VPN number of the account of described VPN account management module storage and the corresponding informance of gateway, generate the VPN parameter configuration of the gateway of described correspondence, described VPN parameter configuration is sent to described VPN configuration parameter transceiver module.
10. VPN management platform according to claim 9, it is characterized in that, described VPN management platform also comprises: the VPN state is checked and maintenance module, be used for providing query interface to described VPN user, send the VPN status query request to described VPN configuration parameter transceiver module, receive the described VPN user's that described ACS management platform returns VPN connection status, obtain current VPN connection status, and send newly-built to described VPN configuration parameter transceiver module, remove or rebuild described VPN connection requests, so that described VPN user is newly-built with described corresponding gateway, removing or rebuild described VPN connects.
11. VPN management platform according to claim 9, it is characterized in that, described VPN account management module also is used to described VPN account number that VPN account management interface is provided, and described VPN user is the unit creation territory with the enterprise, and creates a plurality of user names in same territory; Wherein, the combination of described territory and described user name identifies described VPN account number.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910223563.6A CN102075339B (en) | 2009-11-23 | 2009-11-23 | VPN management platform, and implementation method and system for VPN service |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910223563.6A CN102075339B (en) | 2009-11-23 | 2009-11-23 | VPN management platform, and implementation method and system for VPN service |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102075339A true CN102075339A (en) | 2011-05-25 |
| CN102075339B CN102075339B (en) | 2014-03-19 |
Family
ID=44033694
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910223563.6A Active CN102075339B (en) | 2009-11-23 | 2009-11-23 | VPN management platform, and implementation method and system for VPN service |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102075339B (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102611574A (en) * | 2012-02-23 | 2012-07-25 | 成都飞鱼星科技开发有限公司 | Automatic configuration system and configuration method for VPN (Virtual Private Network) |
| CN103281694A (en) * | 2013-06-20 | 2013-09-04 | 福建伊时代信息科技股份有限公司 | Configuration file distributing method and device |
| CN103684958A (en) * | 2012-09-14 | 2014-03-26 | 中国电信股份有限公司 | Method and system for providing flexible VPN (virtual private network) service and VPN service center |
| CN104104569A (en) * | 2013-04-01 | 2014-10-15 | 华为技术有限公司 | VPN tunnel establishing method and server |
| CN104717313A (en) * | 2013-12-17 | 2015-06-17 | 华为技术有限公司 | Method and device for mDNS gateway address configuration |
| CN105119934A (en) * | 2015-09-11 | 2015-12-02 | 北京星网锐捷网络技术有限公司 | Deployment method of virtual private network branch, headquarter equipment and branch equipment |
| CN106027354A (en) * | 2016-05-19 | 2016-10-12 | 杭州迪普科技有限公司 | Backflow method and device for VPN (Virtual Private Network) client |
| CN107154865A (en) * | 2017-04-13 | 2017-09-12 | 上海寰创通信科技股份有限公司 | A kind of method based on outer net managing intranet equipment |
| CN109379383A (en) * | 2018-12-10 | 2019-02-22 | 杭州迪普科技股份有限公司 | A kind of virtual private network VPN client and implementation method |
| CN111726367A (en) * | 2020-06-30 | 2020-09-29 | 锐捷网络股份有限公司 | User equipment CPE access binding method, device, system and equipment |
| JP2020535718A (en) * | 2017-09-27 | 2020-12-03 | ユービキティ インコーポレイテッド | System for auto-secured remote access to local networks |
| CN113271218A (en) * | 2020-02-17 | 2021-08-17 | 中国电信股份有限公司 | VPN service configuration method, system, orchestrator and storage medium |
| CN115314523A (en) * | 2022-08-03 | 2022-11-08 | 上海船舶运输科学研究所有限公司 | VPN-based marine communication gateway remote management system and method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1866855A (en) * | 2005-09-13 | 2006-11-22 | 华为技术有限公司 | System for tele-managing local network device and realization method |
| US20080170573A1 (en) * | 2007-01-17 | 2008-07-17 | Nortel Networks Limited | Border gateway protocol extended community attribute for layer-2 and layer-3 virtual private networks using 802.1ah-based tunnels |
| CN101453396A (en) * | 2007-11-29 | 2009-06-10 | 华为技术有限公司 | Method and system for multiple service provider device management |
-
2009
- 2009-11-23 CN CN200910223563.6A patent/CN102075339B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1866855A (en) * | 2005-09-13 | 2006-11-22 | 华为技术有限公司 | System for tele-managing local network device and realization method |
| US20080170573A1 (en) * | 2007-01-17 | 2008-07-17 | Nortel Networks Limited | Border gateway protocol extended community attribute for layer-2 and layer-3 virtual private networks using 802.1ah-based tunnels |
| CN101453396A (en) * | 2007-11-29 | 2009-06-10 | 华为技术有限公司 | Method and system for multiple service provider device management |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102611574A (en) * | 2012-02-23 | 2012-07-25 | 成都飞鱼星科技开发有限公司 | Automatic configuration system and configuration method for VPN (Virtual Private Network) |
| CN103684958B (en) * | 2012-09-14 | 2017-04-19 | 中国电信股份有限公司 | Method and system for providing flexible VPN (virtual private network) service and VPN service center |
| CN103684958A (en) * | 2012-09-14 | 2014-03-26 | 中国电信股份有限公司 | Method and system for providing flexible VPN (virtual private network) service and VPN service center |
| CN104104569A (en) * | 2013-04-01 | 2014-10-15 | 华为技术有限公司 | VPN tunnel establishing method and server |
| CN103281694A (en) * | 2013-06-20 | 2013-09-04 | 福建伊时代信息科技股份有限公司 | Configuration file distributing method and device |
| CN103281694B (en) * | 2013-06-20 | 2017-02-08 | 福建伊时代信息科技股份有限公司 | Configuration file distributing method and device |
| CN104717313A (en) * | 2013-12-17 | 2015-06-17 | 华为技术有限公司 | Method and device for mDNS gateway address configuration |
| CN104717313B (en) * | 2013-12-17 | 2018-08-14 | 华为技术有限公司 | mDNS gateway address configuration method and device |
| CN105119934A (en) * | 2015-09-11 | 2015-12-02 | 北京星网锐捷网络技术有限公司 | Deployment method of virtual private network branch, headquarter equipment and branch equipment |
| CN106027354A (en) * | 2016-05-19 | 2016-10-12 | 杭州迪普科技有限公司 | Backflow method and device for VPN (Virtual Private Network) client |
| CN106027354B (en) * | 2016-05-19 | 2019-03-15 | 杭州迪普科技股份有限公司 | The reflow method and device of VPN client |
| CN107154865A (en) * | 2017-04-13 | 2017-09-12 | 上海寰创通信科技股份有限公司 | A kind of method based on outer net managing intranet equipment |
| JP2020535718A (en) * | 2017-09-27 | 2020-12-03 | ユービキティ インコーポレイテッド | System for auto-secured remote access to local networks |
| JP7157146B2 (en) | 2017-09-27 | 2022-10-19 | ユービキティ インコーポレイテッド | System for automatically secured remote access to local networks |
| CN109379383A (en) * | 2018-12-10 | 2019-02-22 | 杭州迪普科技股份有限公司 | A kind of virtual private network VPN client and implementation method |
| CN109379383B (en) * | 2018-12-10 | 2021-01-26 | 杭州迪普科技股份有限公司 | Virtual private network VPN client and implementation method |
| CN113271218A (en) * | 2020-02-17 | 2021-08-17 | 中国电信股份有限公司 | VPN service configuration method, system, orchestrator and storage medium |
| CN113271218B (en) * | 2020-02-17 | 2023-03-21 | 中国电信股份有限公司 | VPN service configuration method, system, orchestrator and storage medium |
| CN111726367A (en) * | 2020-06-30 | 2020-09-29 | 锐捷网络股份有限公司 | User equipment CPE access binding method, device, system and equipment |
| CN115314523A (en) * | 2022-08-03 | 2022-11-08 | 上海船舶运输科学研究所有限公司 | VPN-based marine communication gateway remote management system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102075339B (en) | 2014-03-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102075339B (en) | VPN management platform, and implementation method and system for VPN service | |
| CN110086652B (en) | Management system and method for service network element in 5G core network | |
| CN101217368A (en) | A network logging on system and the corresponding configuration method and methods for logging on the application system | |
| CN105991796B (en) | A kind of method and system of the configuration service of the user terminal in on-premise network | |
| CN102035660B (en) | Internet data center (IDC) network-based service processing method, equipment and system | |
| CN100574194C (en) | A kind of method of safety management maintenance equipment and device | |
| CN102045337A (en) | Apparatus and methods for managing network resources | |
| CN110535627A (en) | A kind of data query method and block platform chain | |
| JP2018109975A (en) | Management of vehicle charging point infrastructure and system of the same | |
| CN110677383B (en) | Firewall wall opening method and device, storage medium and computer equipment | |
| CN103281408B (en) | A kind of method that reverse registration penetrates network | |
| CN103312744A (en) | Business management method, platform and system based on cloud desktop | |
| CN101951325A (en) | Network terminal configuration system based on automatic discovery and configuration method thereof | |
| CN105652831A (en) | Interaction method and interaction system of building equipment | |
| JP2018124987A (en) | Management of vehicle charging point infrastructure and system therefor | |
| CN103179080B (en) | The cloud computer system of a kind of Internet user and the method for connection cloud computer | |
| CN103780641A (en) | Cloud desktop access method, home gateway and system | |
| CN110213331A (en) | Processing method, terminal device, electronic equipment and the storage medium of service request | |
| CN102820999A (en) | Management and control system and method for network service level and function of cloud virtual desktop application | |
| CN101188515A (en) | Method and device for automatically discovering network element device | |
| CN101212346B (en) | Software version management method and device for network element management system | |
| CN112995171B (en) | Cloud computing container management method based on regional position | |
| CN105119934A (en) | Deployment method of virtual private network branch, headquarter equipment and branch equipment | |
| CN107071016A (en) | A kind of cloud AC management platforms and its multi-domain authentication power supply management method | |
| CN109104482A (en) | A kind of distributed system of earth mat platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |