CN103379009B - SSL VPN communication method based on data link layers - Google Patents
SSL VPN communication method based on data link layers Download PDFInfo
- Publication number
- CN103379009B CN103379009B CN201210117171.3A CN201210117171A CN103379009B CN 103379009 B CN103379009 B CN 103379009B CN 201210117171 A CN201210117171 A CN 201210117171A CN 103379009 B CN103379009 B CN 103379009B
- Authority
- CN
- China
- Prior art keywords
- ssl vpn
- client
- gateway
- data
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides an SSL VPN communication method based on data link layers. The SSL VPN communication method based on the data link layers aims to overcome defects in the prior art. According to the method, data, sent to assigned destinations, of all data link layers are packaged and transmitted, and data transmission based on the data link layers is achieved. The communication method comprises the following steps that A, a connecting request is initiated to the gateway of a server by a client; B, after the connecting request is received by the gateway of the server, standard SSL verification is conducted on the client by the gateway of the server; C, an encrypted SSL VPN safety channel is built between the client and the network of the server; D, when data are transmitted between the network of the server and the client, data, needing transmitting to the client, sent by an SSL VPN gateway packaging exchange machine of a sending terminal are transmitted to a receiving terminal through the SSL VPN channel.
Description
Technical field
The present invention relates to a kind of network data communication method, particularly to a kind of communication means based on SSL VPN technologies.
Background technology
With the popularization of Internet network technology, virtual private network(Virtual Private Network)Technology
Prominent position in network Development manifests all the more.In recent years in order to the safer VPN that provides the user with services, more next
More users select to use SSL VPN.SSL VPN is the VPN technologies based on HTTPS, also includes supporting the application of SSL
Program, for example:Email client, such as Microsoft Outlook or Eudora.It utilizes ssl protocol to provide
Authentication based on certificate, data encryption and message integrity verification mechanism, are that user's remote access company's internal network carries
Supply safety assurance.SSLVPN is often referred to as " no client ", because current most computers, in shipment, have all been pacified
Fill the Web browser supporting HTTP and HTTPS.
Common SSL VPN is the agreement encapsulating more than IP or IP layer using SSL, such as UDP, TCP, HTTP
Deng the data of more than IP or IP layer therefore can only be transmitted.Due to its support IP layer more than agreement it is impossible to support IP layer with
Lower such as IPX, the agreement such as NetBT, AppleTalk, Nbf, NWlink, PPP, PPPoE, MPLS.
Content of the invention
The purpose of the present invention is the weak point for overcoming prior art, provides one kind to be communicated based on data link layer
SSL VPN connected mode, all packed transmission to the data of all data link layers of specified destination by sending, realization
Penetrated based on the data of data link layer, thus solving irrealizable two sons of traditional SSLVPN and IPSec VPN
The demand of the full protocol communication of overall network is set up between network, such as, WINS agreement, VoIP protocol, DHCP protocol etc.
Penetrate.
The present invention proposes technical scheme below:
A kind of SSL VPN communication method based on data link layer, based on the service end network being connected by wide area network and
Client is realized, and described service end network includes SSL vpn gateway, switch and terminal unit it is characterised in that including following
Step:
A client initiates connection request to service end gateway;
B service end gateway carries out the checking of standard SSL to client after receiving connection request;
SSL VPN encryption safe passage is set up between C client and service end network;
When sending data between D service end network and client, the SSL vpn gateway of transmitting terminal encapsulates what switch transmitted
The data being sent to client in need, and by SSL VPN channel transfer to receiving terminal;
E receiving terminal by the data receiving unpack, and to local terminal transmission.
As one kind preferably, the proof procedure of described step B includes:
The SSL vpn gateway of B1 service end carries out authentication to described connection request;
The SSL vpn gateway of B2 service end carries out password authentification or PKI certification authentication to described connection request.
As one kind preferably, described client is LAN, and described LAN includes SSL vpn gateway, switch and PC.
As one kind preferably, described step D includes:The eth1 mouth of the SSL vpn gateway of transmitting terminal receives we's exchange
What machine transmitted the data being sent to receiving terminal in need, after these data are packaged, is sent out by ssl tunneling from eth0 mouth
Deliver to the eth0 mouth of receiving terminal SSL vpn gateway;Described step E includes:Receiving terminal SSL vpn gateway enters to the data receiving
After row unpacks, deliver to this end switch by eth1 oral instructions.
Improve as a kind of, at least one group of described LAN quantity.
As one kind preferably, described client is terminal unit.
As a kind of preferred, further comprising the steps of before described step A:
A embeds a client application at the portal site of service end SSL vpn gateway;
B client rs PC passes through browser access service end SSL vpn gateway;
C downloads client application in client rs PC, runs this client application and pacifies in client rs PC
Dress SSL VPN client Agent.
As one kind preferably, described step D is:
When service end network is to client transmission data, the eth1 mouth of the SSL vpn gateway of service end receives we
What switch transmitted the data being sent to receiving terminal in need, after these data are packaged, passes through SSL tunnel from eth0 mouth
Road sends to client NIC;
When client is to service end network transmission data, the SSL VPN client Agent of client is wanted all
Send to the data encapsulation packing of service end network, be sent to the SSL VPN net of service end service end by network interface card through ssl tunneling
The eth0 mouth closing;
Described step E is:When service end network is to client transmission data, the SSL VPN client agency of client
Program unpacks to the data receiving;When client is to service end network transmission data, service end SSL vpn gateway pair
After the data receiving is unpacked, deliver to this end switch by eth1 oral instructions.
As one kind preferably, described terminal unit is PC, mobile phone or PDA.
There is provided technical scheme by the present invention, be present SSL vpn gateway or application program increased based on link layer
Communication function is so that SSL VPN can support the software using data link layer protocol, so that multiple sub-network is merged into one
Big network.Initiate communication request between sub-network transparent just as in LAN intercommunication, can transport between sub-network
Any agreement of row, including WINS, the LAN protocol more than data link layer such as icmp, DNS, DHCP, VoIP, can be real
One big LAN of composition.
Brief description
Fig. 1 is network connection schematic diagram in embodiment one;
The flow chart of steps of the communication means that Fig. 2 provides for the present invention;
Fig. 3 is data flow figure when accessing mutually between PC in embodiment one;
Fig. 4 is client network expander graphs in embodiment one;
Fig. 5 is network connection schematic diagram in embodiment two;
Fig. 6 is data flow figure when accessing mutually between PC in embodiment two;
Specific implementation method
Below in conjunction with Figure of description, the specific embodiment of the present invention is described in further detail.
First embodiment:
Two groups of LAN A and B as shown in Figure 1, are equipped with SSL vpn gateway in A network and B network.A network includes
SSL vpn gateway A, switch A sum platform PC, the wherein eth0 mouth of SSL vpn gateway A is connected with INTERNET, eth1 mouth with
Switch A connects, and PC is connected with switch A 2;B network includes the SSL vpn gateway B connecting by netting twine, switch b sum
Station terminal equipment, the eth0 mouth of gateway B is connected with INTERNET, and eth1 mouth is connected with switch b, terminal unit and switch b
Connect.In this example gateway A is configured to service end, gateway B is configured to client.In this example, set as terminal using PC
Standby, in addition to PC, terminal unit can also adopt mobile phone, and PDA etc. can realize the terminal unit remotely accessing.
It is equality that VPN sets up both sides, either initiates request to gateway B device from gateway A and sets up tunnel still from net
Closing B device and initiate request to gateway A equipment setting up tunnel is all equality.
As shown in Fig. 2 Client-SSL vpn gateway B active sends connection request to service end SSL vpn gateway A.
Service end carries out the checking of standard SSL to client after receiving connection request, and verification step is as follows:
(1)Service end SSL vpn gateway A carries out authentication first to Client-SSL VPN gateway B, and checking is not passed through
Then send error message to gateway B;
(2)Authentication can also carry out password authentification or PKI certification authentication after passing through, checking is not passed through then to client
SSL vpn gateway B sends error message.Verification mode can be arranged on the service end SSL VPN gateway A configuration page.
The built-in CA of service end, can generate PKI certificate, it is possible to use third party's root certificate.The certificate or the 3rd that server is issued
Square certificate should import in Client-SSL vpn gateway B in advance.
Above-mentioned be verified after, establish SSL VPN encryption safe passage between A network and B network.
When A network is to B network transmission data, by the eth1 mouth of our data is activation to gateway A, gateway A will for switch A
All data that will be sent to B network that switch A sends integrally are packed and are encapsulated and from eth0 mouth by the SSL tunnel establishing
Road sends to the eth0 mouth of Client-SSL vpn gateway B.Because switch is in data link layer, gateway receives and exchanges
All data of machine are transmission that the data of data link layer is all received and packed, it is achieved thereby that being based on data link layer
Data penetrate.In order to increase the safety of data transmission, the process of described data packing is entered preferably past default algorithm
Row encapsulation.Gateway B is unpacked after eth0 mouth receives packet, and this process preferably uses default and packing algorithm
Respective algorithms are carried out, and the data after unpacking is delivered to our switch b by eth1 oral instructions by gateway B.
When B network is to A network transmission data, switch b is by our data is activation to the eth1 mouth sending to gateway B, net
Close B switch b is sent all data being sent to B network and integrally pack encapsulation pass through the SSL establishing from eth0 mouth
Tunnel sends to the eth0 mouth of gateway A, in order to increase the safety of data transmission, the process of described data packing preferably past
Default algorithm is packaged.Gateway A is unpacked after eth0 mouth receives packet, and this process preferably uses default
Carry out with packing algorithm respective algorithms, gateway A by unpack after data deliver to our switch A by eth1 oral instructions.
Eth1 mouth in order to ensure the SSL vpn gateway of A network and B network can receive what our switch transmission came
All data, eth1 mouth should be set to promiscuous mode.
Specifically, when accessing mutually between two LANs, such as the PC1 in A network will access in B network
During PC3, typically know machine name, domain name or the IP address of PC3, as shown in figure 3, concrete data transfer procedure is as follows:
Parsing machine name or domain name first:
If it is known that PC3 domain name or machine name, PC1 can be sent to the domain name on A network to the access request of PC3
Server, also can issue the name server on B network simultaneously.Detailed process is as follows:This DNS request can be through the friendship of A network
The A that changes planes is sent on the eth1 mouth of gateway A, and because the eth1 mouth of gateway A is arranged to promiscuous mode, therefore gateway A can receive
Pack to DNS request and to it, the ssl tunneling by having built up is sent to the eth0 mouth of gateway B immediately.Gateway B receives
Send the request to the name server of client network to after this DNS request, client domain name server receives above-mentioned
After DNS request, it is parsed, and send a DNS response back to, this response is sent in client network.Due to gateway B's
Eth1 mouth is also arranged to promiscuous mode, and the therefore eth1 mouth of gateway B3 can receive this response and it be packed, then
It is sent to the eth1 mouth of gateway A by ssl tunneling.After gateway A receives response, this response is sent on service end network,
After PC1 in service end network receives this DNS response, you can know the IP address information of PC3.
Subsequently PC1 accesses PC3 by the IP of PC3:
When the IP address of PC1 and PC3 is in the same network segment, PC1 also needs first to parse the MAC Address of PC3.Detailed process
As follows:PC1 first sends ARP request to network A, and similar with the request of dns resolution, this ARP request is captured by the eth1 mouth of gateway A
And transmit to gateway B, the eth0 mouth of gateway B unpacks after receiving request, and is sent on B network, after PC3 receives, meeting
Send arp reply, response is captured by the eth1 mouth of gateway B and transmits to gateway A, after response is unpacked by the eth0 of gateway A
It is dealt on A network by eth1 mouth, PC1 thereby is achieved the MAC Address of PC3.
Subsequently can mutually send communication data between PC1 and PC3:
When PC1 sends communication data to PC3, this data is received by the eth1 mouth of gateway A and transmits to gateway B,
The eth0 mouth of gateway B unpacks after receiving packet, and is sent on B network, and PC3 can receive the communication data from PC1.
When PC3 sends communication data to PC1, this data is received by the eth1 mouth of gateway B and transmits to gateway A,
The eth0 mouth of gateway A unpacks after receiving packet, and is sent on B network, and PC3 can receive the communication data from PC1.
In order to further enhance Information Security, SSL vpn gateway is when carrying out data packing and unpacking preferably through pre-
If algorithm carry out.
By using the present invention provide communication means so that the data of data link layer can between A network and B network
Completely transmitted, because LAN works in a data link layer, therefore, it is possible to realize wearing of any agreement in LAN
Thoroughly, the eth1 mouth being equivalent to the SSL vpn gateway equipment having a stealthy netting twine from A network is connected to the SSL VPN of B network
The eth1 mouth of gateway device(In FIG, this stealthy netting twine dotted line marks)So that PC1 in A network is to the PC3 in B network
Initiate communication request just as the same transparent with PC3 communication in A network internal.
As shown in figure 4, aforementioned B network can expand to mutually isostructural C network, D network, E network etc., according to equipment type
Number and throughput difference, the catenet of interconnection can be set up between the LAN of different scales, can transport between this network
Any agreement of row, including WINS, the LAN protocol that more than 2 layers of icmp, DNS, DHCP, VoIP etc., composition one that can be real
Individual large-scale LAN.
Embodiment two:
As shown in figure 5, A network is including SSL vpn gateway A, the LAN of switch A sum platform PC, wherein gateway A
Eth0 mouth is connected with INTERNET, and eth1 mouth is connected with switch A, and PC is connected with switch A.One station terminal equipment passes through
The Internet connects to A network eth0 mouth, and terminal unit is client here, and in this example, terminal unit is PC.
In this example, embed a client application at the portal site of gateway A, client rs PC 5 passes through browser
Enter its portal site when accessing gateway A, portal site provides the download link of client application.Click on this link,
Client application can be downloaded in client rs PC, run this client application and SSL can be installed in client rs PC
VPN client Agent.
When client rs PC needs by browser access A network, client sends connection request to SSL vpn gateway A;
Gateway A carries out the checking of standard SSL to client after receiving connection request:
(1)Gateway A carries out authentication first to client, and checking is not passed through then to send error message to client;
(2)Authentication carries out password authentification or PKI certification authentication after passing through, checking is not passed through then to send mistake to client
False information.Verification mode can be arranged on the service end SSL VPN gateway A configuration page.The built-in CA of service end, permissible
Generate PKI certificate, it is possible to use third party's root certificate.
After being verified, between client rs PC and gateway A, SSL VPN encryption safe passage is set up by browser.
When A network is to client rs PC transmission data, service end switch A is by our all data is activations to gateway A
Eth1 mouth, wherein eth1 mouth are set to promiscuous mode, and gateway A is by all data packings receiving and from eth0 mouth through ssl tunneling
Send the network interface card to client rs PC.After the network interface card of client rs PC receives packet, SSL VPN client Agent by its
Unpack.
When client rs PC is to A network transmission data, our all data are beaten by Client-SSL VPN client Agent
Bag passes through network interface card, sends through ssl tunneling to the eth0 mouth of gateway A;Gateway A carries out de-packaging operation to packet, and passes through eth1
We are delivered in oral instructions.
For assuring data security, the process of above-mentioned packing and unpacking should be carried out through algorithm set in advance.
Specifically, when PC1 will access PC3, essentially identical with embodiment one as shown in Figure 6, distinctive points are, client
There is no switch, and a kind of function of gateway B of embodiment is undertaken by the SSL VPN client Agent in PC3.
Other computers in client rs PC and A network have identical to access the authority of A network, and any LAN protocol
Can run, the eth1 mouth being equivalent to the SSL vpn gateway equipment having a stealthy netting twine from A network is connected to B network
SSL vpn gateway equipment eth1 mouth(In Figure 5, this stealthy netting twine dotted line marks).
Can be multiple stage by the PC of linking Internet A network, in the present embodiment, in addition to PC, client also may be used
To adopt mobile phone, PDA etc. can realize the terminal unit remotely accessing.When client adopts mobile phone, client can be passed through
The mobile radio networks such as GSM, CDMA are connected with INTERNET.
Claims (9)
1. a kind of SSL VPN communication method based on data link layer, based on the service end network being connected by wide area network and visitor
Family end is realized, and described service end network includes SSL vpn gateway, switch and terminal unit it is characterised in that including following walking
Suddenly:
Two groups of LAN A and B are set, in A network and B network, are equipped with SSL vpn gateway, A network includes SSL vpn gateway A,
Switch A sum platform PC, the wherein eth0 mouth of SSL vpn gateway A is connected with INTERNET, and eth1 mouth is connected with switch A, PC
It is connected with switch A;B network includes the SSL vpn gateway B connecting by netting twine, switch b sum station terminal equipment, gateway B
Eth0 mouth be connected with INTERNET, eth1 mouth is connected with switch b, and terminal unit is connected with switch b;VPN sets up both sides
It is equality, either initiate request to gateway B device and set up tunnel from gateway A and still initiate request to net from gateway B device
It is all equality that pass A equipment sets up tunnel, LAN A is set to service end, LAN B is set to client;
A client initiates connection request to service end gateway;
B service end gateway carries out the checking of standard SSL to client after receiving connection request;
SSL VPN encryption safe passage is set up between C client and service end network;
When sending data between D service end network and client, it is all that the SSL vpn gateway of transmitting terminal encapsulates that switch transmits
Need to be sent to the data of client, and by SSL VPN channel transfer to receiving terminal;
The data receiving is unpacked by E receiving terminal, and to local terminal transmission;
All data that will be sent to B network that switch A sends integrally are packed and are encapsulated and pass through to build from eth0 mouth by gateway A
The ssl tunneling having stood sends to the eth0 mouth of Client-SSL vpn gateway B, and switch is in data link layer, and gateway connects
The all data receiving switch are transmission that the data of data link layer is all received and packed, and realize being based on data link layer
Data penetrate.
2. the SSL VPN communication method based on data link layer according to claim 1 it is characterised in that:Described step B
Proof procedure include:
The SSL vpn gateway of B1 service end carries out authentication to described connection request;
The SSL vpn gateway of B2 service end carries out password authentification or PKI certification authentication to described connection request.
3. the SSL VPN communication method based on data link layer according to claim 1 and 2 it is characterised in that:Described visitor
Family end is LAN, and described LAN includes SSL vpn gateway, switch and PC.
4. the SSL VPN communication method based on data link layer according to claim 3 it is characterised in that:
Described step D includes:The eth1 mouth of the SSL vpn gateway of transmitting terminal receives institute's biography in need that our switch transmits
Deliver to the data of receiving terminal, after these data are packaged, sent to receiving terminal SSL VPN by ssl tunneling from eth0 mouth
The eth0 mouth of gateway;
Described step E includes:After receiving terminal SSL vpn gateway unpacks to the data receiving, delivered to by eth1 oral instructions
This end switch.
5. the SSL VPN communication method based on data link layer according to claim 3 it is characterised in that:Described local
At least one group of netting index amount.
6. the SSL VPN communication method based on data link layer according to claim 1 and 2 it is characterised in that:Described visitor
Family end also includes terminal unit, and described terminal unit is independent PC.
7. the SSL VPN communication method based on data link layer according to claim 6 it is characterised in that:Described step A
Before further comprising the steps of:
A embeds a client application at the portal site of service end SSL vpn gateway;
B client rs PC passes through browser access service end SSL vpn gateway;
C downloads client application in client rs PC, runs this client application and installs SSL in client rs PC
VPN client Agent.
8. the SSL VPN communication method based on data link layer according to claim 6 it is characterised in that:Described step D
For:
When service end network is to client transmission data, the eth1 mouth of the SSL vpn gateway of service end receives we's exchange
What machine transmitted the data being sent to receiving terminal in need, after these data are packaged, is sent out by ssl tunneling from eth0 mouth
Deliver to client NIC;
When client is to service end network transmission data, the SSL VPN client Agent of client will send all
To the data encapsulation packing of service end network, it is sent to the SSL vpn gateway of service end service end through ssl tunneling by network interface card
Eth0 mouth;
Described step E is:When service end network is to client transmission data, the SSL VPN client Agent of client
The data receiving is unpacked;When client is to service end network transmission data, service end SSL vpn gateway is to reception
To data unpacked after, deliver to this end switch by eth1 oral instructions.
9. the SSL VPN communication method based on data link layer according to claim 6 it is characterised in that:Described terminal
Equipment is PC, mobile phone or PDA.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210117171.3A CN103379009B (en) | 2012-04-20 | 2012-04-20 | SSL VPN communication method based on data link layers |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210117171.3A CN103379009B (en) | 2012-04-20 | 2012-04-20 | SSL VPN communication method based on data link layers |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103379009A CN103379009A (en) | 2013-10-30 |
| CN103379009B true CN103379009B (en) | 2017-02-15 |
Family
ID=49463586
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210117171.3A Active CN103379009B (en) | 2012-04-20 | 2012-04-20 | SSL VPN communication method based on data link layers |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103379009B (en) |
Families Citing this family (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103763356B (en) * | 2014-01-08 | 2017-05-31 | 深圳大学 | A kind of SSL establishment of connection method, apparatus and system |
| CN104780229A (en) * | 2014-01-09 | 2015-07-15 | 东莞市微云系统科技有限公司 | Method of setting cloud server IP address through cloud terminal, system and cloud system |
| CN104506480B (en) * | 2014-06-27 | 2018-11-23 | 深圳市永达电子信息股份有限公司 | The cross-domain access control method and system combined based on label with audit |
| US10075474B2 (en) * | 2015-02-06 | 2018-09-11 | Honeywell International Inc. | Notification subsystem for generating consolidated, filtered, and relevant security risk-based notifications |
| CN106921552A (en) * | 2015-12-25 | 2017-07-04 | 航天信息股份有限公司 | Terminal, gateway and tunnel multiplex system |
| CN106452896A (en) * | 2016-11-01 | 2017-02-22 | 赛尔网络有限公司 | Method and system for realizing virtual special network platform |
| CN106685956B (en) * | 2016-12-27 | 2019-10-11 | 上海斐讯数据通信技术有限公司 | A kind of the VPN network connection method and system of router |
| CN110022204B (en) * | 2019-03-20 | 2022-03-18 | 中国电子科技集团公司第三十研究所 | Method for enhancing security of file secret communication based on content true randomization segmentation |
| CN110311894A (en) * | 2019-05-24 | 2019-10-08 | 帷幄匠心科技(杭州)有限公司 | A kind of method that local area network internal dynamic penetrates |
| CN116436731B (en) * | 2023-06-15 | 2023-09-05 | 众信方智(苏州)智能技术有限公司 | Multi-internal network two-layer data stream communication method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101242324A (en) * | 2007-02-09 | 2008-08-13 | 联想网御科技(北京)有限公司 | A remote secure access method and system based on SSL protocol |
| CN101599901A (en) * | 2009-07-15 | 2009-12-09 | 杭州华三通信技术有限公司 | The method of remotely accessing MPLS VPN, system and gateway |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4779639B2 (en) * | 2005-12-21 | 2011-09-28 | パナソニック電工株式会社 | Security communication system |
| CN200962603Y (en) * | 2006-07-27 | 2007-10-17 | 公安部第三研究所 | A trustable boundary security gateway |
| US8527663B2 (en) * | 2007-12-21 | 2013-09-03 | At&T Intellectual Property I, L.P. | Methods and apparatus for performing non-intrusive network layer performance measurement in communication networks |
| CN101951378B (en) * | 2010-09-26 | 2013-09-18 | 北京品源亚安科技有限公司 | Protocol stack system structure for SSL VPN and data processing method |
| CN102143088B (en) * | 2011-04-29 | 2014-02-12 | 杭州华三通信技术有限公司 | Method and equipment for forwarding data based on security socket layer (SSL) virtual private network (VPN) |
-
2012
- 2012-04-20 CN CN201210117171.3A patent/CN103379009B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101242324A (en) * | 2007-02-09 | 2008-08-13 | 联想网御科技(北京)有限公司 | A remote secure access method and system based on SSL protocol |
| CN101599901A (en) * | 2009-07-15 | 2009-12-09 | 杭州华三通信技术有限公司 | The method of remotely accessing MPLS VPN, system and gateway |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103379009A (en) | 2013-10-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103379009B (en) | SSL VPN communication method based on data link layers | |
| CN106376003B (en) | Detect WLAN connection and WLAN data transmission method for uplink and its device | |
| CN103166824B (en) | A kind of interconnected method, device and system | |
| CN105471596B (en) | The method and apparatus of network management | |
| CN104506670B (en) | Establish method, equipment and the system of network game connection | |
| CN104993993B (en) | A kind of message processing method, equipment and system | |
| CN106992917A (en) | Message forwarding method and device | |
| CN103188351A (en) | IPSec VPN communication service processing method and system under IPv6 environment | |
| CN102664896A (en) | Safety network transmission system and method based on hardware encryption | |
| CN103391234A (en) | Method for realizing multi-user fixed port mapping and PPTP VPN server side | |
| CN104426737B (en) | A kind of method and apparatus for realizing Dynamic VPN network link layer communications | |
| WO2014116152A1 (en) | Communication apparatus, control method thereof, computer program thereof, relaying apparatus, control method thereof, computer program thereof | |
| CN102984025B (en) | The method of testing of gateway device virtual tunnel performance, Apparatus and system | |
| CN103067411B (en) | Prevent the DoS attack method and apparatus in DS-Lite networking | |
| Chavan et al. | Secure CoAP using enhanced DTLS for Internet of things | |
| CN107453861A (en) | A kind of collecting method based on SSH2 agreements | |
| CN104426735B (en) | A kind of method and device for establishing Virtual Private Network connection | |
| CN105635154A (en) | Flexible MACSec message encryption and authentication implementation method and device on chip | |
| CN102202108A (en) | Method, device and system for realizing NAT (network address translation) traverse of IPSEC (Internet protocol security) in AH (authentication header) mode | |
| CN106027387B (en) | A kind of processing method of voice service, gateway and system | |
| CN104113889B (en) | The method and device that a kind of connection based on return path is set up | |
| JPWO2003075537A1 (en) | Communication device | |
| CN202663430U (en) | Mobile network data transmission application system | |
| CN105591929B (en) | Lightweight dual stack group authentication method off the net and device | |
| CN105450556B (en) | Information transferring method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: SSL VPN communication method based on data link layers Effective date of registration: 20180917 Granted publication date: 20170215 Pledgee: Bank of Nanjing, Limited by Share Ltd, Nanjing branch Pledgor: Nanjing Enlink Network Technology Co., Ltd. Registration number: 2018320000192 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20200408 Granted publication date: 20170215 Pledgee: Bank of Nanjing, Limited by Share Ltd, Nanjing branch Pledgor: NANJING ENLINK NETWORK TECHNOLOGY Co.,Ltd. Registration number: 2018320000192 |
|
| PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200420 Address after: Room 401, floor 4, Yougu incubator, No. 12, mozhou East Road, moling street, Jiangning District, Nanjing City, Jiangsu Province Patentee after: JIANGSU YIANLIAN NETWORK TECHNOLOGY Co.,Ltd. Address before: 108, room 210039, building 01A, 10 Internet software park, Dajiang Road, Yuhua Economic Development Zone, Jiangsu, Nanjing Patentee before: NANJING ENLINK NETWORK TECHNOLOGY Co.,Ltd. |
|
| TR01 | Transfer of patent right |