CN106330479A - Equipment operation and maintenance method and equipment operation and maintenance system - Google Patents

Equipment operation and maintenance method and equipment operation and maintenance system Download PDF

Info

Publication number
CN106330479A
CN106330479A CN201510334489.0A CN201510334489A CN106330479A CN 106330479 A CN106330479 A CN 106330479A CN 201510334489 A CN201510334489 A CN 201510334489A CN 106330479 A CN106330479 A CN 106330479A
Authority
CN
China
Prior art keywords
proxy
gateway
lan
request
proxy server
Prior art date
Application number
CN201510334489.0A
Other languages
Chinese (zh)
Inventor
张可
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Priority to CN201510334489.0A priority Critical patent/CN106330479A/en
Publication of CN106330479A publication Critical patent/CN106330479A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance or administration or management of packet switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance or administration or management of packet switching networks
    • H04L41/28Security in network management, e.g. restricting network management access

Abstract

The invention discloses an equipment operation and maintenance method. The method comprises steps: a built-in proxy server for a user access portal and a proxy gateway as a gateway of a local area network device build a control channel for transmitting a control signaling between the two; the proxy server and the proxy gateway for the local area network device with login requested build a data channel by using the queried control channel; and the user access portal sends received operation data on the local area network device by the user to the queried proxy gateway for the local area network device e with login requested via the data channel through the proxy server. The security is improved, program mounting on each piece of equipment can be avoided, and the operation is thus simplified.

Description

A kind of equipment O&M method and system

Technical field

Invention relates to Network Management Equipment O&M field.A kind of safe and efficient O&M method and system.

Background technology

Owing to the existing network environment of lan device is typically all internal address, and externally can not go directly, for Ensureing that operation maintenance personnel can log in and keep in repair the equipment broken down in the present context, operation maintenance personnel needs Open port on equipment, operation maintenance personnel needs to be redirected step by step by springboard machine, by open port ability Sign in on target device, add the triviality of maintenance work, inefficiency undoubtedly;And once set , will there is potential safety hazard, be equivalent to leave back door on equipment in standby open port, it is impossible to ensure not Can meet with network attack, this also causes the safety of maintenance work to ensure.

Or will on equipment installation agent program, but relate to on equipment install software, especially In a local network, in the case of number of devices is huge, process is loaded down with trivial details.

Summary of the invention

In order to solve the problems referred to above, the invention provides the method and device of a kind of equipment O&M, Ke Yiti The safety of high equipment O&M, improves the efficiency of management, simple and convenient.

A kind of equipment O&M method, described method includes:

User accesses the built in agent server of door, builds as the proxy gateway of the gateway of lan device Vertical transmission each other controls the control passage of signaling;

Described user accesses door and receives the request of user operation lan device;

Described user accesses the proxy gateway of the lan device that door inquiry request logs in, and this agency The control passage that gateway is set up with described proxy server;

The proxy gateway utilization of the lan device that described proxy server logs in described request inquires Control passage, set up data channel;

User accesses door and to the operation data of described lan device, the user received is passed through described generation The generation of the lan device that reason server logs in via the request inquired described in the transmission extremely of described data channel Reason gateway;

Described operation data are sent extremely by the proxy gateway of the lan device that the described request inquired logs in User asks the lan device of operation.

Alternatively, wherein, described proxy server, described proxy gateway are set up transmission and are controlled the control of signaling Passage processed, including:

Described proxy gateway accesses door to described user and sends inquiry message;

Described user accesses door and to the most described, the proxy server list information having been switched on transmission is acted on behalf of net Close;

Described proxy gateway sends connection establishment request to the described proxy server having been switched on;

The described proxy server having been switched on receives the connection establishment request that described proxy gateway sends,

Control is set up with described proxy gateway by setting up the proxy server being connected the soonest with described proxy gateway Passage.

Alternatively, the proxy gateway of the lan device that described proxy server, described request log in utilizes The control passage inquired, sets up data channel, including:

The agency of the lan device that described proxy server is logged in described request by described control passage Gateway sends and sets up Data Channel Command;

The proxy gateway of the lan device that described request logs in sends to described proxy server and sets up data Channel request message;

Described proxy server receives described request message;

Described proxy server, described in find request log in lan device proxy gateway set up Data channel each other.

Alternatively, the proxy gateway of the lan device that the request inquired described in logs in is by described operand The lan device of operation is asked according to transmission to user, including:

Described proxy gateway receives the packet that described proxy server sends;

Described packet is forwarded to described user and asks the lan device of operation by described proxy gateway.

A kind of equipment operational system, described system includes: the user of lan device accesses door, conduct The proxy gateway of the gateway of lan device, wherein,

Described user accesses door, passes for being set up by built-in proxy server and described proxy gateway The control passage of defeated control signaling;

Receive the request of user operation lan device;

The proxy gateway of lan device that inquiry request logs in, and this proxy gateway and described agency's clothes The control passage that business device is set up;

With the proxy gateway of the lan device that the described request inquired logs in, utilize the control inquired Passage, sets up data channel;

By the user that receives to the operation data of described lan device by described proxy server via The proxy gateway of the lan device that the request inquired described in the transmission extremely of described data channel logs in;

Described proxy gateway, for accessing door with described user, is accessed in door by described user Proxy server is set up transmission and is controlled the control passage of signaling;

The proxy gateway of the lan device that the described request inquired logs in, for by described operation data Transmission asks the lan device of operation to user.

Alternatively,

Described user accesses door, passes for being set up by built-in proxy server and described proxy gateway The control passage of defeated control signaling, including:

Described user accesses door and receives the inquiry message that described proxy gateway sends;

Described user accesses door and to the most described, the proxy server list information having been switched on transmission is acted on behalf of net Close;

Described proxy gateway sends connection establishment request to the described proxy server having been switched on,

The described proxy server having been switched on receives the connection establishment request that described proxy gateway sends,

Control is set up with described proxy gateway by setting up the proxy server being connected the soonest with described proxy gateway Passage.

Alternatively,

Described user accesses the proxy gateway of the lan device that door logs in the described request inquired, Utilize the control passage inquired, set up data channel, including:

Described proxy server pass through described in inquire control passage to described inquire request log in The proxy gateway of lan device sends and sets up Data Channel Command;

The proxy gateway of the lan device that described request logs in sends to described proxy server and sets up data Channel request message;

The proxy gateway of the lan device that described proxy server, described request log in is set up each other Data channel.

Alternatively,

The proxy gateway of the lan device that the described request inquired logs in, for by described operation data Transmission asks the lan device of operation to user, including:

Described proxy gateway receives the packet that described proxy server sends;

Described packet is forwarded to described user and asks the lan device of operation by described proxy gateway.

The user of a kind of lan device accesses door,

Described user accesses door, including proxy module, and receiver module, enquiry module, described act on behalf of mould Block includes multiple proxy server;

Described proxy server controls signaling with the proxy gateway foundation transmission of the gateway as lan device Control passage;

Described user accesses door, including:

Receiver module, for receiving the request of user operation lan device, and sets user's local area network Standby operation data are sent to described proxy server;

Enquiry module, for the proxy gateway of the lan device that inquiry request logs in, and this acts on behalf of net Close the control passage set up with described proxy server;

Described proxy module, the generation of the lan device for being logged in described request by proxy server Reason gateway utilizes the control passage inquired, and sets up data channel;To be received by proxy server User operates data and acts on behalf of net by the transmission of described data channel to inquire described lan device Close.

Alternatively,

Described proxy server controls signaling with the proxy gateway foundation transmission of the gateway as lan device Control passage, including:

Described proxy gateway accesses door to described user and sends inquiry message;

Described user accesses door and to the most described, the proxy server list information having been switched on transmission is acted on behalf of net Close;

Described proxy gateway sends connection establishment request to the described proxy server having been switched on;

The described proxy server having been switched on receives the connection establishment request that described proxy gateway sends,

Control is set up with described proxy gateway by setting up the proxy server being connected the soonest with described proxy gateway Passage.

Alternatively,

Described proxy module, the generation of the lan device for being logged in described request by proxy server Reason gateway utilizes the control passage inquired, and sets up data channel, including:

The agency of the lan device that described proxy server is logged in described request by described control passage Gateway sends and sets up Data Channel Command;

The proxy gateway of the lan device that described request logs in sends to described proxy server and sets up data Channel request message;

Described proxy server receives described request message;

Described proxy server, described in find request log in lan device proxy gateway set up Data channel each other.

Using the method and device of the present invention, solve in prior art, safety is low or local area network It is loaded down with trivial details that equipment carries out the program that installation procedure caused, the problem of inefficiency.

The operation of proxy server local area network is sent by special data channel, thus improves safety Property.Both improve the safety of equipment O&M, and need not again local area network equipment and carry out the amendment in program, Simplify operation, improve the efficiency of management.

Accompanying drawing explanation

Fig. 1 is the flow chart of the present invention;

Fig. 2 is the system group network structure chart that the present invention provides;

Fig. 3 is that Agent Yu Portal that the present invention provides registers sequential chart;

Fig. 4 is that the Agent that the present invention provides controls Path Setup sequential chart;

Fig. 5 is that the user that the present invention provides signs in managed device sequential chart by door SSH (Secure Shell);

Fig. 6 is reversed proxy server schematic diagram.

Detailed description of the invention

Below in conjunction with drawings and Examples, technical scheme is described in detail.

If it should be noted that do not conflict, each feature in the embodiment of the present invention and embodiment can To be combined with each other, all within protection scope of the present invention.Although it addition, showing in flow charts and patrol Collect sequentially, but in some cases, can be to be different from shown or described by order execution herein Step.

A kind of equipment O&M method, described method includes:

User accesses the built in agent server of door, builds as the proxy gateway of the gateway of lan device Vertical transmission each other controls the control passage of signaling;

Described user accesses door and receives the request of user operation lan device;

Described user accesses the proxy gateway of the lan device that door inquiry request logs in, and this agency The control passage that gateway is set up with described proxy server;

The proxy gateway utilization of the lan device that described proxy server logs in described request inquires Control passage, set up data channel;

User accesses door and to the operation data of described lan device, the user received is passed through described generation The generation of the lan device that reason server logs in via the request inquired described in the transmission extremely of described data channel Reason gateway;

Described operation data are sent extremely by the proxy gateway of the lan device that the described request inquired logs in User asks the lan device of operation.

Fig. 1 is the flow chart of the present invention:

Step S101: user accesses the built in agent server of door, as the gateway of lan device Proxy gateway is set up transmission each other and is controlled the control passage of signaling;

Step S102: described user accesses door and receives the request of user operation lan device;

Step S103: user accesses the proxy gateway of the lan device that door inquiry request logs in, and The control passage that this proxy gateway is set up with described proxy server;

Step S104: the proxy gateway profit of the lan device that described proxy server logs in described request With the control passage inquired, set up data channel;

Step S105: user accesses door by operation data to described lan device of the user that receives Sent to the proxy gateway inquired via described data channel by described proxy server;

Step S106: described in the proxy gateway that inquires described operation data are sent to user and ask operation Lan device.

In Fig. 1, Portal is that user accesses door, and Agent is proxy gateway.

Communicate between Agent and Portal that the present invention provides measured SSL (Secure Socket Layer) encryption system, register flow path is as it is shown on figure 3, Agent carries out needing use certificate during authentication registration Send Portal, Portal after bookmark name and encrypted message key to and carry out signature inspection and certificate verification success After, Agent ability is real and Portal sets up communication channel.

Fig. 3 is Agent Yu the Portal registration sequential chart that the present invention provides:

Step S301: judge whether Agent with Portal mates according to certificate;

Step S302: if the match is successful, then continue, if failure, then interrupts;

Step S303:Agent transmits related registration information to Portal;

Step S304:Portal sends message to user, notifies that user audits;

Step S305: user sends message to Portal, and notice Portal examination & verification is passed through, and succeeds in registration;

Step S306:Portal sends, to Agent, the message that succeeds in registration.

The communication process of Agent and Portal uses two communication channels: control passage and data channel.Control Passage processed is set up when Agent starts registration, specifically, after registration completes, sets up and controls passage, Control passage control information between Agent and Portal is mutual and control data channel is set up, Close.

Alternatively,

Alternatively, wherein, described proxy server, described proxy gateway are set up transmission and are controlled the control of signaling Passage processed, including:

Described proxy gateway accesses door to described user and sends inquiry message;

Described user accesses door and to the most described, the proxy server list information having been switched on transmission is acted on behalf of net Close;

Described proxy gateway sends connection establishment request to the described proxy server having been switched on;

The described proxy server having been switched on receives the connection establishment request that described proxy gateway sends,

Control is set up with described proxy gateway by setting up the proxy server being connected the soonest with described proxy gateway Passage.

Fig. 4 is that the Agent that the present invention provides controls Path Setup sequential chart;

First step S401:Agent accesses all proxy server Agent server of Portal;

Step S402:Portal returns to the proxy server Agent server list that Agent has turned on;

The proxy server Agentserver of all deployment builds the trial of step S403:Agent with on Portal Vertical connection, and find one of optimum.

It is to say, for an Agent, in Portal, may corresponding multiple proxy server Agent Server, by comparing, finds out and finds the proxy server that response is the fastest, namely optimum server, Set up with the proxy server of described optimum and be connected.

Step S404:Agent is set up with the proxy server of Portal and is connected, and is formed and controls passage.

The actual proxy server Agent Server built-in with Portal side of Agent sets up and is connected, agency's clothes Business device Agent Server open port, processes message transfer;

Data channel is that user uses the remote tools provided on the Portal agency service by Portal end Device Agent Server built-in services and accessed equipment carry out the passage of network communication.

Portal and Agent can carry out safety inspection based on communication certificate by controlling passage, once checks Failure, Agent and Portal can automatically cut off data channel.

Alternatively, the proxy gateway of the lan device that described proxy server, described request log in utilizes The control passage inquired, sets up data channel, including:

The agency of the lan device that described proxy server is logged in described request by described control passage Gateway sends and sets up Data Channel Command;

The proxy gateway of the lan device that described request logs in sends to described proxy server and sets up data Channel request message;

Described proxy server receives described request message;

Described proxy server, described in find request log in lan device proxy gateway set up Data channel each other.

Alternatively, the proxy gateway of the lan device that the request inquired described in logs in is by described operand The lan device of operation is asked according to transmission to user, including:

Described proxy gateway receives the packet that described proxy server sends;

Described packet is forwarded to described user and asks the lan device of operation by described proxy gateway.

In the whole communication process of Agent and Portal, Portal is external by fixing port as service end Thering is provided service, Agent sets up Opposite direction connection by TCP reversed proxy server and Portal.

Which ensure that Agent does not open any fixing to external port, thus prevent Agent side from meeting with Network attack.

Fig. 5 is that the user that provides of the present invention is when signing in managed device by door SSH (Secure Shell) Sequence figure

A kind of application scenarios realizing using SSH to log in managed devices by Portal:

The specific implementation method of 5 couples of present invention further illustrates below in conjunction with the accompanying drawings:

Step S501, operation maintenance personnel needs to log in a certain of LAN by SSH instrument from Portal and sets Standby A.

Step S502, the information of Portal inquiry database lookup device A, including administration device A The control passage ID etc. of Agent, Agent and Portal.

Step S503, the built-in services Agent Server of Portal can find this by controlling passage ID Control passage, send instruction request Agent and actively set up a data passage again with Portal, for SSH Between client and target device alternately, instruction format is

Type=ReqConnect&agentSrvId=2&hostIp=10.46.180.130&agentP ort=8323.

Step S504, Agent sets up data channel to Portal, the IP sent according to Portal and generation Reason port is set up Socket and is connected.

Step S505, Portal by newly-established data channel ID record, user on Portal to remotely The operation of equipment all can be transmitted to Agent by the Agent Server of Portal by data channel.

Step S506, after Agent receives packet, is directly forwarded to the SOCKS5 agency service of this locality Going to process, SOCKS5 agency service is the universal standard, is used for forwarding packet.

It should be noted that the IP address message that can comprise lan device in packet.Agent receives After packet, lan device can be delivered a packet to according to IP address message.

Step S507, SOCKS5 agency service transfers a packet to lan device A.

Step S508, lan device A processes corresponding instruction, then response data is issued Agent SOCKS5 agency.

Step S509, response data is transferred back to Portal along former road by the SOCKS5 agency above Agent Side.

Step S510, Portal final echo response data is to user.The present invention by Agent as gateway And Agent itself does not externally open, but communicate with Portal based on reversed proxy server, set by pipe Standby zero invasion, while ensureing operation maintenance personnel the most advantageously access equipment, can guarantee that again managed device The safety of network.

A kind of equipment operational system, described system includes: the user of lan device accesses door, conduct The proxy gateway of the gateway of lan device, wherein,

Described user accesses door, passes for being set up by built-in proxy server and described proxy gateway The control passage of defeated control signaling;

Receive the request of user operation lan device;

The proxy gateway of lan device that inquiry request logs in, and this proxy gateway and described agency's clothes The control passage that business device is set up;

With the proxy gateway of the lan device that the described request inquired logs in, utilize the control inquired Passage, sets up data channel;

By the user that receives to the operation data of described lan device by described proxy server via The proxy gateway of the lan device that the request inquired described in the transmission extremely of described data channel logs in;

Described proxy gateway, for accessing door with described user, is accessed in door by described user Proxy server is set up transmission and is controlled the control passage of signaling;

The proxy gateway of the lan device that the described request inquired logs in, for by described operation data Transmission asks the lan device of operation to user.

Fig. 2 is the system group network structure chart that the present invention provides.

Agent is proxy gateway;Portal is that user accesses door, or referred to as user's access entrance.

This system includes proxy gateway Agent and the use of lan device of the gateway as lan device Family access entrance Portal, Agent are responsible for the message channel getting through between Portal and lan device, and Only open to Portal.Portal provides the unified management entrance of Access Management Access equipment, and LAN identification divides Being two groups, each group has individual proxy gateway Agent, includes in a user access entrance Portal Multiple proxy server Agent Server.

Alternatively,

Described user accesses door, passes for being set up by built-in proxy server and described proxy gateway The control passage of defeated control signaling, including:

Described user accesses door and receives the inquiry message that described proxy gateway sends;

Described user accesses door and to the most described, the proxy server list information having been switched on transmission is acted on behalf of net Close;

Described proxy gateway sends connection establishment request to the described proxy server having been switched on,

The described proxy server having been switched on receives the connection establishment request that described proxy gateway sends,

Control is set up with described proxy gateway by setting up the proxy server being connected the soonest with described proxy gateway Passage.

Alternatively,

Described user accesses the proxy gateway of the lan device that door logs in the described request inquired, Utilize the control passage inquired, set up data channel, including:

Described proxy server pass through described in inquire control passage to described inquire request log in The proxy gateway of lan device sends and sets up Data Channel Command;

The proxy gateway of the lan device that described request logs in sends to described proxy server and sets up data Channel request message;

The proxy gateway of the lan device that described proxy server, described request log in is set up each other Data channel.

Alternatively,

The proxy gateway of the lan device that the described request inquired logs in, for by described operation data Transmission asks the lan device of operation to user, including:

Described proxy gateway receives the packet that described proxy server sends;

Described packet is forwarded to described user and asks the lan device of operation by described proxy gateway.

The user of a kind of lan device accesses door,

Described user accesses door, including proxy module, and receiver module, enquiry module, described act on behalf of mould Block includes multiple proxy server;

Described proxy server controls signaling with the proxy gateway foundation transmission of the gateway as lan device Control passage;

Described user accesses door, including:

Receiver module, for receiving the request of user operation lan device, and sets user's local area network Standby operation data are sent to described proxy server;

Enquiry module, for the proxy gateway of the lan device that inquiry request logs in, and this acts on behalf of net Close the control passage set up with described proxy server;

Described proxy module, the generation of the lan device for being logged in described request by proxy server Reason gateway utilizes the control passage inquired, and sets up data channel;To be received by proxy server User operates data and acts on behalf of net by the transmission of described data channel to inquire described lan device Close.

Alternatively,

Described proxy server controls signaling with the proxy gateway foundation transmission of the gateway as lan device Control passage, including:

Described proxy gateway accesses door to described user and sends inquiry message;

Described user accesses door and to the most described, the proxy server list information having been switched on transmission is acted on behalf of net Close;

Described proxy gateway sends connection establishment request to the described proxy server having been switched on;

The described proxy server having been switched on receives the connection establishment request that described proxy gateway sends,

Control is set up with described proxy gateway by setting up the proxy server being connected the soonest with described proxy gateway Passage.

Alternatively,

Described proxy module, the generation of the lan device for being logged in described request by proxy server Reason gateway utilizes the control passage inquired, and sets up data channel, including:

The agency of the lan device that described proxy server is logged in described request by described control passage Gateway sends and sets up Data Channel Command;

The proxy gateway of the lan device that described request logs in sends to described proxy server and sets up data Channel request message;

Described proxy server receives described request message;

Described proxy server, described in find request log in lan device proxy gateway set up Data channel each other.

The present invention provides a kind of scheme, is used for solving under novel maintenance scene, and operation maintenance personnel can be by letter Single unified door entrance, the safe and efficient target accessed in operating environment under LAN environment sets Standby, and target device is without open port or installation agent program.

The present invention is by Agent as gateway, and Agent itself does not externally open, but based on reversely Agent skill group communicates with Portal, and managed device zero is invaded, and is ensureing that operation maintenance personnel the most advantageously accesses While equipment, can guarantee that again the safety of managed device network.

About reversed proxy server:

Common agency is commonly referred to as positive supply, is served only for the connection acting on behalf of internal network to external network Request, does not support the external network access request to internal network.When a proxy server can be acted on behalf of When main frame on external network accesses internal network, this agency is referred to as reverse proxy.

Fig. 6 indicates the operation principle of reversed proxy server:

Including client 601, Reverse Proxy 602, server 603;It can be seen that very Between real server 603 and client 601, also set up a server, referred to as reverse proxy service Device 602.

Reverse Proxy is set before real server, has a following effect:

Reverse Proxy is directly connected with client, then connects real server, can reduce true The load of real server, such as, if the content of client-access is buffered on Reverse Proxy, Proxy server just can directly send content to client, thus reduces the load of real server.

It addition, after real server is arranged on Reverse Proxy, client is when accessing, directly The information of the simply Reverse Proxy collected, this information just protecting real server and data, Block the attack of hacker, improve the safety of real server.

It is to say, in the present invention, Agent is equivalent to Reverse Proxy, and controlled in LAN Equipment is equivalent to real server;Portal is equivalent to client.

Client be contemplated to access LAN controlled device, use agent as agency reason be by Cannot be direct-connected in client and LAN device server, so agent to be passed through agency goes to forward communication number According to;Owing to agent does not open to the outside world for safety port, but client will be with agent agent communication Being necessary for interface channel, so being started port snoop by agent server here, agent having gone to set up Opposite direction connection, forms data channel, the most just can get through between client and LAN real server Communication.Agent the most just becomes Reverse Proxy.

The technology using reverse proxy accesses the scheme of managed device with realizing unified security, by this side Case can realize remote access with the lan device on operating environment efficiently.

One of ordinary skill in the art will appreciate that all or part of step in said method can pass through program Instructing related hardware to complete, described program can be stored in computer-readable recording medium, as read-only Memorizer, disk or CD etc..Alternatively, all or part of step of above-described embodiment can also use One or more integrated circuits realize.Correspondingly, each module/unit in above-described embodiment can use The form of hardware realizes, it would however also be possible to employ the form of software function module realizes.The present invention is not restricted to appoint The combination of the hardware and software of what particular form.

Certainly, the present invention also can have other various embodiments, spiritual and essence without departing substantially from the present invention In the case of, those of ordinary skill in the art work as can make various corresponding change and deformation according to the present invention, But these change accordingly and deform the scope of the claims that all should belong to the present invention.

Claims (11)

1. an equipment O&M method, it is characterised in that described method includes:
User accesses the built in agent server of door, builds as the proxy gateway of the gateway of lan device Vertical transmission each other controls the control passage of signaling;
Described user accesses door and receives the request of user operation lan device;
Described user accesses the proxy gateway of the lan device that door inquiry request logs in, and this agency The control passage that gateway is set up with described proxy server;
The proxy gateway of the lan device that described proxy server logs in described request utilizes and inquires Control passage, set up data channel;
User accesses door and passes through described by the user received to the operation data of described lan device The lan device that proxy server logs in via the request inquired described in the transmission extremely of described data channel Proxy gateway;
Described operation data are sent by the proxy gateway of the lan device that the described request inquired logs in The lan device of operation is asked to user.
2. the method for claim 1, it is characterised in that wherein, described proxy server, Described proxy gateway is set up transmission and is controlled the control passage of signaling, including:
Described proxy gateway accesses door to described user and sends inquiry message;
Described user accesses door and sends the proxy server list information having been switched on to described agency Gateway;
Described proxy gateway sends connection establishment request to the described proxy server having been switched on;
The described proxy server having been switched on receives the connection establishment request that described proxy gateway sends,
Control is set up with described proxy gateway by setting up the proxy server being connected the soonest with described proxy gateway Passage processed.
3. method as claimed in claim 1 or 2, it is characterised in that described proxy server, institute The proxy gateway stating the lan device that request logs in utilizes the control passage inquired, and sets up data and leads to Road, including:
The generation of the lan device that described proxy server is logged in described request by described control passage Reason gateway sends sets up Data Channel Command;
The proxy gateway of the lan device that described request logs in sends to described proxy server and sets up number According to channel request message;
Described proxy server receives described request message;
Described proxy server, described in find request log in lan device proxy gateway set up Data channel each other.
4. the method for claim 1, it is characterised in that described in inquire request log in The lan device of operation is asked in the transmission of described operation data by the proxy gateway of lan device to user, Including:
Described proxy gateway receives the packet that described proxy server sends;
Described packet is forwarded to described user and asks the lan device of operation by described proxy gateway.
5. an equipment operational system, it is characterised in that described system includes: the use of lan device Family accesses door, the proxy gateway of gateway as lan device, wherein,
Described user accesses door, passes for being set up by built-in proxy server and described proxy gateway The control passage of defeated control signaling;
Receive the request of user operation lan device;
The proxy gateway of lan device that inquiry request logs in, and this proxy gateway and described agency's clothes The control passage that business device is set up;
With the proxy gateway of the lan device that the described request inquired logs in, utilize the control inquired Passage, sets up data channel;
The operation data of described lan device are passed through described proxy server warp by the user received The proxy gateway of the lan device that the request inquired described in described data channel sends extremely logs in;
Described proxy gateway, for accessing door with described user, is accessed in door by described user Proxy server is set up transmission and is controlled the control passage of signaling;
The proxy gateway of the lan device that the described request inquired logs in, for by described operation data Transmission asks the lan device of operation to user.
6. system as claimed in claim 5, it is characterised in that
Described user accesses door, passes for being set up by built-in proxy server and described proxy gateway The control passage of defeated control signaling, including:
Described user accesses door and receives the inquiry message that described proxy gateway sends;
Described user accesses door and sends the proxy server list information having been switched on to described agency Gateway;
Described proxy gateway sends connection establishment request to the described proxy server having been switched on,
The described proxy server having been switched on receives the connection establishment request that described proxy gateway sends,
Control is set up with described proxy gateway by setting up the proxy server being connected the soonest with described proxy gateway Passage processed.
7. the system as described in claim 5 or 6, it is characterised in that
Described user accesses the proxy gateway of the lan device that door logs in the described request inquired, Utilize the control passage inquired, set up data channel, including:
Described proxy server pass through described in inquire control passage log in the described request inquired Lan device proxy gateway send set up Data Channel Command;
The proxy gateway of the lan device that described request logs in sends to described proxy server and sets up number According to channel request message;
The proxy gateway of the lan device that described proxy server, described request log in is set up each other Data channel.
8. system as claimed in claim 5, it is characterised in that
The proxy gateway of the lan device that the described request inquired logs in, for by described operation data Transmission asks the lan device of operation to user, including:
Described proxy gateway receives the packet that described proxy server sends;
Described packet is forwarded to described user and asks the lan device of operation by described proxy gateway.
9. the user of a lan device accesses door, it is characterised in that
Described user accesses door, including proxy module, and receiver module, enquiry module, described act on behalf of mould Block includes multiple proxy server;
Described proxy server controls letter with the proxy gateway foundation transmission of the gateway as lan device The control passage of order;
Described user accesses door, including:
Receiver module, for receiving the request of user operation lan device, and sets user's local area network Standby operation data are sent to described proxy server;
Enquiry module, for the proxy gateway of the lan device that inquiry request logs in, and this acts on behalf of net Close the control passage set up with described proxy server;
Described proxy module, the generation of the lan device for being logged in described request by proxy server Reason gateway utilizes the control passage inquired, and sets up data channel;To be received by proxy server User is operated data and is sent to the agency inquired by described data channel described lan device Gateway.
10. user as claimed in claim 9 accesses door, it is characterised in that
Described proxy server controls letter with the proxy gateway foundation transmission of the gateway as lan device The control passage of order, including:
Described proxy gateway accesses door to described user and sends inquiry message;
Described user accesses door and sends the proxy server list information having been switched on to described agency Gateway;
Described proxy gateway sends connection establishment request to the described proxy server having been switched on;
The described proxy server having been switched on receives the connection establishment request that described proxy gateway sends,
Control is set up with described proxy gateway by setting up the proxy server being connected the soonest with described proxy gateway Passage processed.
11. users as claimed in claim 9 access door, it is characterised in that
Described proxy module, the generation of the lan device for being logged in described request by proxy server Reason gateway utilizes the control passage inquired, and sets up data channel, including:
The generation of the lan device that described proxy server is logged in described request by described control passage Reason gateway sends sets up Data Channel Command;
The proxy gateway of the lan device that described request logs in sends to described proxy server and sets up number According to channel request message;
Described proxy server receives described request message;
Described proxy server, described in find request log in lan device proxy gateway set up Data channel each other.
CN201510334489.0A 2015-06-16 2015-06-16 Equipment operation and maintenance method and equipment operation and maintenance system CN106330479A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510334489.0A CN106330479A (en) 2015-06-16 2015-06-16 Equipment operation and maintenance method and equipment operation and maintenance system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510334489.0A CN106330479A (en) 2015-06-16 2015-06-16 Equipment operation and maintenance method and equipment operation and maintenance system
PCT/CN2016/074457 WO2016202007A1 (en) 2015-06-16 2016-02-24 Device operation and maintenance method and system

Publications (1)

Publication Number Publication Date
CN106330479A true CN106330479A (en) 2017-01-11

Family

ID=57544999

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510334489.0A CN106330479A (en) 2015-06-16 2015-06-16 Equipment operation and maintenance method and equipment operation and maintenance system

Country Status (2)

Country Link
CN (1) CN106330479A (en)
WO (1) WO2016202007A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030154306A1 (en) * 2002-02-11 2003-08-14 Perry Stephen Hastings System and method to proxy inbound connections to privately addressed hosts
US6665721B1 (en) * 2000-04-06 2003-12-16 International Business Machines Corporation Enabling a home network reverse web server proxy
CN101087224A (en) * 2006-06-08 2007-12-12 刘劲彤 A method for access to service at nodes after firewall

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6665721B1 (en) * 2000-04-06 2003-12-16 International Business Machines Corporation Enabling a home network reverse web server proxy
US20030154306A1 (en) * 2002-02-11 2003-08-14 Perry Stephen Hastings System and method to proxy inbound connections to privately addressed hosts
CN101087224A (en) * 2006-06-08 2007-12-12 刘劲彤 A method for access to service at nodes after firewall

Also Published As

Publication number Publication date
WO2016202007A1 (en) 2016-12-22

Similar Documents

Publication Publication Date Title
CN104243210B (en) The method and system of remote access router administration page
US9282163B2 (en) Method and system for remote activation and management of personal security devices
US20150249644A1 (en) Cloud-based security policy configuration
US9374389B2 (en) Method and system for ensuring an application conforms with security and regulatory controls prior to deployment
TWI545446B (en) A method and system for use with a public cloud network
US8296450B2 (en) Delegated network management system and method of using the same
CA2383247C (en) External access to protected device on private network
CN101361082B (en) System and method for secure remote desktop access
JP4928539B2 (en) Device for secure remote access
RU2533063C2 (en) Method to establish connection (versions), method to transfer data packet and system of remote access
US7308572B2 (en) Method of printing a document
US6374298B2 (en) System for performing remote operation between firewall-equipped networks or devices
US8997202B2 (en) System for secure transfer of information from an industrial control system network
CN102684939B (en) For the method and apparatus of the communication network monitoring of service-centric
US6970934B2 (en) System and method for connecting to a device on a protected network
EP2036305B1 (en) Communication network application activity monitoring and control
CN101083607B (en) Internet accessing server for inside and outside network isolation and its processing method
US8548132B1 (en) Lawful intercept trigger support within service provider networks
CN101952810B (en) Various methods and apparatuses for central station to allocate virtual IP addresses
US7280520B2 (en) Virtual wireless local area networks
CN102047262B (en) Authentication for distributed secure content management system
US7975024B2 (en) Virtual personal computer access over multiple network sites
US20160234343A1 (en) Client side redirection
CN103621028B (en) Control computer system, controller and the method for network access policies
US7143136B1 (en) Secure inter-company collaboration environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20170111