CN109412845A - Method, apparatus, computer equipment and the storage medium of equipment access network - Google Patents
Method, apparatus, computer equipment and the storage medium of equipment access network Download PDFInfo
- Publication number
- CN109412845A CN109412845A CN201811184211.XA CN201811184211A CN109412845A CN 109412845 A CN109412845 A CN 109412845A CN 201811184211 A CN201811184211 A CN 201811184211A CN 109412845 A CN109412845 A CN 109412845A
- Authority
- CN
- China
- Prior art keywords
- access device
- access
- centralized controller
- configuration
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0806—Configuration setting for initial configuration or provisioning, e.g. plug-and-play
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0889—Techniques to speed-up the configuration process
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/55—Push-based network services
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the present application provides method, apparatus, computer equipment and the storage medium of a kind of equipment access network.The described method includes: receiving the registration information of access device;Verify the registration information of access device;If access device obtains the classification of access device by verifying;Access configuration information is pushed to the access device according to the classification of access device, so that access device completes initial configuration according to access configuration information and to establish communication tunnel between different classes of access device.The embodiment of the present application may be implemented remotely and whenever and wherever possible to carry out initial configuration to access device, simplifies the process of configuration, reduces cost of labor, improves user experience;And communication tunnel is established between first kind access device and the second class access device, so that can be in communication with each other between first kind access device and the second class access device.
Description
Technical field
This application involves technical field of data processing more particularly to a kind of method, apparatus of equipment access network, computer
Equipment and storage medium.
Background technique
Management address, configuration is such as arranged using the process for having to pass through initial configuration in past enterprise network equipment restocking
(Secure Shell, remote shell protocol, aim at telnet session and other network services provide safety for SSH login
Agreement), information such as VLAN (Virtual Local Area Network, virtual LAN) etc., number of these work in concentration
According to center manually by platform processing easily, if being configured in distributed mechanisms throughout the country, need manpower and link up at
This is too big, while safety, standardization, accuracy and actual effect are unable to get guarantee.Have a heavy post mode on the market at present
It is assisted with modes such as USB flash disks, only simplifies configuration complexity, there is no solve problem above.Some using remote desktop and
Field Force, which cooperates, to implement, and solves the problems, such as safety, standardization, accuracy, but timeliness is very low, it is difficult to meet a large amount of
The demand of distributed deployment.
Summary of the invention
The embodiment of the present application provides method, apparatus, computer equipment and the storage medium of a kind of equipment access network, can be real
Now remotely the access configuration information of access device is pushed on access device, so that access device can carry out whenever and wherever possible
Initial configuration.
In a first aspect, the embodiment of the present application provides a kind of method of equipment access network, for being somebody's turn to do in Centralized Controller
Method includes:
The registration information of access device is received, the access device is added with the domain name of the Centralized Controller and is configured with
Network module, so that the access device can be connected after actuation based on the domain name of the network module and the Centralized Controller
It is connected to the Centralized Controller;It verifies the registration information of the access device and whether verifying is passed through with the determination access device;
If the access device obtains the classification of the access device by verifying;It is connect according to the classification of the access device to described
Enter equipment push access configuration information, so that the access device is completed initial configuration according to the access configuration information and made
It obtains and establishes communication tunnel between different classes of access device.
Second aspect, the embodiment of the invention also provides a kind of methods of equipment access network, are used in access device, institute
The method of stating includes:
When dispatching from the factory installation system, the domain name of Centralized Controller is added, and Configuration network module is so that the access
Equipment passes through network module after actuation and connects network;If connecting network, the domain name of the Centralized Controller of addition is obtained, to pass through
The domain name of the Centralized Controller connects the Centralized Controller;Registration information is sent to the Centralized Controller, to pass through
It states Centralized Controller and verifies the registration information, and after the registration information is by verifying, obtain the class of the access device
Not;The access configuration information that the Centralized Controller is pushed according to the classification of the access device is received, so that the access
Equipment completes initial configuration according to the access configuration information and to establish communication tunnel between different classes of access device
Road.
The third aspect, the embodiment of the invention provides a kind of device of equipment access network, which accesses the dress of network
It sets including for executing the corresponding unit of method described in above-mentioned first aspect, or including for executing above-mentioned second aspect institute
The corresponding unit of the method stated.
Fourth aspect, the embodiment of the invention provides a kind of computer equipment, the computer equipment includes memory, with
And the processor being connected with the memory;
The memory is for storing computer program, and the processor is for running the calculating stored in the memory
Machine program to execute method described in above-mentioned first aspect, or executes method described in above-mentioned second aspect.
5th aspect, the embodiment of the invention provides a kind of computer readable storage medium, the computer-readable storage
Media storage has computer program, when the computer program is executed by processor, realizes method described in above-mentioned first aspect,
Or realize method described in above-mentioned second aspect.
The embodiment of the present application adds domain name corresponding to Centralized Controller, setting when access device dispatches from the factory installation system
The network module of access device is to connect network by network module after access device starts, in connection network by concentrating control
After the domain name of device processed connects upper Centralized Controller, Centralized Controller is according to the classification of the access device by the access of access device
Configuration information is pushed on access device so that access device completes the configuration of initialization, so may be implemented it is long-range and with
When everywhere to access device carry out initial configuration, simplify the process of configuration, reduce cost of labor, improve user's body
It tests.And communication tunnel is established between first kind access device and the second class access device, so that first kind access device and second
It can be in communication with each other between class access device.
Detailed description of the invention
Fig. 1 is the application scenarios schematic diagram of the method for equipment access network provided by the embodiments of the present application;
Fig. 2 is the flow diagram of the method for equipment access network provided by the embodiments of the present application;
Fig. 3 is the sub-process schematic diagram of the method for equipment access network provided by the embodiments of the present application;
Fig. 4 is the sub-process schematic diagram of the method for equipment access network provided by the embodiments of the present application;
Fig. 5 is the flow diagram of the method for the equipment access network that another embodiment of the application provides;
Fig. 6 is the flow diagram of the method for the equipment access network that another embodiment of the application provides;
Fig. 7 is the schematic block diagram of the device of equipment access network provided by the embodiments of the present application;
Fig. 8 is the schematic block diagram of the device for the equipment access network that another embodiment of the application provides;
Fig. 9 is the schematic block diagram of the device for the equipment access network that another embodiment of the application provides;
Figure 10 is a kind of schematic block diagram of computer equipment provided by the embodiments of the present application.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete
Site preparation description, it is clear that described embodiment is some embodiments of the present application, instead of all the embodiments.Based on this Shen
Please in embodiment, every other implementation obtained by those of ordinary skill in the art without making creative efforts
Example, shall fall in the protection scope of this application.
The method of equipment access network in the embodiment of the present application is mainly used in distributed network, the distributed network
In at least be configured with a Centralized Controller, by the Centralized Controller can to access device carry out initial configuration, will
Access device is linked into distributed network.Wherein, access device can be the equipment such as router.Access device is also possible to it
His equipment.
Fig. 1 is the application scenarios schematic diagram of the method for equipment access network provided by the embodiments of the present application.In the applied field
Jing Zhong, including Centralized Controller, access device, wherein access device includes first kind access device, the second class access device.
First kind access device includes the equipment such as distribution router, and the second class access device includes accessing gateway equipment etc..The concentration
Controller, first kind access device, the second class access device are distributed in distributed network.Application is executed in Centralized Controller
The method of equipment access network in Centralized Controller, can integrate the configuration in the embodiment of the present application in the Centralized Controller
The device of arbitrary equipment access network in Centralized Controller.Wherein, which is corresponding with web interface, with convenient
The relevant information of access device is controlled and checked to the access configuration of access device and accessed by the first kind
The link information of equipment and the second class access device.It is executed in access device and the equipment in access device is applied to access network
Method, can integrate the arbitrary equipment access network being configured in access device in the embodiment of the present application in the access device
Device.
Access device is added to the domain name of Centralized Controller and is configured in access device when dispatching from the factory installation system
The network module of access device connects network so that the access device passes through network module after actuation.In Fig. 1, access
After equipment obtains the domain name of the Centralized Controller of addition and connects upper Centralized Controller, registration information is sent to Centralized Controller;
The registration information of Centralized Controller verifying access device;If the access device is matched by verifying to access device push access
Confidence breath specifically sends the first access configuration information to first kind access device, sends second to the second class access device and connect
Enter configuration information, so that first kind access device and the access of the second class are completed initial configuration according to access configuration information and made
Communication tunnel is established between first kind access device and the second class access device.
The method that network is accessed to the equipment in the embodiment of the present application from Centralized Controller and access device individually below
It is described in detail.
Fig. 2 is the flow diagram of the method for equipment access network provided by the embodiments of the present application, is applied to centralized control
In device.As shown in Fig. 2, this method includes S201-S204.
S201, receives the registration information of access device, domain name of the access device added with the Centralized Controller and
Configured with network module, so that the access device after actuation can be based on the network module and the Centralized Controller
Domain name is connected to the Centralized Controller.
The access device is added to the domain name of the Centralized Controller and is configured with network when dispatching from the factory installation system
Module is so that the access device connects network by network module after actuation, and obtains the domain of the Centralized Controller
Name, to connect the Centralized Controller.The registration information of access device include device model, equipment Serial Number, device manufacturer with
And initialized cryptographic data etc..The network module of access device is configured so that access device is connected by network module after actuation
Connect network, comprising: by WAN mouthfuls of access device of mode setting be the automatic address pattern that obtains to pass through after access device starts
WAN mouthfuls obtain the address that can connect network to connect network;Or default network module is integrated in access device, to connect
Pass through insertion with the matched network interface card of default network module to connect network after entering equipment starting.Wherein, WAN (Wide Area
Network) mouth is WAN port, is mainly used to connect external network, that is, connects the distributed network.It is set as obtaining automatically
Address pattern is the DHCP service for being arranged and opening access device.It configures access device to after obtaining address pattern automatically,
The IP address of available connection network after access device starting, to connect network by the IP address.Default network module can
To include LTE module, LTE module is integrated in access device, network can be connected by being inserted into LTE network interface card.Access is set
After standby connection network, so that it may the domain name for obtaining Centralized Controller, according to the available centralized control of the domain name of Centralized Controller
It is remotely registered to Centralized Controller after access device connects upper Centralized Controller according to the address of Centralized Controller the address of device.
Domain name corresponding to Centralized Controller in distributed network is always maintained at constant, which can receive in internet
The registration service etc. of access device.Wherein, access device includes first kind access device, such as distributed apparatus router;With
And the second class access device, such as accessing gateway equipment.In this way, being only inserted into and default network model after access device starting
The network interface card matched, or do nothing, it can even connect to the Net, and connection Centralized Controller, namely in access device
After starting, only insertion and the matched network interface card of default network model, or are done nothing, and can carry out making with postponing investment
With realizing plug and play.
S202 verifies the registration information of the access device with the determination access device and whether passes through verifying.
After receiving the registration information of access device, the registration information of the access device is verified, to avoid illegal
Access device be connected to Centralized Controller or be connected in the distributed network, safe prestige is caused to the distributed network
The side of body.
Specifically, as shown in figure 3, step S202 includes the following steps S301-S304.
S301 obtains the information of pre-stored access device.Centralized Controller can store multiple access devices in advance
The classification of information and multiple access devices.
S302, detect the access device registration information whether the information matches with pre-stored access device.I.e.
The registration information of access device is compared with the information of pre-stored access device.
S303, if the information matches of the registration information of the access device and pre-stored access device, it is determined that institute
It states access device and passes through verifying.Wherein, matching refers to that registration information exactly matches, i.e., registration information is identical.
S304, if the registration information of the access device and the information of pre-stored access device mismatch, it is determined that
The access device is unverified.Wherein, as long as registration information has a place inconsistent, that is, think to mismatch.
S203, if the access device obtains the classification of the access device by verifying.
The classification parameter of access device as described in obtaining, the classification of the access device is determined according to classification parameter.
S204 pushes access configuration information to the access device according to the classification of the access device, so that described connect
Enter equipment and completes initial configuration and to establish between different classes of access device to communicate according to the access configuration information
Tunnel.
Wherein, access configuration information includes the first access configuration information and the second access configuration information.It is accessed to the first kind
Equipment push the first access configuration information, to the second class access device push the second access configuration information, so that access device
Initial configuration is completed according to access configuration information, and to establish between first kind access device and the second class access device logical
Believe tunnel.
In one embodiment, as shown in figure 4, step S204 includes the following steps S401-S402.
S401 transfers corresponding access configuration information template according to the classification of the access device.
It include a series of configuration for completing access device initialization in corresponding access configuration information template.Wherein,
Before transferring corresponding access configuration information template, the individual cultivation item in corresponding access configuration information template need to be set
Value.It should be noted that access configuration information template is made of command code.These command codes may be implemented access and set
Standby initial configuration.Individual cultivation item is some configuration items that each access device is different from other access devices.It will be complete
It is write as template at a series of configuration that access device initializes, each access device is configured with facilitating, improve configuration
Efficiency.
S402, Xiang Suoshu access device push corresponding access configuration information template, so that access device is according to corresponding
Access configuration information template completes initial configuration and to establish communication tunnel between different classes of access device.
After value provided with the individual cultivation item in corresponding access configuration information template, pushes and be arranged to access device
Access configuration information template afterwards, to complete the initial configuration of access device, and makes between different classes of access device
Establish communication tunnel, such as VPN traffic tunnel.
It include the first access configuration information template and the second access configuration information mould in corresponding access configuration information template
Plate.Corresponding first kind access device is the first access configuration information template;Corresponding second class access device is the second access
Configuration information template.
Specifically, it if it is first kind access device that step S402, which includes: the access device, is pushed away to first kind access device
The first access configuration information template is sent, is matched so that first kind access device completes initialization according to the first access configuration information template
It sets, wherein include secure tunnel configuration in the first access configuration information template;If the access device is the second class, access is set
It is standby, to the second class access device push the second access configuration information template, so that the second class access device is matched according to the second access
It sets information model and completes initial configuration, wherein include secure tunnel configuration in the second access configuration information template, receive the
A kind of equipment establishes the configuration of tunnel access, so that establishing communication tunnel between first kind equipment and the second class equipment.
As included configuration access device title, the affiliated network segment information of access device, net in the first access configuration information template
Address information, access vlan information are closed, configuration cryptographic protocol, encryption type, encryption level etc. are (it can be appreciated that encryption length
Degree, such as 256,1024, encryption length it is longer, be more difficult to crack), configure 3A authentication information, Configuration network time protocol NTP
(Network Time Protocol), configuration management address are to log on the access device, configuration access by the management address
Strategy (such as including configuration can access or cannot access which resource in the distributed network), configuration QoS (Quality
Of Service, service quality) information, configuration link detection function (i.e. configuration access device whether can detecte link-quality,
And be sent to Centralized Controller), configure using identification and the configuration of application routing policy (configuration application identification library, using feature etc.,
Select routing policy etc. using and according to application to identify), (one tunnel of configuration, is built by the tunnel for secure tunnel configuration
The vertical interface channel with the second class access device, and the data for being accomplished by the tunnel are encrypted, and it is logical such as to establish VPN
Road), access authentication configuration (such as configuration open certification as security domain certification).Wherein, individual cultivation item includes access device
The affiliated network segment information of title, access device, gateway address information, access vlan information, configuration cryptographic protocol, add encryption type
Level of confidentiality not Deng, configuration access strategy etc..It is to be understood that accessing configuration information first for each first kind access device
These individual cultivation items can be set in template.
Since the second class access device is accessing gateway equipment, in addition to having identical match with first kind access device
It sets, further includes configuration and and the association with Centralized Controller for receiving distributed access outside configuration information as mentioned in the text
View configuration etc..The configuration of distribution access can be understood as establishing the configuration of tunnel access, namely receive the foundation of first kind equipment
The configuration of tunnel access, establishes communication tunnel between first kind access device and the second class access device to allow, such as the channel VPN,
So that carrying out end to end communication by the communication tunnel established between first kind access device and the second class access device.It can be with
Understand ground, in the present embodiment, first kind access device include it is multiple, the second class access device may include one, i.e., multiple the
A kind of access device is communicated with the second class access device foundation.By the protocol configuration with Centralized Controller so that concentrating
Controller can be communicated with the second class access device.With the protocol configuration of Centralized Controller, including configuration Transmission Control Protocol, UDP
Agreement etc..It is to be appreciated that after carrying out protocol configuration, the communication and second between Centralized Controller and the second class access device
It is different after the starting of class access device with the communication of Centralized Controller.Second class access device starting after with Centralized Controller
Communication is to configure the second class access device to allow the second class access device to access distributed network;And carry out protocol configuration
Afterwards, the communication between Centralized Controller and the second class access device is the positive normal open in distributed network between two distinct devices
Letter.
It completes above matching to postpone, first kind access device can be communicated with the second class access device, the second class
Access device is communicated with Centralized Controller, in this way, being connect by the process that Centralized Controller can be checked in whole network
Enter link information and the relevant information of multiple access devices etc. of equipment.
Fig. 5 is the flow diagram of the method for the equipment access network that another embodiment of the application provides, and is applied to concentrate
In controller.As shown in figure 5, this method includes S501-S506.Wherein, the difference of the embodiment and Fig. 2 embodiment,
In: increase step S505-S506.Below will main explanation and Fig. 2 embodiment difference, other the step of please refer to figure
Description in 2 embodiments, details are not described herein.
S505, reception check instruction to check that first kind access device and the second class access device are checked in instruction according to
Initial configuration information and by the first kind access device and the second class access device link information.
That is instruction is checked in Centralized Controller reception, and first kind access device and the access of the second class are checked on Centralized Controller
The relevant information of equipment.Specifically, which is corresponding with web interface, with facilitate the access to access device configure into
Row control and check the relevant information of access device and by the first kind access device and the second class access device
Link information.Since the first kind equipment after completion initial configuration can be communicated with the second class access device, the second class
Access device is communicated with Centralized Controller, in this way, being connect by the process that Centralized Controller can be checked in whole network
Enter link information and the relevant information of multiple access devices etc. of equipment.
S506 positions the first kind access device and described the by the initial configuration information and link information
The two running exceptions of class access device.
It is as abnormal in shown in some link information, then can check is which access device situation etc. occurs.
Fig. 6 is the flow diagram of the method for the equipment access network that another embodiment of the application provides, and is applied to access
In equipment.As shown in fig. 6, this approach includes the following steps S601-S604.
S601 adds the domain name of Centralized Controller, and Configuration network module is so that described when dispatching from the factory installation system
Access device passes through network module after actuation and connects network.
Wherein, access device Configuration network module connects net so that the access device passes through network module after actuation
Network, comprising: the mode setting of access device WAN (Wide Area Network, wide area network) mouth is obtained into address pattern to be automatic
To obtain the address that can connect network by WAN mouthfuls after access device starts to connect network;Or in access device
Integrated default network module, to connect net with the matched network interface card of default network module by insertion after access device starts
Network.Wherein, default network module includes LTE module.In this way, being only inserted into and default network model after access device starting
The network interface card matched, or do nothing, it can even connect to the Net, and connection Centralized Controller.
S602, if connection network, obtains the domain name of the Centralized Controller of addition, to pass through the domain name of the Centralized Controller
Connect the Centralized Controller.
Domain name corresponding to Centralized Controller in distributed network is always maintained at constant.After access device connects network,
The domain name that Centralized Controller can be obtained, according to the address of the available Centralized Controller of the domain name of Centralized Controller, access
Equipment connects Centralized Controller according to the address of Centralized Controller.
S603, Xiang Suoshu Centralized Controller send registration information, to verify the registration letter by the Centralized Controller
Breath, and after the registration information is by verifying, obtain the classification of the access device.
It is registered to Centralized Controller sending device model, equipment Serial Number, device manufacturer and initialized cryptographic data etc.
Information, so that Centralized Controller access device information according to the pre-stored data is matched with received registration information, if
With success, it is determined that by verifying, Centralized Controller obtains the classification of access device.If matching unsuccessful, it is determined that access is set
It is standby unverified.Unverified access device does not allow access in distributed network, to avoid to distributed network
Cause security threat.
S604 receives the access configuration information that the Centralized Controller is pushed according to the classification of the access device, so that
The access device is obtained to complete initial configuration according to the access configuration information and make between different classes of access device
Establish communication tunnel.
Wherein, access device includes first kind access device, such as distributed apparatus router;And second class access set
It is standby, such as accessing gateway equipment.Accessing configuration information includes the first access configuration information and the second access configuration information.It receives to
First access configuration information of a kind of access device push, the second access configuration information pushed to the second class access device, with
So that access device completes initial configuration according to access configuration information, and first kind access device and the second class are accessed and set
Communication tunnel is established between standby.
Specifically, the access device is completed initial configuration according to the access configuration information and is made different classes of
The principle that communication tunnel is established between access device is described in detail in Fig. 2 embodiment, and details are not described herein.It needs
Illustrate, the content in this method embodiment is consistent with the content in above embodiment of the method, does not have in the present embodiment
The content mentioned, can be referring to the description in embodiment of the method above.
Fig. 7 is the schematic block diagram of the device of equipment access network provided by the embodiments of the present application.The device includes being used for
Execute unit corresponding to the above-mentioned method applied to the equipment access network in Centralized Controller.Specifically, as shown in fig. 7,
The device 70 includes registration receiving unit 701, authentication unit 702, classification acquiring unit 703 and access unit 704.
Receiving unit 701 is registered, for receiving the registration information of access device, the access device is added with the concentration
The domain name of controller and be configured with network module so that the access device can be based on the network module and institute after actuation
The domain name for stating Centralized Controller is connected to the Centralized Controller.
Whether authentication unit 702 is passed through for verifying the registration information of the access device with the determination access device
Verifying.
Wherein, the authentication unit 702 includes: information acquisition unit, for obtaining the letter of pre-stored access device
Breath;Matching unit, for detect the access device registration information whether the information matches with pre-stored access device;
Determination unit, if for the registration information of the access device and the information matches of pre-stored access device, it is determined that institute
It states access device and passes through verifying;Determination unit, if be also used to the access device registration information and it is pre-stored access set
Standby information mismatches, it is determined that the access device is unverified.
Classification acquiring unit 703, if obtaining the classification of the access device by verifying for the access device.
Access unit 704, for pushing access configuration information to the access device according to the classification of the access device,
So that the access device according to the access configuration information complete initial configuration and make different classes of access device it
Between establish communication tunnel.
In one embodiment, access unit 704 includes: to transfer setting unit and access configuration unit.Wherein, setting is transferred
Unit transfers corresponding access configuration information template for the classification according to the access device.Configuration unit is accessed, is used for
Corresponding access configuration information template is pushed to the access device, so that access device is according to corresponding access configuration information mould
Plate completes initial configuration and to establish communication tunnel between different classes of access device.In one embodiment, access is matched
Setting unit includes the first access configuration unit and the second access configuration unit.Wherein, the first access configuration unit, if for described
Access device is first kind access device, to first kind access device push the first access configuration information template, so that the first kind
Access device completes initial configuration according to the first access configuration information template, wherein wraps in the first access configuration information template
Secure tunnel configuration is included.Second access configuration unit, if being the second class access device for the access device, to the second class
Access device push the second access configuration information template, so that the second class access device is complete according to the second access configuration information template
At initial configuration, wherein include secure tunnel configuration in the second access configuration information template, receive the foundation of first kind equipment
The configuration of tunnel access, so that establishing communication tunnel between first kind equipment and the second class equipment.
It wherein, further include with the protocol configuration of the Centralized Controller so that described in the second access configuration information template
Centralized Controller can be communicated with the second class access device.It completes and postpones matching for access device, first kind access device
It can be communicated with the second class access device, the second class access device is communicated with Centralized Controller, in this way, passing through concentration
Controller can check in whole network by the link information of access device and relevant information of multiple access devices etc..
Fig. 8 is the schematic block diagram of the device of equipment access network provided by the embodiments of the present application.The device includes being used for
Execute unit corresponding to the above-mentioned method applied to the equipment access network in Centralized Controller.Specifically, as shown in figure 8,
The device 80 includes registration receiving unit 801, authentication unit 802, classification acquiring unit 803, access unit 804, checks unit
805 and abnormal positioning unit 806.The difference of the embodiment and embodiment shown in Fig. 7 is: increase check unit 805,
Abnormal positioning unit 806.Check that unit 805, abnormal positioning unit 806, other units please refer to Fig. 7 embodiment with regard to introducing below
In description.
It checks unit 805, checks instruction for receiving to check that first kind access device and the are checked in instruction according to
The initial configuration information of two class access devices and the link for passing through the first kind access device and the second class access device
Information.
Abnormal positioning unit 806, for positioning the first kind by the initial configuration information and link information
Access device and the running exception of the second class access device.
Fig. 9 is the schematic block diagram of the device for the equipment access network that another embodiment of the application provides, and is applied to access
In equipment.Specifically, as shown in figure 9, the device 90 include factory configuration unit 901, connection unit 902, transmission unit 903 with
And push receiving unit 904.
Factory configuration unit 901, for adding the domain name of Centralized Controller, and configure net when dispatching from the factory installation system
Network module connects network so that the access device passes through network module after actuation.
Connection unit 902, if the domain name of the Centralized Controller of addition is obtained, to pass through the concentration for connecting network
The domain name of controller connects the Centralized Controller.
Transmission unit 903, for sending registration information to the Centralized Controller, to be verified by the Centralized Controller
The registration information, and after the registration information is by verifying, obtain the classification of the access device.
Receiving unit 904 is pushed, is connect for receiving the Centralized Controller according to what the classification of the access device pushed
Enter configuration information, so that the access device is completed initial configuration according to the access configuration information and made different classes of
Access device between establish communication tunnel.
It should be noted that it is apparent to those skilled in the art that, the tool of above-mentioned apparatus and each unit
Body realizes process, can be no longer superfluous herein with reference to the corresponding description in preceding method embodiment, for convenience of description and succinctly
It states.
Above-mentioned apparatus can be implemented as a kind of form of computer program, and computer program can be in meter as shown in Figure 10
It calculates and is run on machine equipment.
Figure 10 is a kind of schematic block diagram of computer equipment provided by the embodiments of the present application.The equipment is that terminal etc. is set
It is standby, such as Centralized Controller.The equipment 100 includes that processor 102, memory and the network connected by system bus 101 connects
Mouth 103, wherein memory may include non-volatile memory medium 104 and built-in storage 105.
The non-volatile memory medium 104 can storage program area 1041 and computer program 1042.This is non-volatile to deposit
, it can be achieved that described in above-mentioned Centralized Controller when the computer program 1042 stored in storage media is executed by processor 102
The method of equipment access network.The processor 102 supports the operation of whole equipment 100 for providing calculating and control ability.It should
Built-in storage 105 provides environment for the operation of the computer program in non-volatile memory medium, and the computer program is processed
When device 102 executes, processor 102 may make to execute the method that equipment described in above-mentioned Centralized Controller accesses network.The net
Network interface 103 is for carrying out network communication.It will be understood by those skilled in the art that structure shown in Figure 10, only and originally
The block diagram of the relevant part-structure of application scheme does not constitute the restriction for the equipment 100 being applied thereon to application scheme,
Specific equipment 100 may include perhaps combining certain components than more or fewer components as shown in the figure or having difference
Component layout.
Wherein, the processor 102 is for running computer program stored in memory, to realize following steps:
The registration information of access device is received, the access device is added with the domain name of the Centralized Controller and is configured with
Network module, so that the access device can be connected after actuation based on the domain name of the network module and the Centralized Controller
It is connected to the Centralized Controller;It verifies the registration information of the access device and whether verifying is passed through with the determination access device;
If the access device obtains the classification of the access device by verifying;It is connect according to the classification of the access device to described
Enter equipment push access configuration information, so that the access device is completed initial configuration according to the access configuration information and made
It obtains and establishes communication tunnel between different classes of access device.
In one embodiment, the processor 102 is executing the classification according to the access device to the access
Equipment push access configuration information, so that the access device is completed initial configuration according to the access configuration information and made
When establishing the step of communication tunnel between different classes of access device, it is implemented as follows step:
According to the classification of the access device, corresponding access configuration information template is transferred;It is pushed to the access device
Corresponding access configuration information template so that access device according to corresponding access configuration information template complete initial configuration and
So that establishing communication tunnel between different classes of access device.
In one embodiment, the access device includes first kind access device and the second class access device, is respectively corresponded
First access configuration information template and the second access configuration information template, the processor 102 are described to the access in execution
Equipment pushes corresponding access configuration information template, so that access device is completed initially according to corresponding access configuration information template
When changing configuration and to establish the step of communication tunnel between different classes of access device, it is implemented as follows step:
If the access device is first kind access device, to first kind access device push the first access configuration information mould
Plate, so that first kind access device completes initial configuration according to the first access configuration information template, wherein first access
It include secure tunnel configuration in configuration information template;If the access device is the second class access device, accessed to the second class
Equipment push the second access configuration information template, so that the second class access device is completed just according to the second access configuration information template
Beginningization configuration, wherein include secure tunnel configuration in the second access configuration information template, receive the foundation of first kind equipment
The configuration of tunnel access, so that establishing communication tunnel between first kind equipment and the second class equipment.
In one embodiment, the processor 102 is the step of executing the registration information of the verifying access device
When, it is implemented as follows step:
Obtain the information of pre-stored access device;Detect the access device registration information whether be stored in advance
Access device information matches;If the information matches of the registration information of the access device and pre-stored access device,
Then determine that the access device passes through verifying;If the information of the registration information of the access device and pre-stored access device
It mismatches, it is determined that the access device is unverified.
In one embodiment, the access device includes first kind access device and the second class access device, and described second
It further include with the protocol configuration of the Centralized Controller so that the centralized control in the access configuration information of class access device
Device can be communicated with the second class access device, and the processor 102 is also implemented as follows step:
Receive check instruction with checked according to instruction check first kind access device and the second class access device at the beginning of
Beginningization configuration information and the link information for passing through the first kind access device and the second class access device;By described initial
Change configuration information and link information positions the first kind access device and the running exception of the second class access device.
Another embodiment of the present invention additionally provides a kind of schematic block diagram of computer equipment.In the present embodiment, described
Equipment is access device, such as router.Figure 10 specifically is please referred to, which includes and computer equipment shown in Figure 10
Identical structure.The difference of the computer equipment and computer equipment shown in Figure 10 is, non-volatile in the computer equipment
, it can be achieved that the equipment realized in above-mentioned access device when the computer program that storage medium is stored is executed by processor 102
The method for accessing network.
Wherein, the processor 102 is for running computer program stored in memory, to realize following steps:
When dispatching from the factory installation system, the domain name of Centralized Controller is added, and Configuration network module is so that the access
Equipment passes through network module after actuation and connects network;If connecting network, the domain name of the Centralized Controller of addition is obtained, to pass through
The domain name of the Centralized Controller connects the Centralized Controller;Registration information is sent to the Centralized Controller, to pass through
It states Centralized Controller and verifies the registration information, and after the registration information is by verifying, obtain the class of the access device
Not;The access configuration information that the Centralized Controller is pushed according to the classification of the access device is received, so that the access
Equipment completes initial configuration according to the access configuration information and to establish communication tunnel between different classes of access device
Road.
It should be appreciated that alleged processor 102 can be central processing unit (Central in computer equipment embodiment
Processing Unit, CPU), which can also be other general processors, digital signal processor (Digital
Signal Processor, DSP), specific integrated circuit (application program lication Specific Integrated
Circuit, ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other can
Programmed logic device, discrete gate or transistor logic, discrete hardware components etc..General processor can be microprocessor
Or the processor is also possible to any conventional processor etc..
Those of ordinary skill in the art will appreciate that be realize above-described embodiment method in all or part of the process,
It is that relevant hardware can be instructed to complete by computer program.The computer program can be stored in a storage medium,
The storage medium can be computer readable storage medium.The computer program is by the processing of at least one of the computer system
Device executes, to realize the process step of the embodiment of the above method.
Therefore, present invention also provides a kind of storage mediums.The storage medium can be computer readable storage medium.It should
Storage medium is stored with computer program, which performs the steps of when being executed by a processor
The registration information of access device is received, the access device is added with the domain name of the Centralized Controller and is configured with
Network module, so that the access device can be connected after actuation based on the domain name of the network module and the Centralized Controller
It is connected to the Centralized Controller;It verifies the registration information of the access device and whether verifying is passed through with the determination access device;
If the access device obtains the classification of the access device by verifying;It is connect according to the classification of the access device to described
Enter equipment push access configuration information, so that the access device is completed initial configuration according to the access configuration information and made
It obtains and establishes communication tunnel between different classes of access device.
In one embodiment, the processor is executing the classification according to the access device to the access device
Push access configuration information, so that the access device completes initial configuration according to the access configuration information and makes difference
When establishing the step of communication tunnel between the access device of classification, it is implemented as follows step:
According to the classification of the access device, corresponding access configuration information template is transferred;It is pushed to the access device
Corresponding access configuration information template so that access device according to corresponding access configuration information template complete initial configuration and
So that establishing communication tunnel between different classes of access device.
In one embodiment, the access device includes first kind access device and the second class access device, is respectively corresponded
First access configuration information template and the second access configuration information template, the processor are described to the access device in execution
Corresponding access configuration information template is pushed, is matched so that access device completes initialization according to corresponding access configuration information template
When setting and to establish the step of communication tunnel between different classes of access device, it is implemented as follows step:
If the access device is first kind access device, to first kind access device push the first access configuration information mould
Plate, so that first kind access device completes initial configuration according to the first access configuration information template, wherein first access
It include secure tunnel configuration in configuration information template;If the access device is the second class access device, accessed to the second class
Equipment push the second access configuration information template, so that the second class access device is completed just according to the second access configuration information template
Beginningization configuration, wherein include secure tunnel configuration in the second access configuration information template, receive the foundation of first kind equipment
The configuration of tunnel access, so that establishing communication tunnel between first kind equipment and the second class equipment.
In one embodiment, the processor is when executing the step of registration information of the verifying access device,
It is implemented as follows step:
Obtain the information of pre-stored access device;Detect the access device registration information whether be stored in advance
Access device information matches;If the information matches of the registration information of the access device and pre-stored access device,
Then determine that the access device passes through verifying;If the information of the registration information of the access device and pre-stored access device
It mismatches, it is determined that the access device is unverified.
In one embodiment, the access device includes first kind access device and the second class access device, and described second
It further include with the protocol configuration of the Centralized Controller so that the centralized control in the access configuration information of class access device
Device can be communicated with the second class access device, and the processor is also implemented as follows step:
Receive check instruction with checked according to instruction check first kind access device and the second class access device at the beginning of
Beginningization configuration information and the link information for passing through the first kind access device and the second class access device;By described initial
Change configuration information and link information positions the first kind access device and the running exception of the second class access device.
A kind of storage medium is additionally provided in another embodiment of the invention, and the storage medium is stored with computer journey
Sequence, the computer program perform the steps of when being executed by a processor
When dispatching from the factory installation system, the domain name of Centralized Controller is added, and Configuration network module is so that the access
Equipment passes through network module after actuation and connects network;If connecting network, the domain name of the Centralized Controller of addition is obtained, to pass through
The domain name of the Centralized Controller connects the Centralized Controller;Registration information is sent to the Centralized Controller, to pass through
It states Centralized Controller and verifies the registration information, and after the registration information is by verifying, obtain the class of the access device
Not;The access configuration information that the Centralized Controller is pushed according to the classification of the access device is received, so that the access
Equipment completes initial configuration according to the access configuration information and to establish communication tunnel between different classes of access device
Road.
The storage medium can be USB flash disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), magnetic disk
Or the various computer readable storage mediums that can store program code such as CD.
In several embodiments provided herein, it should be understood that disclosed device, device and method, it can be with
It realizes by another way.For example, the apparatus embodiments described above are merely exemplary, the division of the unit,
Only a kind of logical function partition, there may be another division manner in actual implementation.Those skilled in the art can be with
It is well understood, for convenience of description and succinctly, the specific work process of the device of foregoing description, equipment and unit can
With with reference to the corresponding process in preceding method embodiment, details are not described herein.The above, the only specific embodiment party of the application
Formula, but the protection scope of the application is not limited thereto, and anyone skilled in the art discloses in the application
In technical scope, various equivalent modifications or substitutions can be readily occurred in, these modifications or substitutions should all cover the guarantor in the application
Within the scope of shield.Therefore, the protection scope of the application should be subject to the protection scope in claims.
Claims (10)
1. a kind of method of equipment access network, in Centralized Controller, which is characterized in that the described method includes:
The registration information of access device is received, the access device is added with the domain name of the Centralized Controller and is configured with network
Module, so that the access device can be connected to after actuation based on the domain name of the network module and the Centralized Controller
The Centralized Controller;
It verifies the registration information of the access device and whether verifying is passed through with the determination access device;
If the access device obtains the classification of the access device by verifying;
According to the classification of the access device to the access device push access configuration information so that the access device according to
The access configuration information completes initial configuration and to establish communication tunnel between different classes of access device.
2. the method according to claim 1, wherein the classification according to the access device is to the access
Equipment push access configuration information, so that the access device is completed initial configuration according to the access configuration information and made
Communication tunnel is established between different classes of access device, comprising:
According to the classification of the access device, corresponding access configuration information template is transferred;
Corresponding access configuration information template is pushed to the access device, so that access device matches confidence according to corresponding access
Breath template completes initial configuration and to establish communication tunnel between different classes of access device.
3. according to the method described in claim 2, it is characterized in that, the access device includes first kind access device and second
Class access device respectively corresponds the first access configuration information template and the second access configuration information template, described to the access
Equipment pushes corresponding access configuration information template, so that access device is completed initially according to corresponding access configuration information template
Change configuration and to establish communication tunnel between different classes of access device, comprising:
If the access device is first kind access device, configuration information template is accessed to first kind access device push first,
So that first kind access device completes initial configuration according to the first access configuration information template, wherein first access is matched
Setting in information model includes secure tunnel configuration;
If the access device is the second class access device, configuration information template is accessed to the second class access device push second,
So that the second class access device completes initial configuration according to the second access configuration information template, wherein second access is matched
Setting includes that secure tunnel configures, receives the configuration that first kind equipment establishes tunnel access in information model, so that the first kind
Communication tunnel is established between equipment and the second class equipment.
4. the method according to claim 1, wherein the registration information of the verifying access device, comprising:
Obtain the information of pre-stored access device;
Detect the access device registration information whether the information matches with pre-stored access device;
If the information matches of the registration information of the access device and pre-stored access device, it is determined that the access device
Pass through verifying;
If the registration information of the access device and the information of pre-stored access device mismatch, it is determined that the access is set
It is standby unverified.
5. the method according to claim 1, wherein the access device includes first kind access device and second
Class access device further includes the protocol configuration with the Centralized Controller in the access configuration information of the second class access device
So that the Centralized Controller can be communicated with the second class access device, the method also includes:
Reception checks instruction to check that the initialization of first kind access device and the second class access device is checked in instruction according to
Configuration information and the link information for passing through the second class of first kind access device access device;
The first kind access device and second class access are positioned by the initial configuration information and link information
The running exception of equipment.
6. a kind of method of equipment access network, in access device, which comprises
When dispatching from the factory installation system, the domain name of Centralized Controller is added, and Configuration network module is so that the access device
Network is connected by network module after actuation;
If connecting network, the domain name of the Centralized Controller of addition is obtained, by described in the connection of the domain name of the Centralized Controller
Centralized Controller;
Registration information is sent to the Centralized Controller, to verify the registration information by the Centralized Controller, and in institute
After registration information is stated by verifying, the classification of the access device is obtained;
The access configuration information that the Centralized Controller is pushed according to the classification of the access device is received, so that the access
Equipment completes initial configuration according to the access configuration information and to establish communication tunnel between different classes of access device
Road.
7. a kind of device of equipment access network, which is characterized in that the device of the equipment access network includes:
Receiving unit is registered, for receiving the registration information of access device, the access device is added with the Centralized Controller
Domain name and be configured with network module so that the access device can be based on the network module and the concentration after actuation
The domain name of controller is connected to the Centralized Controller;
Whether authentication unit passes through verifying for verifying the registration information of the access device with the determination access device;
Classification acquiring unit, if obtaining the classification of the access device by verifying for the access device;
Access unit, for pushing access configuration information to the access device according to the classification of the access device, so that institute
Access device is stated to complete initial configuration according to the access configuration information and to establish between different classes of access device
Communication tunnel.
8. a kind of device of equipment access network, which is characterized in that the device of the equipment access network includes:
Dispatch from the factory configuration unit, for when dispatching from the factory installation system, add the domain name of Centralized Controller, and Configuration network module with
So that the access device passes through network module after actuation and connects network;
Connection unit, if obtaining the domain name of the Centralized Controller of addition for connecting network, to pass through the Centralized Controller
Domain name connects the Centralized Controller;
Transmission unit, for sending registration information to the Centralized Controller, to verify the note by the Centralized Controller
Volume information, and after the registration information is by verifying, obtain the classification of the access device;
Receiving unit is pushed, confidence is matched according to the access that the classification of the access device pushes for receiving the Centralized Controller
Breath, so that the access device completes initial configuration according to the access configuration information and sets different classes of access
Communication tunnel is established between standby.
9. a kind of computer equipment, which is characterized in that the computer equipment includes memory, and is connected with the memory
Processor;
The memory is for storing computer program;The processor is for running the computer journey stored in the memory
Sequence, to execute the method according to claim 1 to 5 or method as claimed in claim 6.
10. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage has computer journey
Sequence when the computer program is executed by processor, realizes the method according to claim 1 to 5 or as right is wanted
Method described in asking 6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811184211.XA CN109412845A (en) | 2018-10-11 | 2018-10-11 | Method, apparatus, computer equipment and the storage medium of equipment access network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811184211.XA CN109412845A (en) | 2018-10-11 | 2018-10-11 | Method, apparatus, computer equipment and the storage medium of equipment access network |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109412845A true CN109412845A (en) | 2019-03-01 |
Family
ID=65467013
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811184211.XA Withdrawn CN109412845A (en) | 2018-10-11 | 2018-10-11 | Method, apparatus, computer equipment and the storage medium of equipment access network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109412845A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111148102A (en) * | 2019-12-31 | 2020-05-12 | 京信通信系统(中国)有限公司 | Network authentication method, device, computer equipment and storage medium |
CN111913074A (en) * | 2020-08-06 | 2020-11-10 | 浙江华电器材检测研究所有限公司 | Power distribution automation equipment detection method and system |
-
2018
- 2018-10-11 CN CN201811184211.XA patent/CN109412845A/en not_active Withdrawn
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111148102A (en) * | 2019-12-31 | 2020-05-12 | 京信通信系统(中国)有限公司 | Network authentication method, device, computer equipment and storage medium |
CN111148102B (en) * | 2019-12-31 | 2024-01-30 | 京信网络系统股份有限公司 | Network authentication method, device, computer equipment and storage medium |
CN111913074A (en) * | 2020-08-06 | 2020-11-10 | 浙江华电器材检测研究所有限公司 | Power distribution automation equipment detection method and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8724515B2 (en) | Configuring a secure network | |
US8898750B2 (en) | Connecting remote and local networks using an identification device associated with the remote network | |
CN101919278B (en) | Wireless device authentication using digital certificates | |
US8650311B2 (en) | Client device configured to connect with a home network | |
CN107493280A (en) | Method, intelligent gateway and the certificate server of user authentication | |
EP2530900B1 (en) | Network security parameter generation and distribution | |
US8665753B2 (en) | Simultaneous setup of a wireless network adapter and a network host device | |
CN107018127A (en) | The Internet of Things virtual gateway and node access authentication method of a kind of compatible various protocols | |
US11963007B2 (en) | Facilitating residential wireless roaming via VPN connectivity over public service provider networks | |
CN104243210A (en) | Method and system for remotely having access to administrative web pages of routers | |
CN110266576A (en) | Audio communication method and device | |
CN106209838A (en) | The IP cut-in method of SSL VPN and device | |
CN104704789A (en) | Network authentication | |
CN106656547A (en) | Method and apparatus for updating network configuration of household electrical appliances | |
CN106027565A (en) | PPPOE (Point-to-Point Protocol over Ethernet)-based Intranet-Extranet uniform authentication method and device | |
CN109495503A (en) | A kind of SSL VPN authentication method, client, server and gateway | |
CN108989039A (en) | Certificate acquisition method and device | |
CN109412845A (en) | Method, apparatus, computer equipment and the storage medium of equipment access network | |
CN108347353A (en) | Network collocating method, apparatus and system | |
CN111385180A (en) | Communication tunnel construction method, device, equipment and medium | |
CN108322366A (en) | Access the methods, devices and systems of network | |
WO2014044218A2 (en) | Plug-and-play network element, system, and access method | |
CN106416146A (en) | Communication apparatus, communication method, and communication system | |
CN108234119A (en) | A kind of digital certificate management method and platform | |
CN110247846A (en) | A kind of method for routing and route device of Virtual Private Network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20190301 |