CN109412845A - Method, apparatus, computer equipment and the storage medium of equipment access network - Google Patents

Method, apparatus, computer equipment and the storage medium of equipment access network Download PDF

Info

Publication number
CN109412845A
CN109412845A CN201811184211.XA CN201811184211A CN109412845A CN 109412845 A CN109412845 A CN 109412845A CN 201811184211 A CN201811184211 A CN 201811184211A CN 109412845 A CN109412845 A CN 109412845A
Authority
CN
China
Prior art keywords
access device
access
centralized controller
configuration
equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201811184211.XA
Other languages
Chinese (zh)
Inventor
方皓
何云
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Technology Shenzhen Co Ltd
Original Assignee
Ping An Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Technology Shenzhen Co Ltd filed Critical Ping An Technology Shenzhen Co Ltd
Priority to CN201811184211.XA priority Critical patent/CN109412845A/en
Publication of CN109412845A publication Critical patent/CN109412845A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0806Configuration setting for initial configuration or provisioning, e.g. plug-and-play
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0889Techniques to speed-up the configuration process
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/55Push-based network services

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the present application provides method, apparatus, computer equipment and the storage medium of a kind of equipment access network.The described method includes: receiving the registration information of access device;Verify the registration information of access device;If access device obtains the classification of access device by verifying;Access configuration information is pushed to the access device according to the classification of access device, so that access device completes initial configuration according to access configuration information and to establish communication tunnel between different classes of access device.The embodiment of the present application may be implemented remotely and whenever and wherever possible to carry out initial configuration to access device, simplifies the process of configuration, reduces cost of labor, improves user experience;And communication tunnel is established between first kind access device and the second class access device, so that can be in communication with each other between first kind access device and the second class access device.

Description

Method, apparatus, computer equipment and the storage medium of equipment access network
Technical field
This application involves technical field of data processing more particularly to a kind of method, apparatus of equipment access network, computer Equipment and storage medium.
Background technique
Management address, configuration is such as arranged using the process for having to pass through initial configuration in past enterprise network equipment restocking (Secure Shell, remote shell protocol, aim at telnet session and other network services provide safety for SSH login Agreement), information such as VLAN (Virtual Local Area Network, virtual LAN) etc., number of these work in concentration According to center manually by platform processing easily, if being configured in distributed mechanisms throughout the country, need manpower and link up at This is too big, while safety, standardization, accuracy and actual effect are unable to get guarantee.Have a heavy post mode on the market at present It is assisted with modes such as USB flash disks, only simplifies configuration complexity, there is no solve problem above.Some using remote desktop and Field Force, which cooperates, to implement, and solves the problems, such as safety, standardization, accuracy, but timeliness is very low, it is difficult to meet a large amount of The demand of distributed deployment.
Summary of the invention
The embodiment of the present application provides method, apparatus, computer equipment and the storage medium of a kind of equipment access network, can be real Now remotely the access configuration information of access device is pushed on access device, so that access device can carry out whenever and wherever possible Initial configuration.
In a first aspect, the embodiment of the present application provides a kind of method of equipment access network, for being somebody's turn to do in Centralized Controller Method includes:
The registration information of access device is received, the access device is added with the domain name of the Centralized Controller and is configured with Network module, so that the access device can be connected after actuation based on the domain name of the network module and the Centralized Controller It is connected to the Centralized Controller;It verifies the registration information of the access device and whether verifying is passed through with the determination access device; If the access device obtains the classification of the access device by verifying;It is connect according to the classification of the access device to described Enter equipment push access configuration information, so that the access device is completed initial configuration according to the access configuration information and made It obtains and establishes communication tunnel between different classes of access device.
Second aspect, the embodiment of the invention also provides a kind of methods of equipment access network, are used in access device, institute The method of stating includes:
When dispatching from the factory installation system, the domain name of Centralized Controller is added, and Configuration network module is so that the access Equipment passes through network module after actuation and connects network;If connecting network, the domain name of the Centralized Controller of addition is obtained, to pass through The domain name of the Centralized Controller connects the Centralized Controller;Registration information is sent to the Centralized Controller, to pass through It states Centralized Controller and verifies the registration information, and after the registration information is by verifying, obtain the class of the access device Not;The access configuration information that the Centralized Controller is pushed according to the classification of the access device is received, so that the access Equipment completes initial configuration according to the access configuration information and to establish communication tunnel between different classes of access device Road.
The third aspect, the embodiment of the invention provides a kind of device of equipment access network, which accesses the dress of network It sets including for executing the corresponding unit of method described in above-mentioned first aspect, or including for executing above-mentioned second aspect institute The corresponding unit of the method stated.
Fourth aspect, the embodiment of the invention provides a kind of computer equipment, the computer equipment includes memory, with And the processor being connected with the memory;
The memory is for storing computer program, and the processor is for running the calculating stored in the memory Machine program to execute method described in above-mentioned first aspect, or executes method described in above-mentioned second aspect.
5th aspect, the embodiment of the invention provides a kind of computer readable storage medium, the computer-readable storage Media storage has computer program, when the computer program is executed by processor, realizes method described in above-mentioned first aspect, Or realize method described in above-mentioned second aspect.
The embodiment of the present application adds domain name corresponding to Centralized Controller, setting when access device dispatches from the factory installation system The network module of access device is to connect network by network module after access device starts, in connection network by concentrating control After the domain name of device processed connects upper Centralized Controller, Centralized Controller is according to the classification of the access device by the access of access device Configuration information is pushed on access device so that access device completes the configuration of initialization, so may be implemented it is long-range and with When everywhere to access device carry out initial configuration, simplify the process of configuration, reduce cost of labor, improve user's body It tests.And communication tunnel is established between first kind access device and the second class access device, so that first kind access device and second It can be in communication with each other between class access device.
Detailed description of the invention
Fig. 1 is the application scenarios schematic diagram of the method for equipment access network provided by the embodiments of the present application;
Fig. 2 is the flow diagram of the method for equipment access network provided by the embodiments of the present application;
Fig. 3 is the sub-process schematic diagram of the method for equipment access network provided by the embodiments of the present application;
Fig. 4 is the sub-process schematic diagram of the method for equipment access network provided by the embodiments of the present application;
Fig. 5 is the flow diagram of the method for the equipment access network that another embodiment of the application provides;
Fig. 6 is the flow diagram of the method for the equipment access network that another embodiment of the application provides;
Fig. 7 is the schematic block diagram of the device of equipment access network provided by the embodiments of the present application;
Fig. 8 is the schematic block diagram of the device for the equipment access network that another embodiment of the application provides;
Fig. 9 is the schematic block diagram of the device for the equipment access network that another embodiment of the application provides;
Figure 10 is a kind of schematic block diagram of computer equipment provided by the embodiments of the present application.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete Site preparation description, it is clear that described embodiment is some embodiments of the present application, instead of all the embodiments.Based on this Shen Please in embodiment, every other implementation obtained by those of ordinary skill in the art without making creative efforts Example, shall fall in the protection scope of this application.
The method of equipment access network in the embodiment of the present application is mainly used in distributed network, the distributed network In at least be configured with a Centralized Controller, by the Centralized Controller can to access device carry out initial configuration, will Access device is linked into distributed network.Wherein, access device can be the equipment such as router.Access device is also possible to it His equipment.
Fig. 1 is the application scenarios schematic diagram of the method for equipment access network provided by the embodiments of the present application.In the applied field Jing Zhong, including Centralized Controller, access device, wherein access device includes first kind access device, the second class access device. First kind access device includes the equipment such as distribution router, and the second class access device includes accessing gateway equipment etc..The concentration Controller, first kind access device, the second class access device are distributed in distributed network.Application is executed in Centralized Controller The method of equipment access network in Centralized Controller, can integrate the configuration in the embodiment of the present application in the Centralized Controller The device of arbitrary equipment access network in Centralized Controller.Wherein, which is corresponding with web interface, with convenient The relevant information of access device is controlled and checked to the access configuration of access device and accessed by the first kind The link information of equipment and the second class access device.It is executed in access device and the equipment in access device is applied to access network Method, can integrate the arbitrary equipment access network being configured in access device in the embodiment of the present application in the access device Device.
Access device is added to the domain name of Centralized Controller and is configured in access device when dispatching from the factory installation system The network module of access device connects network so that the access device passes through network module after actuation.In Fig. 1, access After equipment obtains the domain name of the Centralized Controller of addition and connects upper Centralized Controller, registration information is sent to Centralized Controller; The registration information of Centralized Controller verifying access device;If the access device is matched by verifying to access device push access Confidence breath specifically sends the first access configuration information to first kind access device, sends second to the second class access device and connect Enter configuration information, so that first kind access device and the access of the second class are completed initial configuration according to access configuration information and made Communication tunnel is established between first kind access device and the second class access device.
The method that network is accessed to the equipment in the embodiment of the present application from Centralized Controller and access device individually below It is described in detail.
Fig. 2 is the flow diagram of the method for equipment access network provided by the embodiments of the present application, is applied to centralized control In device.As shown in Fig. 2, this method includes S201-S204.
S201, receives the registration information of access device, domain name of the access device added with the Centralized Controller and Configured with network module, so that the access device after actuation can be based on the network module and the Centralized Controller Domain name is connected to the Centralized Controller.
The access device is added to the domain name of the Centralized Controller and is configured with network when dispatching from the factory installation system Module is so that the access device connects network by network module after actuation, and obtains the domain of the Centralized Controller Name, to connect the Centralized Controller.The registration information of access device include device model, equipment Serial Number, device manufacturer with And initialized cryptographic data etc..The network module of access device is configured so that access device is connected by network module after actuation Connect network, comprising: by WAN mouthfuls of access device of mode setting be the automatic address pattern that obtains to pass through after access device starts WAN mouthfuls obtain the address that can connect network to connect network;Or default network module is integrated in access device, to connect Pass through insertion with the matched network interface card of default network module to connect network after entering equipment starting.Wherein, WAN (Wide Area Network) mouth is WAN port, is mainly used to connect external network, that is, connects the distributed network.It is set as obtaining automatically Address pattern is the DHCP service for being arranged and opening access device.It configures access device to after obtaining address pattern automatically, The IP address of available connection network after access device starting, to connect network by the IP address.Default network module can To include LTE module, LTE module is integrated in access device, network can be connected by being inserted into LTE network interface card.Access is set After standby connection network, so that it may the domain name for obtaining Centralized Controller, according to the available centralized control of the domain name of Centralized Controller It is remotely registered to Centralized Controller after access device connects upper Centralized Controller according to the address of Centralized Controller the address of device. Domain name corresponding to Centralized Controller in distributed network is always maintained at constant, which can receive in internet The registration service etc. of access device.Wherein, access device includes first kind access device, such as distributed apparatus router;With And the second class access device, such as accessing gateway equipment.In this way, being only inserted into and default network model after access device starting The network interface card matched, or do nothing, it can even connect to the Net, and connection Centralized Controller, namely in access device After starting, only insertion and the matched network interface card of default network model, or are done nothing, and can carry out making with postponing investment With realizing plug and play.
S202 verifies the registration information of the access device with the determination access device and whether passes through verifying.
After receiving the registration information of access device, the registration information of the access device is verified, to avoid illegal Access device be connected to Centralized Controller or be connected in the distributed network, safe prestige is caused to the distributed network The side of body.
Specifically, as shown in figure 3, step S202 includes the following steps S301-S304.
S301 obtains the information of pre-stored access device.Centralized Controller can store multiple access devices in advance The classification of information and multiple access devices.
S302, detect the access device registration information whether the information matches with pre-stored access device.I.e. The registration information of access device is compared with the information of pre-stored access device.
S303, if the information matches of the registration information of the access device and pre-stored access device, it is determined that institute It states access device and passes through verifying.Wherein, matching refers to that registration information exactly matches, i.e., registration information is identical.
S304, if the registration information of the access device and the information of pre-stored access device mismatch, it is determined that The access device is unverified.Wherein, as long as registration information has a place inconsistent, that is, think to mismatch.
S203, if the access device obtains the classification of the access device by verifying.
The classification parameter of access device as described in obtaining, the classification of the access device is determined according to classification parameter.
S204 pushes access configuration information to the access device according to the classification of the access device, so that described connect Enter equipment and completes initial configuration and to establish between different classes of access device to communicate according to the access configuration information Tunnel.
Wherein, access configuration information includes the first access configuration information and the second access configuration information.It is accessed to the first kind Equipment push the first access configuration information, to the second class access device push the second access configuration information, so that access device Initial configuration is completed according to access configuration information, and to establish between first kind access device and the second class access device logical Believe tunnel.
In one embodiment, as shown in figure 4, step S204 includes the following steps S401-S402.
S401 transfers corresponding access configuration information template according to the classification of the access device.
It include a series of configuration for completing access device initialization in corresponding access configuration information template.Wherein, Before transferring corresponding access configuration information template, the individual cultivation item in corresponding access configuration information template need to be set Value.It should be noted that access configuration information template is made of command code.These command codes may be implemented access and set Standby initial configuration.Individual cultivation item is some configuration items that each access device is different from other access devices.It will be complete It is write as template at a series of configuration that access device initializes, each access device is configured with facilitating, improve configuration Efficiency.
S402, Xiang Suoshu access device push corresponding access configuration information template, so that access device is according to corresponding Access configuration information template completes initial configuration and to establish communication tunnel between different classes of access device.
After value provided with the individual cultivation item in corresponding access configuration information template, pushes and be arranged to access device Access configuration information template afterwards, to complete the initial configuration of access device, and makes between different classes of access device Establish communication tunnel, such as VPN traffic tunnel.
It include the first access configuration information template and the second access configuration information mould in corresponding access configuration information template Plate.Corresponding first kind access device is the first access configuration information template;Corresponding second class access device is the second access Configuration information template.
Specifically, it if it is first kind access device that step S402, which includes: the access device, is pushed away to first kind access device The first access configuration information template is sent, is matched so that first kind access device completes initialization according to the first access configuration information template It sets, wherein include secure tunnel configuration in the first access configuration information template;If the access device is the second class, access is set It is standby, to the second class access device push the second access configuration information template, so that the second class access device is matched according to the second access It sets information model and completes initial configuration, wherein include secure tunnel configuration in the second access configuration information template, receive the A kind of equipment establishes the configuration of tunnel access, so that establishing communication tunnel between first kind equipment and the second class equipment.
As included configuration access device title, the affiliated network segment information of access device, net in the first access configuration information template Address information, access vlan information are closed, configuration cryptographic protocol, encryption type, encryption level etc. are (it can be appreciated that encryption length Degree, such as 256,1024, encryption length it is longer, be more difficult to crack), configure 3A authentication information, Configuration network time protocol NTP (Network Time Protocol), configuration management address are to log on the access device, configuration access by the management address Strategy (such as including configuration can access or cannot access which resource in the distributed network), configuration QoS (Quality Of Service, service quality) information, configuration link detection function (i.e. configuration access device whether can detecte link-quality, And be sent to Centralized Controller), configure using identification and the configuration of application routing policy (configuration application identification library, using feature etc., Select routing policy etc. using and according to application to identify), (one tunnel of configuration, is built by the tunnel for secure tunnel configuration The vertical interface channel with the second class access device, and the data for being accomplished by the tunnel are encrypted, and it is logical such as to establish VPN Road), access authentication configuration (such as configuration open certification as security domain certification).Wherein, individual cultivation item includes access device The affiliated network segment information of title, access device, gateway address information, access vlan information, configuration cryptographic protocol, add encryption type Level of confidentiality not Deng, configuration access strategy etc..It is to be understood that accessing configuration information first for each first kind access device These individual cultivation items can be set in template.
Since the second class access device is accessing gateway equipment, in addition to having identical match with first kind access device It sets, further includes configuration and and the association with Centralized Controller for receiving distributed access outside configuration information as mentioned in the text View configuration etc..The configuration of distribution access can be understood as establishing the configuration of tunnel access, namely receive the foundation of first kind equipment The configuration of tunnel access, establishes communication tunnel between first kind access device and the second class access device to allow, such as the channel VPN, So that carrying out end to end communication by the communication tunnel established between first kind access device and the second class access device.It can be with Understand ground, in the present embodiment, first kind access device include it is multiple, the second class access device may include one, i.e., multiple the A kind of access device is communicated with the second class access device foundation.By the protocol configuration with Centralized Controller so that concentrating Controller can be communicated with the second class access device.With the protocol configuration of Centralized Controller, including configuration Transmission Control Protocol, UDP Agreement etc..It is to be appreciated that after carrying out protocol configuration, the communication and second between Centralized Controller and the second class access device It is different after the starting of class access device with the communication of Centralized Controller.Second class access device starting after with Centralized Controller Communication is to configure the second class access device to allow the second class access device to access distributed network;And carry out protocol configuration Afterwards, the communication between Centralized Controller and the second class access device is the positive normal open in distributed network between two distinct devices Letter.
It completes above matching to postpone, first kind access device can be communicated with the second class access device, the second class Access device is communicated with Centralized Controller, in this way, being connect by the process that Centralized Controller can be checked in whole network Enter link information and the relevant information of multiple access devices etc. of equipment.
Fig. 5 is the flow diagram of the method for the equipment access network that another embodiment of the application provides, and is applied to concentrate In controller.As shown in figure 5, this method includes S501-S506.Wherein, the difference of the embodiment and Fig. 2 embodiment, In: increase step S505-S506.Below will main explanation and Fig. 2 embodiment difference, other the step of please refer to figure Description in 2 embodiments, details are not described herein.
S505, reception check instruction to check that first kind access device and the second class access device are checked in instruction according to Initial configuration information and by the first kind access device and the second class access device link information.
That is instruction is checked in Centralized Controller reception, and first kind access device and the access of the second class are checked on Centralized Controller The relevant information of equipment.Specifically, which is corresponding with web interface, with facilitate the access to access device configure into Row control and check the relevant information of access device and by the first kind access device and the second class access device Link information.Since the first kind equipment after completion initial configuration can be communicated with the second class access device, the second class Access device is communicated with Centralized Controller, in this way, being connect by the process that Centralized Controller can be checked in whole network Enter link information and the relevant information of multiple access devices etc. of equipment.
S506 positions the first kind access device and described the by the initial configuration information and link information The two running exceptions of class access device.
It is as abnormal in shown in some link information, then can check is which access device situation etc. occurs.
Fig. 6 is the flow diagram of the method for the equipment access network that another embodiment of the application provides, and is applied to access In equipment.As shown in fig. 6, this approach includes the following steps S601-S604.
S601 adds the domain name of Centralized Controller, and Configuration network module is so that described when dispatching from the factory installation system Access device passes through network module after actuation and connects network.
Wherein, access device Configuration network module connects net so that the access device passes through network module after actuation Network, comprising: the mode setting of access device WAN (Wide Area Network, wide area network) mouth is obtained into address pattern to be automatic To obtain the address that can connect network by WAN mouthfuls after access device starts to connect network;Or in access device Integrated default network module, to connect net with the matched network interface card of default network module by insertion after access device starts Network.Wherein, default network module includes LTE module.In this way, being only inserted into and default network model after access device starting The network interface card matched, or do nothing, it can even connect to the Net, and connection Centralized Controller.
S602, if connection network, obtains the domain name of the Centralized Controller of addition, to pass through the domain name of the Centralized Controller Connect the Centralized Controller.
Domain name corresponding to Centralized Controller in distributed network is always maintained at constant.After access device connects network, The domain name that Centralized Controller can be obtained, according to the address of the available Centralized Controller of the domain name of Centralized Controller, access Equipment connects Centralized Controller according to the address of Centralized Controller.
S603, Xiang Suoshu Centralized Controller send registration information, to verify the registration letter by the Centralized Controller Breath, and after the registration information is by verifying, obtain the classification of the access device.
It is registered to Centralized Controller sending device model, equipment Serial Number, device manufacturer and initialized cryptographic data etc. Information, so that Centralized Controller access device information according to the pre-stored data is matched with received registration information, if With success, it is determined that by verifying, Centralized Controller obtains the classification of access device.If matching unsuccessful, it is determined that access is set It is standby unverified.Unverified access device does not allow access in distributed network, to avoid to distributed network Cause security threat.
S604 receives the access configuration information that the Centralized Controller is pushed according to the classification of the access device, so that The access device is obtained to complete initial configuration according to the access configuration information and make between different classes of access device Establish communication tunnel.
Wherein, access device includes first kind access device, such as distributed apparatus router;And second class access set It is standby, such as accessing gateway equipment.Accessing configuration information includes the first access configuration information and the second access configuration information.It receives to First access configuration information of a kind of access device push, the second access configuration information pushed to the second class access device, with So that access device completes initial configuration according to access configuration information, and first kind access device and the second class are accessed and set Communication tunnel is established between standby.
Specifically, the access device is completed initial configuration according to the access configuration information and is made different classes of The principle that communication tunnel is established between access device is described in detail in Fig. 2 embodiment, and details are not described herein.It needs Illustrate, the content in this method embodiment is consistent with the content in above embodiment of the method, does not have in the present embodiment The content mentioned, can be referring to the description in embodiment of the method above.
Fig. 7 is the schematic block diagram of the device of equipment access network provided by the embodiments of the present application.The device includes being used for Execute unit corresponding to the above-mentioned method applied to the equipment access network in Centralized Controller.Specifically, as shown in fig. 7, The device 70 includes registration receiving unit 701, authentication unit 702, classification acquiring unit 703 and access unit 704.
Receiving unit 701 is registered, for receiving the registration information of access device, the access device is added with the concentration The domain name of controller and be configured with network module so that the access device can be based on the network module and institute after actuation The domain name for stating Centralized Controller is connected to the Centralized Controller.
Whether authentication unit 702 is passed through for verifying the registration information of the access device with the determination access device Verifying.
Wherein, the authentication unit 702 includes: information acquisition unit, for obtaining the letter of pre-stored access device Breath;Matching unit, for detect the access device registration information whether the information matches with pre-stored access device; Determination unit, if for the registration information of the access device and the information matches of pre-stored access device, it is determined that institute It states access device and passes through verifying;Determination unit, if be also used to the access device registration information and it is pre-stored access set Standby information mismatches, it is determined that the access device is unverified.
Classification acquiring unit 703, if obtaining the classification of the access device by verifying for the access device.
Access unit 704, for pushing access configuration information to the access device according to the classification of the access device, So that the access device according to the access configuration information complete initial configuration and make different classes of access device it Between establish communication tunnel.
In one embodiment, access unit 704 includes: to transfer setting unit and access configuration unit.Wherein, setting is transferred Unit transfers corresponding access configuration information template for the classification according to the access device.Configuration unit is accessed, is used for Corresponding access configuration information template is pushed to the access device, so that access device is according to corresponding access configuration information mould Plate completes initial configuration and to establish communication tunnel between different classes of access device.In one embodiment, access is matched Setting unit includes the first access configuration unit and the second access configuration unit.Wherein, the first access configuration unit, if for described Access device is first kind access device, to first kind access device push the first access configuration information template, so that the first kind Access device completes initial configuration according to the first access configuration information template, wherein wraps in the first access configuration information template Secure tunnel configuration is included.Second access configuration unit, if being the second class access device for the access device, to the second class Access device push the second access configuration information template, so that the second class access device is complete according to the second access configuration information template At initial configuration, wherein include secure tunnel configuration in the second access configuration information template, receive the foundation of first kind equipment The configuration of tunnel access, so that establishing communication tunnel between first kind equipment and the second class equipment.
It wherein, further include with the protocol configuration of the Centralized Controller so that described in the second access configuration information template Centralized Controller can be communicated with the second class access device.It completes and postpones matching for access device, first kind access device It can be communicated with the second class access device, the second class access device is communicated with Centralized Controller, in this way, passing through concentration Controller can check in whole network by the link information of access device and relevant information of multiple access devices etc..
Fig. 8 is the schematic block diagram of the device of equipment access network provided by the embodiments of the present application.The device includes being used for Execute unit corresponding to the above-mentioned method applied to the equipment access network in Centralized Controller.Specifically, as shown in figure 8, The device 80 includes registration receiving unit 801, authentication unit 802, classification acquiring unit 803, access unit 804, checks unit 805 and abnormal positioning unit 806.The difference of the embodiment and embodiment shown in Fig. 7 is: increase check unit 805, Abnormal positioning unit 806.Check that unit 805, abnormal positioning unit 806, other units please refer to Fig. 7 embodiment with regard to introducing below In description.
It checks unit 805, checks instruction for receiving to check that first kind access device and the are checked in instruction according to The initial configuration information of two class access devices and the link for passing through the first kind access device and the second class access device Information.
Abnormal positioning unit 806, for positioning the first kind by the initial configuration information and link information Access device and the running exception of the second class access device.
Fig. 9 is the schematic block diagram of the device for the equipment access network that another embodiment of the application provides, and is applied to access In equipment.Specifically, as shown in figure 9, the device 90 include factory configuration unit 901, connection unit 902, transmission unit 903 with And push receiving unit 904.
Factory configuration unit 901, for adding the domain name of Centralized Controller, and configure net when dispatching from the factory installation system Network module connects network so that the access device passes through network module after actuation.
Connection unit 902, if the domain name of the Centralized Controller of addition is obtained, to pass through the concentration for connecting network The domain name of controller connects the Centralized Controller.
Transmission unit 903, for sending registration information to the Centralized Controller, to be verified by the Centralized Controller The registration information, and after the registration information is by verifying, obtain the classification of the access device.
Receiving unit 904 is pushed, is connect for receiving the Centralized Controller according to what the classification of the access device pushed Enter configuration information, so that the access device is completed initial configuration according to the access configuration information and made different classes of Access device between establish communication tunnel.
It should be noted that it is apparent to those skilled in the art that, the tool of above-mentioned apparatus and each unit Body realizes process, can be no longer superfluous herein with reference to the corresponding description in preceding method embodiment, for convenience of description and succinctly It states.
Above-mentioned apparatus can be implemented as a kind of form of computer program, and computer program can be in meter as shown in Figure 10 It calculates and is run on machine equipment.
Figure 10 is a kind of schematic block diagram of computer equipment provided by the embodiments of the present application.The equipment is that terminal etc. is set It is standby, such as Centralized Controller.The equipment 100 includes that processor 102, memory and the network connected by system bus 101 connects Mouth 103, wherein memory may include non-volatile memory medium 104 and built-in storage 105.
The non-volatile memory medium 104 can storage program area 1041 and computer program 1042.This is non-volatile to deposit , it can be achieved that described in above-mentioned Centralized Controller when the computer program 1042 stored in storage media is executed by processor 102 The method of equipment access network.The processor 102 supports the operation of whole equipment 100 for providing calculating and control ability.It should Built-in storage 105 provides environment for the operation of the computer program in non-volatile memory medium, and the computer program is processed When device 102 executes, processor 102 may make to execute the method that equipment described in above-mentioned Centralized Controller accesses network.The net Network interface 103 is for carrying out network communication.It will be understood by those skilled in the art that structure shown in Figure 10, only and originally The block diagram of the relevant part-structure of application scheme does not constitute the restriction for the equipment 100 being applied thereon to application scheme, Specific equipment 100 may include perhaps combining certain components than more or fewer components as shown in the figure or having difference Component layout.
Wherein, the processor 102 is for running computer program stored in memory, to realize following steps:
The registration information of access device is received, the access device is added with the domain name of the Centralized Controller and is configured with Network module, so that the access device can be connected after actuation based on the domain name of the network module and the Centralized Controller It is connected to the Centralized Controller;It verifies the registration information of the access device and whether verifying is passed through with the determination access device; If the access device obtains the classification of the access device by verifying;It is connect according to the classification of the access device to described Enter equipment push access configuration information, so that the access device is completed initial configuration according to the access configuration information and made It obtains and establishes communication tunnel between different classes of access device.
In one embodiment, the processor 102 is executing the classification according to the access device to the access Equipment push access configuration information, so that the access device is completed initial configuration according to the access configuration information and made When establishing the step of communication tunnel between different classes of access device, it is implemented as follows step:
According to the classification of the access device, corresponding access configuration information template is transferred;It is pushed to the access device Corresponding access configuration information template so that access device according to corresponding access configuration information template complete initial configuration and So that establishing communication tunnel between different classes of access device.
In one embodiment, the access device includes first kind access device and the second class access device, is respectively corresponded First access configuration information template and the second access configuration information template, the processor 102 are described to the access in execution Equipment pushes corresponding access configuration information template, so that access device is completed initially according to corresponding access configuration information template When changing configuration and to establish the step of communication tunnel between different classes of access device, it is implemented as follows step:
If the access device is first kind access device, to first kind access device push the first access configuration information mould Plate, so that first kind access device completes initial configuration according to the first access configuration information template, wherein first access It include secure tunnel configuration in configuration information template;If the access device is the second class access device, accessed to the second class Equipment push the second access configuration information template, so that the second class access device is completed just according to the second access configuration information template Beginningization configuration, wherein include secure tunnel configuration in the second access configuration information template, receive the foundation of first kind equipment The configuration of tunnel access, so that establishing communication tunnel between first kind equipment and the second class equipment.
In one embodiment, the processor 102 is the step of executing the registration information of the verifying access device When, it is implemented as follows step:
Obtain the information of pre-stored access device;Detect the access device registration information whether be stored in advance Access device information matches;If the information matches of the registration information of the access device and pre-stored access device, Then determine that the access device passes through verifying;If the information of the registration information of the access device and pre-stored access device It mismatches, it is determined that the access device is unverified.
In one embodiment, the access device includes first kind access device and the second class access device, and described second It further include with the protocol configuration of the Centralized Controller so that the centralized control in the access configuration information of class access device Device can be communicated with the second class access device, and the processor 102 is also implemented as follows step:
Receive check instruction with checked according to instruction check first kind access device and the second class access device at the beginning of Beginningization configuration information and the link information for passing through the first kind access device and the second class access device;By described initial Change configuration information and link information positions the first kind access device and the running exception of the second class access device.
Another embodiment of the present invention additionally provides a kind of schematic block diagram of computer equipment.In the present embodiment, described Equipment is access device, such as router.Figure 10 specifically is please referred to, which includes and computer equipment shown in Figure 10 Identical structure.The difference of the computer equipment and computer equipment shown in Figure 10 is, non-volatile in the computer equipment , it can be achieved that the equipment realized in above-mentioned access device when the computer program that storage medium is stored is executed by processor 102 The method for accessing network.
Wherein, the processor 102 is for running computer program stored in memory, to realize following steps:
When dispatching from the factory installation system, the domain name of Centralized Controller is added, and Configuration network module is so that the access Equipment passes through network module after actuation and connects network;If connecting network, the domain name of the Centralized Controller of addition is obtained, to pass through The domain name of the Centralized Controller connects the Centralized Controller;Registration information is sent to the Centralized Controller, to pass through It states Centralized Controller and verifies the registration information, and after the registration information is by verifying, obtain the class of the access device Not;The access configuration information that the Centralized Controller is pushed according to the classification of the access device is received, so that the access Equipment completes initial configuration according to the access configuration information and to establish communication tunnel between different classes of access device Road.
It should be appreciated that alleged processor 102 can be central processing unit (Central in computer equipment embodiment Processing Unit, CPU), which can also be other general processors, digital signal processor (Digital Signal Processor, DSP), specific integrated circuit (application program lication Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other can Programmed logic device, discrete gate or transistor logic, discrete hardware components etc..General processor can be microprocessor Or the processor is also possible to any conventional processor etc..
Those of ordinary skill in the art will appreciate that be realize above-described embodiment method in all or part of the process, It is that relevant hardware can be instructed to complete by computer program.The computer program can be stored in a storage medium, The storage medium can be computer readable storage medium.The computer program is by the processing of at least one of the computer system Device executes, to realize the process step of the embodiment of the above method.
Therefore, present invention also provides a kind of storage mediums.The storage medium can be computer readable storage medium.It should Storage medium is stored with computer program, which performs the steps of when being executed by a processor
The registration information of access device is received, the access device is added with the domain name of the Centralized Controller and is configured with Network module, so that the access device can be connected after actuation based on the domain name of the network module and the Centralized Controller It is connected to the Centralized Controller;It verifies the registration information of the access device and whether verifying is passed through with the determination access device; If the access device obtains the classification of the access device by verifying;It is connect according to the classification of the access device to described Enter equipment push access configuration information, so that the access device is completed initial configuration according to the access configuration information and made It obtains and establishes communication tunnel between different classes of access device.
In one embodiment, the processor is executing the classification according to the access device to the access device Push access configuration information, so that the access device completes initial configuration according to the access configuration information and makes difference When establishing the step of communication tunnel between the access device of classification, it is implemented as follows step:
According to the classification of the access device, corresponding access configuration information template is transferred;It is pushed to the access device Corresponding access configuration information template so that access device according to corresponding access configuration information template complete initial configuration and So that establishing communication tunnel between different classes of access device.
In one embodiment, the access device includes first kind access device and the second class access device, is respectively corresponded First access configuration information template and the second access configuration information template, the processor are described to the access device in execution Corresponding access configuration information template is pushed, is matched so that access device completes initialization according to corresponding access configuration information template When setting and to establish the step of communication tunnel between different classes of access device, it is implemented as follows step:
If the access device is first kind access device, to first kind access device push the first access configuration information mould Plate, so that first kind access device completes initial configuration according to the first access configuration information template, wherein first access It include secure tunnel configuration in configuration information template;If the access device is the second class access device, accessed to the second class Equipment push the second access configuration information template, so that the second class access device is completed just according to the second access configuration information template Beginningization configuration, wherein include secure tunnel configuration in the second access configuration information template, receive the foundation of first kind equipment The configuration of tunnel access, so that establishing communication tunnel between first kind equipment and the second class equipment.
In one embodiment, the processor is when executing the step of registration information of the verifying access device, It is implemented as follows step:
Obtain the information of pre-stored access device;Detect the access device registration information whether be stored in advance Access device information matches;If the information matches of the registration information of the access device and pre-stored access device, Then determine that the access device passes through verifying;If the information of the registration information of the access device and pre-stored access device It mismatches, it is determined that the access device is unverified.
In one embodiment, the access device includes first kind access device and the second class access device, and described second It further include with the protocol configuration of the Centralized Controller so that the centralized control in the access configuration information of class access device Device can be communicated with the second class access device, and the processor is also implemented as follows step:
Receive check instruction with checked according to instruction check first kind access device and the second class access device at the beginning of Beginningization configuration information and the link information for passing through the first kind access device and the second class access device;By described initial Change configuration information and link information positions the first kind access device and the running exception of the second class access device.
A kind of storage medium is additionally provided in another embodiment of the invention, and the storage medium is stored with computer journey Sequence, the computer program perform the steps of when being executed by a processor
When dispatching from the factory installation system, the domain name of Centralized Controller is added, and Configuration network module is so that the access Equipment passes through network module after actuation and connects network;If connecting network, the domain name of the Centralized Controller of addition is obtained, to pass through The domain name of the Centralized Controller connects the Centralized Controller;Registration information is sent to the Centralized Controller, to pass through It states Centralized Controller and verifies the registration information, and after the registration information is by verifying, obtain the class of the access device Not;The access configuration information that the Centralized Controller is pushed according to the classification of the access device is received, so that the access Equipment completes initial configuration according to the access configuration information and to establish communication tunnel between different classes of access device Road.
The storage medium can be USB flash disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), magnetic disk Or the various computer readable storage mediums that can store program code such as CD.
In several embodiments provided herein, it should be understood that disclosed device, device and method, it can be with It realizes by another way.For example, the apparatus embodiments described above are merely exemplary, the division of the unit, Only a kind of logical function partition, there may be another division manner in actual implementation.Those skilled in the art can be with It is well understood, for convenience of description and succinctly, the specific work process of the device of foregoing description, equipment and unit can With with reference to the corresponding process in preceding method embodiment, details are not described herein.The above, the only specific embodiment party of the application Formula, but the protection scope of the application is not limited thereto, and anyone skilled in the art discloses in the application In technical scope, various equivalent modifications or substitutions can be readily occurred in, these modifications or substitutions should all cover the guarantor in the application Within the scope of shield.Therefore, the protection scope of the application should be subject to the protection scope in claims.

Claims (10)

1. a kind of method of equipment access network, in Centralized Controller, which is characterized in that the described method includes:
The registration information of access device is received, the access device is added with the domain name of the Centralized Controller and is configured with network Module, so that the access device can be connected to after actuation based on the domain name of the network module and the Centralized Controller The Centralized Controller;
It verifies the registration information of the access device and whether verifying is passed through with the determination access device;
If the access device obtains the classification of the access device by verifying;
According to the classification of the access device to the access device push access configuration information so that the access device according to The access configuration information completes initial configuration and to establish communication tunnel between different classes of access device.
2. the method according to claim 1, wherein the classification according to the access device is to the access Equipment push access configuration information, so that the access device is completed initial configuration according to the access configuration information and made Communication tunnel is established between different classes of access device, comprising:
According to the classification of the access device, corresponding access configuration information template is transferred;
Corresponding access configuration information template is pushed to the access device, so that access device matches confidence according to corresponding access Breath template completes initial configuration and to establish communication tunnel between different classes of access device.
3. according to the method described in claim 2, it is characterized in that, the access device includes first kind access device and second Class access device respectively corresponds the first access configuration information template and the second access configuration information template, described to the access Equipment pushes corresponding access configuration information template, so that access device is completed initially according to corresponding access configuration information template Change configuration and to establish communication tunnel between different classes of access device, comprising:
If the access device is first kind access device, configuration information template is accessed to first kind access device push first, So that first kind access device completes initial configuration according to the first access configuration information template, wherein first access is matched Setting in information model includes secure tunnel configuration;
If the access device is the second class access device, configuration information template is accessed to the second class access device push second, So that the second class access device completes initial configuration according to the second access configuration information template, wherein second access is matched Setting includes that secure tunnel configures, receives the configuration that first kind equipment establishes tunnel access in information model, so that the first kind Communication tunnel is established between equipment and the second class equipment.
4. the method according to claim 1, wherein the registration information of the verifying access device, comprising:
Obtain the information of pre-stored access device;
Detect the access device registration information whether the information matches with pre-stored access device;
If the information matches of the registration information of the access device and pre-stored access device, it is determined that the access device Pass through verifying;
If the registration information of the access device and the information of pre-stored access device mismatch, it is determined that the access is set It is standby unverified.
5. the method according to claim 1, wherein the access device includes first kind access device and second Class access device further includes the protocol configuration with the Centralized Controller in the access configuration information of the second class access device So that the Centralized Controller can be communicated with the second class access device, the method also includes:
Reception checks instruction to check that the initialization of first kind access device and the second class access device is checked in instruction according to Configuration information and the link information for passing through the second class of first kind access device access device;
The first kind access device and second class access are positioned by the initial configuration information and link information The running exception of equipment.
6. a kind of method of equipment access network, in access device, which comprises
When dispatching from the factory installation system, the domain name of Centralized Controller is added, and Configuration network module is so that the access device Network is connected by network module after actuation;
If connecting network, the domain name of the Centralized Controller of addition is obtained, by described in the connection of the domain name of the Centralized Controller Centralized Controller;
Registration information is sent to the Centralized Controller, to verify the registration information by the Centralized Controller, and in institute After registration information is stated by verifying, the classification of the access device is obtained;
The access configuration information that the Centralized Controller is pushed according to the classification of the access device is received, so that the access Equipment completes initial configuration according to the access configuration information and to establish communication tunnel between different classes of access device Road.
7. a kind of device of equipment access network, which is characterized in that the device of the equipment access network includes:
Receiving unit is registered, for receiving the registration information of access device, the access device is added with the Centralized Controller Domain name and be configured with network module so that the access device can be based on the network module and the concentration after actuation The domain name of controller is connected to the Centralized Controller;
Whether authentication unit passes through verifying for verifying the registration information of the access device with the determination access device;
Classification acquiring unit, if obtaining the classification of the access device by verifying for the access device;
Access unit, for pushing access configuration information to the access device according to the classification of the access device, so that institute Access device is stated to complete initial configuration according to the access configuration information and to establish between different classes of access device Communication tunnel.
8. a kind of device of equipment access network, which is characterized in that the device of the equipment access network includes:
Dispatch from the factory configuration unit, for when dispatching from the factory installation system, add the domain name of Centralized Controller, and Configuration network module with So that the access device passes through network module after actuation and connects network;
Connection unit, if obtaining the domain name of the Centralized Controller of addition for connecting network, to pass through the Centralized Controller Domain name connects the Centralized Controller;
Transmission unit, for sending registration information to the Centralized Controller, to verify the note by the Centralized Controller Volume information, and after the registration information is by verifying, obtain the classification of the access device;
Receiving unit is pushed, confidence is matched according to the access that the classification of the access device pushes for receiving the Centralized Controller Breath, so that the access device completes initial configuration according to the access configuration information and sets different classes of access Communication tunnel is established between standby.
9. a kind of computer equipment, which is characterized in that the computer equipment includes memory, and is connected with the memory Processor;
The memory is for storing computer program;The processor is for running the computer journey stored in the memory Sequence, to execute the method according to claim 1 to 5 or method as claimed in claim 6.
10. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage has computer journey Sequence when the computer program is executed by processor, realizes the method according to claim 1 to 5 or as right is wanted Method described in asking 6.
CN201811184211.XA 2018-10-11 2018-10-11 Method, apparatus, computer equipment and the storage medium of equipment access network Withdrawn CN109412845A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811184211.XA CN109412845A (en) 2018-10-11 2018-10-11 Method, apparatus, computer equipment and the storage medium of equipment access network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811184211.XA CN109412845A (en) 2018-10-11 2018-10-11 Method, apparatus, computer equipment and the storage medium of equipment access network

Publications (1)

Publication Number Publication Date
CN109412845A true CN109412845A (en) 2019-03-01

Family

ID=65467013

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811184211.XA Withdrawn CN109412845A (en) 2018-10-11 2018-10-11 Method, apparatus, computer equipment and the storage medium of equipment access network

Country Status (1)

Country Link
CN (1) CN109412845A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111148102A (en) * 2019-12-31 2020-05-12 京信通信系统(中国)有限公司 Network authentication method, device, computer equipment and storage medium
CN111913074A (en) * 2020-08-06 2020-11-10 浙江华电器材检测研究所有限公司 Power distribution automation equipment detection method and system

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111148102A (en) * 2019-12-31 2020-05-12 京信通信系统(中国)有限公司 Network authentication method, device, computer equipment and storage medium
CN111148102B (en) * 2019-12-31 2024-01-30 京信网络系统股份有限公司 Network authentication method, device, computer equipment and storage medium
CN111913074A (en) * 2020-08-06 2020-11-10 浙江华电器材检测研究所有限公司 Power distribution automation equipment detection method and system

Similar Documents

Publication Publication Date Title
US8724515B2 (en) Configuring a secure network
US8898750B2 (en) Connecting remote and local networks using an identification device associated with the remote network
CN101919278B (en) Wireless device authentication using digital certificates
US8650311B2 (en) Client device configured to connect with a home network
CN107493280A (en) Method, intelligent gateway and the certificate server of user authentication
EP2530900B1 (en) Network security parameter generation and distribution
US8665753B2 (en) Simultaneous setup of a wireless network adapter and a network host device
CN107018127A (en) The Internet of Things virtual gateway and node access authentication method of a kind of compatible various protocols
US11963007B2 (en) Facilitating residential wireless roaming via VPN connectivity over public service provider networks
CN104243210A (en) Method and system for remotely having access to administrative web pages of routers
CN110266576A (en) Audio communication method and device
CN106209838A (en) The IP cut-in method of SSL VPN and device
CN104704789A (en) Network authentication
CN106656547A (en) Method and apparatus for updating network configuration of household electrical appliances
CN106027565A (en) PPPOE (Point-to-Point Protocol over Ethernet)-based Intranet-Extranet uniform authentication method and device
CN109495503A (en) A kind of SSL VPN authentication method, client, server and gateway
CN108989039A (en) Certificate acquisition method and device
CN109412845A (en) Method, apparatus, computer equipment and the storage medium of equipment access network
CN108347353A (en) Network collocating method, apparatus and system
CN111385180A (en) Communication tunnel construction method, device, equipment and medium
CN108322366A (en) Access the methods, devices and systems of network
WO2014044218A2 (en) Plug-and-play network element, system, and access method
CN106416146A (en) Communication apparatus, communication method, and communication system
CN108234119A (en) A kind of digital certificate management method and platform
CN110247846A (en) A kind of method for routing and route device of Virtual Private Network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20190301