CN115550128A - Method for remotely managing gateway equipment - Google Patents
Method for remotely managing gateway equipment Download PDFInfo
- Publication number
- CN115550128A CN115550128A CN202211100756.4A CN202211100756A CN115550128A CN 115550128 A CN115550128 A CN 115550128A CN 202211100756 A CN202211100756 A CN 202211100756A CN 115550128 A CN115550128 A CN 115550128A
- Authority
- CN
- China
- Prior art keywords
- reverse proxy
- server
- proxy server
- network management
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/02—Standardisation; Integration
- H04L41/0213—Standardised network management protocols, e.g. simple network management protocol [SNMP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention relates to a method for remotely managing gateway equipment, wherein user gateway equipment registers to a cloud network management server through a network management protocol; the network management system allocates a port number for a user gateway device, and sends the gateway device serial number and the allocated port number to a reverse proxy server; the network management system sends an instruction to the user gateway equipment and starts a reverse proxy client; the reverse proxy client registers to the reverse proxy server and establishes connection; the maintenance side uses the address of the proxy server and the allocated port number to access the user side server through the tunnel formed by the proxy server and the proxy client. When the user gateway equipment fails, a network management protocol is utilized to issue an instruction to start a reverse proxy client on the user equipment and establish connection with a reverse proxy server; and the maintenance personnel access the user gateway equipment through the established reverse proxy.
Description
Technical Field
The invention relates to a method for remotely managing gateway equipment, belonging to the technical field of network management.
Background
With the rapid development of the information industry, the types and the amount of services carried on the wide area network are increasing, the scale is also expanding, and a large number of terminal access devices are widely used. When these devices fail and require maintenance, they need to be quickly located and troubled.
Conventionally, when a problem occurs in a user-side device, a maintenance person of a gateway device operator is required to debug the device on the door. However, this one-to-one manual service method is inefficient and requires a lot of manpower. With the development of business, a large number of devices are required to be arranged in the homes of users, and the manual maintenance of the devices becomes a huge burden.
Currently, a gateway device operator uses network management protocols such as SNMP and CWMP to perform remote batch automated management on a user side device. However, in terms of debugging devices, these network management protocols can only deal with preset situations, and thus, when complex problems are faced, the network management protocols are not careful, and maintenance personnel cannot know the overall view of the problem devices.
If the user side equipment can be remotely connected by SSH or a WEB management page of the user side equipment is logged in, the efficiency of debugging the equipment by maintenance personnel is greatly improved. But since the user side device is often placed behind the NAT, it cannot be connected directly.
To access intranet services, one approach is intranet penetration using a reverse proxy. The device of the intranet actively establishes connection with the reverse proxy server of the cloud, and then the extranet device can access intranet services through the reverse proxy server. However, this method requires that the connection between the intranet device and the cloud server be maintained at all times. If a large number of devices are managed, a great deal of stress is placed on the server.
Disclosure of Invention
The invention aims to overcome the defects in the prior art and provides a method for remotely managing gateway equipment.
The purpose of the invention is realized by the following technical scheme:
a method for remotely managing gateway equipment is characterized in that: the method comprises the following steps:
1) The user gateway equipment registers to a cloud network management server through a network management protocol;
2) The network management system allocates a port number for a user gateway device, and sends the gateway device serial number and the allocated port number to a reverse proxy server;
3) The network management system sends an instruction to the user gateway equipment and starts a reverse proxy client;
4) The reverse proxy client registers to the reverse proxy server and establishes connection;
5) The maintenance side uses the address of the proxy server and the allocated port number to access the user side server through the tunnel formed by the proxy server and the proxy client.
Further, in the method for remotely managing a gateway device, in step 5), the maintenance-side browser accesses the user-side WEB server through a tunnel formed by the proxy server and the proxy client, using the address of the proxy server and the assigned port number.
Further, in the method for remotely managing a gateway device, a reverse proxy server establishes a connection with one or more reverse proxy clients, and a browser on a maintenance side simultaneously logs in WEB servers of a plurality of user gateway devices through a reverse tunnel formed by the reverse proxy server and the reverse proxy client.
Further, in the method for remotely managing a gateway device, step 5) is performed, wherein the address of the proxy server and the assigned port number are used by the SSH client on the maintenance side to access the SSH server on the user side through a tunnel formed by the proxy server and the proxy client.
Further, the above method for remote management of gateway devices, wherein the reverse proxy server establishes a connection with one or more reverse proxy clients, and the SSH client on the maintenance side simultaneously logs in the SSH servers of multiple user gateway devices through a reverse tunnel formed by the reverse proxy server and the reverse proxy client.
Further, in the method for remotely managing a gateway device, the network management protocol is CWMP, and after the CPE registers in the cloud network management server ACS, the network management system may issue an instruction to the CPE.
Further, the method for remotely managing a gateway device as described above, wherein the address of the reverse proxy server is configured by a network management protocol and does not need to be set in the user gateway device in advance.
Compared with the prior art, the invention has obvious advantages and beneficial effects, and is embodied in the following aspects:
(1) the maintenance personnel can log in the user equipment with the problem remotely, so that the debugging is convenient, and the time and the labor are saved; the maintenance personnel can connect the user equipment without going to the problem site, the effect is consistent with that of connecting the equipment on the site, the problem solving speed is obviously improved, and the user experience is also improved;
(2) the existing network management protocol is utilized, and the deployment is simple; multiplexing the existing network management protocol CWMP, managing a large amount of user equipment by the CWMP, acquiring information such as ip addresses of the user equipment and the like, issuing addresses of the reverse proxy server, integrating remote login on the original basis, and conveniently managing remote equipment;
(3) the user gateway equipment does not need to be always connected with the cloud server, so that a large amount of user side equipment can be managed conveniently; the existing remote connection method needs to keep connection between user equipment and a reverse proxy server all the time, is only suitable for managing a small amount of equipment, and brings huge pressure to the server when one more equipment is managed. The invention can inform the user equipment to connect the reverse proxy server only when needed, is convenient and flexible, and is safer and not easy to be attacked due to short-time connection.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by the practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and drawings.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and those skilled in the art can also obtain other related drawings based on the drawings without inventive efforts.
FIG. 1: a schematic diagram of an embodiment 1 of a remote management gateway method according to the present invention;
FIG. 2: the schematic diagram of embodiment 2 of the remote management gateway method of the present invention.
The meanings of the reference symbols in the figures are given in the following table:
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present invention, the directional terms and the sequence terms, etc. are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
The invention discloses a method for remotely managing gateway equipment, which comprises the following specific steps:
1) The user gateway equipment registers to a cloud network management server through a network management protocol;
2) The network management system allocates a port number for a user gateway device, and sends the gateway device serial number and the allocated port number to a reverse proxy server;
3) The network management system sends an instruction to the user gateway equipment and starts a reverse proxy client;
4) The reverse proxy client registers to the reverse proxy server and establishes connection;
5) The maintenance side uses the address of the proxy server and the allocated port number to access the user side server through the tunnel formed by the proxy server and the proxy client.
And step 5), the maintenance side browser accesses the user side WEB server through a tunnel formed by the proxy server and the proxy client by using the address of the proxy server and the allocated port number. The reverse proxy server establishes connection with one or more reverse proxy clients, and the browser at the maintenance side simultaneously logs in the WEB servers of a plurality of user gateway devices through a reverse tunnel formed by the reverse proxy server and the reverse proxy client.
Or the SSH client at the maintenance side accesses the SSH server at the user side through a tunnel formed by the proxy server and the proxy client by using the address of the proxy server and the allocated port number. The reverse proxy server establishes connection with one or more reverse proxy clients, and the SSH client at the maintenance side simultaneously logs in the SSH servers of a plurality of user gateway devices through a reverse tunnel formed by the reverse proxy server and the reverse proxy client. The network management protocol is CWMP, and after the CPE registers in the cloud network management server ACS, the network management system can issue an instruction to the CPE.
The address of the reverse proxy server is configured through a network management protocol and does not need to be set in the user gateway equipment in advance.
Example 1
As shown in fig. 1, a WEB management page of a remote access user side device is implemented;
a user gateway device (CPE) 3 registers to a cloud network management server (ACS) 2 through a CWMP protocol; specifically, the CPE initiates a session connection to the ACS, and the ACS stores information such as an IP address of the CPE.
The maintainer logs in the network management system 4 and selects the designated user gateway equipment; the network management system selects an idle port number and sends the equipment serial number and the corresponding port number to the reverse proxy server 5; the reverse proxy server 5 saves the sequence number and port number pairs in a list; the reverse proxy server 5 may be on the same server as the network management system 4 or may be on a different server;
the network management system 4 issues an instruction to the user gateway device 3, starts the reverse proxy client 6, and transmits the address of the reverse proxy server 5 to the reverse proxy client 6 in the process;
the reverse proxy client 6 sends a connection request to the reverse proxy server 5 according to the issued address, wherein the request comprises the serial number of the reverse proxy client; the reverse proxy server 5 searches in the list of the serial number and the port number according to the reported serial number, determines the corresponding port number and establishes connection;
the maintenance personnel inputs the address of the reverse proxy server and the corresponding port number on the browser 1 at the maintenance side, and accesses the WEB server 7 at the user side through a tunnel formed by the proxy server and the proxy client; the browser sends data to the reverse proxy server 5, the reverse proxy server 5 forwards the data to the reverse proxy client 6, the reverse proxy client 6 forwards the data to the WEB server of the user gateway device 3, and the data is returned to the browser through the original route after the WEB server responds.
Example 2
As shown in fig. 2, SSH telnet user gateway device is implemented;
the user gateway device 3 registers to the cloud network management server 2 through a CWMP protocol; the CPE initiates a session connection to the ACS, and the ACS stores information such as the IP address of the CPE;
the maintainer logs in the network management system 4 and selects the designated user gateway equipment; the network management system 4 selects an idle port number and sends the equipment serial number and the corresponding port number to the reverse proxy server 5; the reverse proxy server 5 saves the sequence number and port number pairs in a list; the reverse proxy server 5 may be on the same server as the network management system 4 or may be on a different server;
the network management system 4 issues an instruction to the user gateway device 3 to start the reverse proxy client 6, and in the process, the address of the reverse proxy server 5 is also transmitted to the reverse proxy client 6.
The reverse proxy client 6 sends a connection request to the reverse proxy server 5 according to the issued address, wherein the request comprises the serial number of the reverse proxy client; the reverse proxy server 5 searches in the list of the serial number and the port number according to the reported serial number, determines the corresponding port number and establishes connection;
the maintainer uses the address of the SSH client 8 at the maintenance side to connect the reverse proxy server and adds the corresponding port number, and logs in the SSH server 9 at the user side through the tunnel formed by the proxy server and the proxy client; namely: the SSH client sends data to the reverse proxy server 5, the reverse proxy server 5 forwards the data to the reverse proxy client 6, the reverse proxy client 6 forwards the data to the SSH server of the user gateway device, and the data is returned to the SSH client through the original route after the response of the SSH server.
In summary, the method of the present invention utilizes a network management protocol to issue an instruction to start a reverse proxy client on the user equipment and establish a connection with a reverse proxy server when the user gateway equipment fails; the maintenance personnel access the user gateway equipment through the established reverse proxy; the invention does not need to keep the user gateway equipment connected with the cloud server all the time, and is convenient for managing a large amount of user side equipment.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention. It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and shall be covered by the scope of the present invention.
It should be noted that, in this document, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising a … …" does not exclude the presence of another identical element in a process, method, article, or apparatus that comprises the element.
Claims (7)
1. A method of remotely managing a gateway device, characterized by: the method comprises the following steps:
1) The user gateway equipment registers to a cloud network management server through a network management protocol;
2) The network management system allocates a port number for a user gateway device, and sends the gateway device serial number and the allocated port number to a reverse proxy server;
3) The network management system sends an instruction to the user gateway equipment and starts a reverse proxy client;
4) The reverse proxy client registers to the reverse proxy server and establishes connection;
5) The maintenance side uses the address of the proxy server and the allocated port number to access the user side server through the tunnel formed by the proxy server and the proxy client.
2. The method of claim 1, wherein the method further comprises: and 5), the browser at the maintenance side accesses the WEB server at the user side through a tunnel formed by the proxy server and the proxy client by using the address of the proxy server and the allocated port number.
3. A method of remotely managing a gateway device according to claim 1 or 2, characterized in that: the reverse proxy server establishes connection with one or more reverse proxy clients, and the browser at the maintenance side simultaneously logs in the WEB servers of a plurality of user gateway devices through a reverse tunnel formed by the reverse proxy server and the reverse proxy client.
4. The method of claim 1, wherein the method further comprises: and step 5) the SSH client at the maintenance side accesses the SSH server at the user side through a tunnel formed by the proxy server and the proxy client by using the address of the proxy server and the allocated port number.
5. Method for remotely managing a gateway device according to claim 1 or 4, characterized in that: the reverse proxy server establishes connection with one or more reverse proxy clients, and the SSH client at the maintenance side simultaneously logs in the SSH servers of a plurality of user gateway devices through a reverse tunnel formed by the reverse proxy server and the reverse proxy client.
6. The method of claim 1, wherein the method further comprises: the network management protocol is CWMP, and after the CPE registers in the cloud network management server ACS, the network management system can issue an instruction to the CPE.
7. The method of claim 1, wherein the method further comprises: the address of the reverse proxy server is configured by the network management protocol.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211100756.4A CN115550128A (en) | 2022-09-09 | 2022-09-09 | Method for remotely managing gateway equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211100756.4A CN115550128A (en) | 2022-09-09 | 2022-09-09 | Method for remotely managing gateway equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115550128A true CN115550128A (en) | 2022-12-30 |
Family
ID=84724837
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211100756.4A Pending CN115550128A (en) | 2022-09-09 | 2022-09-09 | Method for remotely managing gateway equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115550128A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114466065A (en) * | 2022-01-25 | 2022-05-10 | 网易(杭州)网络有限公司 | Proxy method and device for gateway, electronic equipment and storage medium |
| CN116647538A (en) * | 2023-06-06 | 2023-08-25 | 深圳市捷讯云联科技有限公司 | Connecting device capable of accessing different intranet services |
-
2022
- 2022-09-09 CN CN202211100756.4A patent/CN115550128A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114466065A (en) * | 2022-01-25 | 2022-05-10 | 网易(杭州)网络有限公司 | Proxy method and device for gateway, electronic equipment and storage medium |
| CN116647538A (en) * | 2023-06-06 | 2023-08-25 | 深圳市捷讯云联科技有限公司 | Connecting device capable of accessing different intranet services |
| CN116647538B (en) * | 2023-06-06 | 2024-05-28 | 深圳市捷讯云联科技有限公司 | Connecting device capable of accessing different intranet services |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN115550128A (en) | Method for remotely managing gateway equipment | |
| EP1901480B1 (en) | Method and system for implementing initialization configuration for the managed devices | |
| CN101247297B (en) | Device, system and method for automatically configuring application terminal in family network | |
| CN105591819B (en) | The method and device of Configuration network equipment | |
| CN111885036B (en) | Method and system for realizing multi-device access by router penetrating intranet | |
| EP1718034A1 (en) | Process for managing resource address requests and associated gateway device | |
| JP2001282655A (en) | Method, device, and storage medium for network device management | |
| CN103036732B (en) | A kind of method of network monitoring process, system and equipment | |
| CN105207853A (en) | Local area network monitoring management method | |
| CN103220161A (en) | Method and device for detecting server status | |
| CN102571762A (en) | Method and device for single sign-on | |
| EP2351292B1 (en) | Device and method for retrieving information from a device | |
| CN111510325A (en) | Alarm information pushing method, server, client and system | |
| CN105516061A (en) | Remote server access method and web server | |
| CN107995321A (en) | A kind of VPN client acts on behalf of the method and device of DNS | |
| CN107911496A (en) | A kind of VPN service terminal acts on behalf of the method and device of DNS | |
| CN109067729B (en) | Authentication method and device | |
| CN100461693C (en) | Network system | |
| CN102571817B (en) | Method and device for accessing application server | |
| CN113965622A (en) | Graphical agent method for bitmap display window based on X window | |
| EP2605145A1 (en) | Method for finding communication devices connected to communication network, and management device | |
| CN103152195B (en) | Collecting method and device | |
| CN213817812U (en) | Test service system based on Router OS is built | |
| CN105808418B (en) | Test machine register method, apparatus and system | |
| CN110677303A (en) | Network management system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |