CN116319162B - Communication connection method, control device and user terminal equipment based on double-layer tunnel - Google Patents

Communication connection method, control device and user terminal equipment based on double-layer tunnel Download PDF

Info

Publication number
CN116319162B
CN116319162B CN202211096718.6A CN202211096718A CN116319162B CN 116319162 B CN116319162 B CN 116319162B CN 202211096718 A CN202211096718 A CN 202211096718A CN 116319162 B CN116319162 B CN 116319162B
Authority
CN
China
Prior art keywords
local area
area network
vpn
server
communication connection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211096718.6A
Other languages
Chinese (zh)
Other versions
CN116319162A (en
Inventor
请求不公布姓名
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huizhou Haikui Information Technology Co ltd
Original Assignee
Huizhou Haikui Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huizhou Haikui Information Technology Co ltd filed Critical Huizhou Haikui Information Technology Co ltd
Priority to CN202211096718.6A priority Critical patent/CN116319162B/en
Publication of CN116319162A publication Critical patent/CN116319162A/en
Application granted granted Critical
Publication of CN116319162B publication Critical patent/CN116319162B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Abstract

The invention discloses a communication connection method, a control device and user equipment based on a double-layer tunnel, wherein the communication connection method comprises the following steps: transmitting a first request instruction to a VPN server located in a second local area network, wherein the first request instruction characterizes the request for accessing the second local area network; establishing a first VPN tunnel between the VPN server and the VPN server according to the first request instruction, and accessing a second local area network according to the first VPN tunnel; sending a second request instruction to the service management platform, wherein the second request instruction characterizes a request for connecting production equipment in a third local area network; based on the established first VPN tunnel, accessing a third local area network according to a second request instruction and establishing a second VPN tunnel between the third local area network and production equipment so as to enable the user terminal equipment to be in communication connection with the production equipment; according to the technical scheme provided by the embodiment of the invention, the safety and reliability of the data transmission channel can be enhanced, the information safety in the data transmission process can be effectively managed and controlled, and the safety of remote communication can be improved.

Description

Communication connection method, control device and user terminal equipment based on double-layer tunnel
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a dual-layer tunnel based communication connection method, a control device, and a client device.
Background
In some industrial production manufacturing scenes, the terminal equipment and the production equipment are often required to be remotely communicated so as to realize remote control of the production equipment, maintenance of the production equipment is facilitated, in the scheme for realizing remote communication in the prior art, a server is deployed on a public network to realize communication connection among equipment in different local area networks, when the terminal equipment of a user needs to control the production equipment, the server is connected through the public network, then the production equipment can be directly controlled through the server, the production equipment is directly connected with the public network in a network architecture of the type, production equipment data needs to be exposed to the public network, information security in a data transmission process cannot be effectively controlled, a certain potential safety hazard exists in maintenance of the production equipment, and the security of remote communication is reduced.
Disclosure of Invention
The present invention aims to solve at least one of the technical problems existing in the prior art. Therefore, the invention provides a communication connection method, a control device and user equipment based on a double-layer tunnel, which can strengthen the safety and reliability of a data transmission channel and effectively control the information safety in the data transmission process, and is beneficial to improving the safety of remote communication.
In a first aspect, an embodiment of the present invention provides a communication connection method based on a dual-layer tunnel, which is applied to a user equipment located in a first local area network, where the first local area network is in communication connection with a public network, and the public network is in communication connection with a second local area network, and the communication connection method includes:
transmitting a first request instruction to a VPN server located in the second local area network, wherein the first request instruction characterizes a request for accessing the second local area network;
establishing a first VPN tunnel between the first VPN server and the VPN server according to the first request instruction, and accessing the second local area network according to the first VPN tunnel, wherein the second local area network further comprises a service management platform in communication connection with the VPN server and a third local area network in communication connection with the service management platform;
sending a second request instruction to the service management platform, wherein the second request instruction characterizes a request for connecting production equipment in the third local area network;
and accessing the third local area network according to the second request instruction based on the established first VPN tunnel, and establishing a second VPN tunnel between the third local area network and the production equipment so as to enable the user terminal equipment to be in communication connection with the production equipment.
The communication connection method based on the double-layer tunnel provided by the embodiment of the invention has at least the following beneficial effects: in the remote communication process, the user terminal equipment firstly sends a first request instruction to the VPN server to request to access to the second local area network, a first VPN tunnel between the user terminal equipment and the VPN server can be established according to the first request instruction and connected to the second local area network, the user terminal equipment can be connected to a service management platform through the VPN server, the service management platform is in communication connection with the third local area network, after the first VPN tunnel is successfully established, the user terminal equipment can send a second request instruction to the service management platform to request to be connected with production equipment in the third local area network, because the first VPN tunnel is already communicated, the user terminal equipment can be connected to the third local area network according to the second request instruction, and a second VPN tunnel between the user terminal equipment and the production equipment is established, the user terminal equipment and the production equipment can communicate through the second VPN tunnel, and it can be understood that only the first VPN tunnel can be successfully communicated, and the nested double-layer tunnel is built between the user terminal equipment and the production equipment, so that the safety and the reliability of the data transmission channel can be effectively managed, the information safety in the data transmission process can be improved, the remote development requirements on the production engineering personnel can be improved, and the safety are improved.
In the above communication connection method, after the establishing of the second VPN tunnel with the production apparatus, the communication connection method further includes:
receiving a connection control instruction of the VPN server, wherein the connection control instruction represents refusing the user side equipment to access the second local area network, and the connection control instruction is obtained by triggering the VPN server by a user management role in the second local area network;
and responding to the connection control instruction, disconnecting the first VPN tunnel so as to disconnect the second local area network.
In the above communication connection method, the first request instruction includes first verification information, and the establishing a first VPN tunnel with the VPN server according to the first request instruction includes:
receiving a first authorization instruction fed back by the VPN server aiming at the first verification information, wherein the first authorization instruction characterizes that the first verification information is successfully authenticated;
and establishing a first VPN tunnel between the VPN server and the VPN server according to the first authorization instruction.
In the above communication connection method, the establishing a first VPN tunnel with the VPN server according to the first request instruction further includes:
Receiving a first limiting instruction fed back by the VPN server aiming at the first verification information, wherein the first limiting instruction characterizes authentication failure of the first verification information;
and responding to the first limiting instruction, ending the current request access operation, and retransmitting the first request instruction.
In the above communication connection method, the third local area network further includes an internet of things terminal communicatively connected to the service management platform and the production device, respectively, the service management platform includes a management server, and before the second request instruction is sent to the service management platform, the communication connection method further includes:
sending a third request instruction to the management server, wherein the third request instruction comprises second verification information;
and receiving a second authorization instruction fed back by the management server aiming at the second verification information and corresponding equipment connection information of the terminal of the Internet of things, wherein the second authorization instruction characterizes the authentication success of the second verification information, and the equipment connection information comprises information of production equipment bound with the terminal of the Internet of things.
In the above communication connection method, the service management platform further includes a data transfer server, the data transfer server is connected with the VPN server, the management server and the internet of things terminal, and the sending the second request instruction to the service management platform includes:
Sending a second request instruction to the management server according to the equipment connection information;
receiving communication connection information fed back by the management server aiming at the second request instruction;
the accessing the third local area network and establishing a second VPN tunnel between the third local area network and the production equipment according to the second request instruction comprises the following steps:
and accessing the third local area network and establishing a second VPN tunnel between the third local area network and the production equipment according to the communication connection information through the data transfer server.
In the above communication connection method, after the establishing of the second VPN tunnel with the production apparatus, the communication connection method further includes:
acquiring a data packet for maintaining the production equipment;
and transmitting the data packet to the production equipment through the VPN server, the data transfer server and the Internet of things terminal in sequence through the second VPN tunnel.
In a second aspect, an embodiment of the present invention provides an operation control apparatus, including at least one control processor and a memory for communication connection with the at least one control processor; the memory stores instructions executable by the at least one control processor to enable the at least one control processor to perform the communication connection method as described in the embodiments of the first aspect above.
The operation control device provided by the embodiment of the invention has at least the following beneficial effects: in the remote communication process, the user terminal equipment firstly sends a first request instruction to the VPN server to request to access to the second local area network, a first VPN tunnel between the user terminal equipment and the VPN server can be established according to the first request instruction and connected to the second local area network, the user terminal equipment can be connected to a service management platform through the VPN server, the service management platform is in communication connection with the third local area network, after the first VPN tunnel is successfully established, the user terminal equipment can send a second request instruction to the service management platform to request to be connected with production equipment in the third local area network, because the first VPN tunnel is already communicated, the user terminal equipment can be connected to the third local area network according to the second request instruction, and a second VPN tunnel between the user terminal equipment and the production equipment is established, the user terminal equipment and the production equipment can communicate through the second VPN tunnel, and it can be understood that only the first VPN tunnel can be successfully communicated, and the nested double-layer tunnel is built between the user terminal equipment and the production equipment, so that the safety and the reliability of the data transmission channel can be effectively managed, the information safety in the data transmission process can be improved, the remote development requirements on the production engineering personnel can be improved, and the safety are improved.
In a third aspect, an embodiment of the present invention provides a client device, including an operation control device according to an embodiment of the second aspect.
The user terminal equipment provided by the embodiment of the invention has at least the following beneficial effects: in the remote communication process, the user terminal equipment firstly sends a first request instruction to the VPN server to request to access to the second local area network, a first VPN tunnel between the user terminal equipment and the VPN server can be established according to the first request instruction and connected to the second local area network, the user terminal equipment can be connected to a service management platform through the VPN server, the service management platform is in communication connection with the third local area network, after the first VPN tunnel is successfully established, the user terminal equipment can send a second request instruction to the service management platform to request to be connected with production equipment in the third local area network, because the first VPN tunnel is already communicated, the user terminal equipment can be connected to the third local area network according to the second request instruction, and a second VPN tunnel between the user terminal equipment and the production equipment is established, the user terminal equipment and the production equipment can communicate through the second VPN tunnel, and it can be understood that only the first VPN tunnel can be successfully communicated, and the nested double-layer tunnel is built between the user terminal equipment and the production equipment, so that the safety and the reliability of the data transmission channel can be effectively managed, the information safety in the data transmission process can be improved, the remote development requirements on the production engineering personnel can be improved, and the safety are improved.
In a fourth aspect, an embodiment of the present invention provides a communication system, including a client device located in a first local area network, a VPN server located in a second local area network, a service management platform, and a third local area network, where the public network is respectively in communication connection with the first local area network and the second local area network, and the service management platform is respectively in communication connection with the VPN server and the third local area network;
the user terminal device is used for:
sending a first request instruction to the VPN server, wherein the first request instruction characterizes a request to access the second local area network;
establishing a first VPN tunnel between the VPN server and the VPN server according to the first request instruction, and accessing the second local area network according to the first VPN tunnel;
sending a second request instruction to the service management platform, wherein the second request instruction characterizes a request for connecting production equipment in the third local area network;
and accessing the third local area network according to the second request instruction based on the established first VPN tunnel, and establishing a second VPN tunnel between the third local area network and the production equipment so as to enable the user terminal equipment to be in communication connection with the production equipment.
The communication system provided by the embodiment of the invention has at least the following beneficial effects: in the remote communication process, the user terminal device firstly sends a first request instruction to the VPN server to request to access to the second local area network, a first VPN tunnel between the user terminal device and the VPN server can be established according to the first request instruction and connected to the second local area network, the user terminal device can be connected to the service management platform through the VPN server, the service management platform is in communication connection with the third local area network, after the first VPN tunnel is successfully established, the user terminal device can send a second request instruction to the service management platform to request to be connected with production equipment in the third local area network, because the first VPN tunnel is already communicated, the user terminal device can be connected to the third local area network according to the second request instruction, and a second VPN tunnel between the user terminal device and the production equipment is established, communication interaction can be carried out through the second VPN tunnel, and it can be understood that only the first VPN tunnel is successfully communicated, the communication system of the embodiment can effectively manage and control safety and reliability of a data transmission channel through the nested double-layer tunnel between the user terminal device and the production equipment, safety and safety maintenance requirements of a production engineering personnel can be improved, and safety maintenance of the production engineering personnel can be improved.
In a fifth aspect, embodiments of the present invention provide a computer-readable storage medium storing computer-executable instructions for causing a computer to perform the communication connection method according to the embodiment of the first aspect.
The computer readable storage medium provided according to the embodiment of the invention has at least the following beneficial effects: in the remote communication process, the user terminal equipment firstly sends a first request instruction to the VPN server to request to access to the second local area network, a first VPN tunnel between the user terminal equipment and the VPN server can be established according to the first request instruction and connected to the second local area network, the user terminal equipment can be connected to a service management platform through the VPN server, the service management platform is in communication connection with the third local area network, after the first VPN tunnel is successfully established, the user terminal equipment can send a second request instruction to the service management platform to request to be connected with production equipment in the third local area network, because the first VPN tunnel is already communicated, the user terminal equipment can be connected to the third local area network according to the second request instruction, and a second VPN tunnel between the user terminal equipment and the production equipment is established, the user terminal equipment and the production equipment can communicate through the second VPN tunnel, and it can be understood that only the first VPN tunnel can be successfully communicated, and the nested double-layer tunnel is built between the user terminal equipment and the production equipment, so that the safety and the reliability of the data transmission channel can be effectively managed, the information safety in the data transmission process can be improved, the remote development requirements on the production engineering personnel can be improved, and the safety are improved.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
Drawings
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate and do not limit the invention.
The invention is further described below with reference to the drawings and examples;
fig. 1 is a flowchart of a communication connection method according to a first embodiment of the present invention;
fig. 2 is a schematic structural diagram of a communication system according to a second embodiment of the present invention;
fig. 3 is a flowchart of a communication connection method according to a third embodiment of the present invention;
fig. 4 is a flowchart of a communication connection method according to a fourth embodiment of the present invention;
fig. 5 is a flowchart of a communication connection method provided in a fifth embodiment of the present invention;
fig. 6 is a flowchart of a communication connection method provided in a sixth embodiment of the present invention;
fig. 7 is a flowchart of a communication connection method provided in a seventh embodiment of the present invention;
Fig. 8 is a flowchart of a communication connection method according to an eighth embodiment of the present invention;
fig. 9 is a flowchart of a communication connection method provided in a ninth embodiment of the present invention;
fig. 10 is an overall flowchart of a communication connection method provided in the tenth embodiment of the present invention;
fig. 11 is a schematic structural diagram of an operation control device according to an eleventh embodiment of the present invention.
Detailed Description
Reference will now be made in detail to the present embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein the accompanying drawings are used to supplement the description of the written description so that one can intuitively and intuitively understand each technical feature and overall technical scheme of the present invention, but not to limit the scope of the present invention.
It should be appreciated that in the description of embodiments of the present invention, the descriptions of "first," "second," etc. are for the purpose of distinguishing between technical features only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated or implicitly indicating the precedence of the technical features indicated. "at least one" means one or more, and "a plurality" means two or more, greater than, less than, exceeding, etc., are understood to exclude the present number, and "a plurality" means one or more, unless specifically defined otherwise, above, below, within, etc., are understood to include the present number. And/or, describing the association relation of the association objects, indicates that three relations may exist, and it is understood that a and/or B may indicate that a exists alone, a exists together with B, and B exists alone. Wherein A, B may be singular or plural.
Furthermore, unless explicitly specified and limited otherwise, the term "coupled/connected" is to be interpreted broadly, as for example, being either fixedly coupled or movably coupled, being either detachably coupled or not detachably coupled, or being integrally coupled; can be mechanically connected, electrically connected or can be communicated with each other; can be directly connected or indirectly connected through an intermediate medium. It should be noted that although a logical order is illustrated in the flowchart, in some cases, the steps illustrated or described may be performed in an order different from that in the flowchart.
The technical features of the embodiments of the present invention described below may be combined with each other as long as they do not collide with each other.
In some industrial production manufacturing scenes, the terminal equipment and the production equipment are often required to be remotely communicated so as to realize remote control of the production equipment, maintenance of the production equipment is facilitated, in the scheme for realizing remote communication in the prior art, a server is deployed on a public network to realize communication connection among equipment in different local area networks, when the terminal equipment of a user needs to control the production equipment, the server is connected through the public network, then the production equipment can be directly controlled through the server, the production equipment is directly connected with the public network in a network architecture of the type, production equipment data needs to be exposed to the public network, information security in a data transmission process cannot be effectively controlled, a certain potential safety hazard exists in maintenance of the production equipment, and the security of remote communication is reduced.
The embodiment of the invention provides a communication connection method, a control device and user equipment based on a double-layer tunnel, which can strengthen the safety and reliability of a data transmission channel and effectively control the information safety in the data transmission process, and is beneficial to improving the safety of remote communication.
For ease of understanding, the terms involved in the embodiments of the present invention are explained first as follows:
a virtual private network (VPN, virtual Private Network) is a private network established over a public network for enabling secure transfer of data between two private networks.
The VPN tunnel is a virtual and special channel which is specially established on a line of a public network, can provide a channel for safe communication for two private networks on the public network, and ensures the safety of connection through an encryption channel.
Embodiments of the present invention will be further described below with reference to the accompanying drawings.
As shown in fig. 1 and fig. 2, an embodiment of the first aspect of the present invention provides a communication connection method based on a double-layer tunnel, which is applied to a user equipment located in a first local area network, where the first local area network is in communication connection with a public network, and the public network is in communication connection with a second local area network, and the communication connection method includes, but is not limited to, steps S110 to S140:
Step S110: transmitting a first request instruction to a VPN server located in a second local area network, wherein the first request instruction characterizes the request for accessing the second local area network;
it may be appreciated that the first local area network and the second local area network belong to different local area networks, in a specific industrial manufacturing scenario, the first local area network may be a network where an engineering developer is located, the second local area network may be a production network in a factory, in a remote communication process, a user side device may be connected to a public network through a mobile network or a WIFI network, and a first request instruction is sent to a VPN server to request access to the second local area network, that is, request access to the production network in the factory.
Step S120: establishing a first VPN tunnel between the first VPN server and the VPN server according to the first request instruction, and accessing a second local area network according to the first VPN tunnel, wherein the second local area network further comprises a service management platform in communication connection with the VPN server and a third local area network in communication connection with the service management platform;
the user terminal equipment sends a first request instruction so as to establish a first VPN tunnel between the user terminal equipment and the VPN server, the user terminal equipment and the VPN server can perform data transmission through the first VPN tunnel, after the first VPN tunnel is established, the user terminal equipment indicates that the user terminal equipment has the access right of the second local area network, can normally access the second local area network, and can normally communicate with the service management platform.
In the embodiment of the invention, the VPN server is arranged in the second local area network, so that the privately-arranged users can be realized, and meanwhile, a first barrier is arranged for the remote communication connection of the user terminal equipment, and the VPN server can provide functions of authentication, connection management, data transmission and the like.
Step S130: sending a second request instruction to the service management platform, wherein the second request instruction characterizes a request for connecting production equipment in a third local area network;
the service management platform is in communication connection with a third local area network, the third local area network comprises production equipment, the second request instruction is sent to the service management platform and used for requesting to connect the production equipment, the service management platform is arranged in the second local area network, the privately-arranged users can be realized, and meanwhile, a second barrier is arranged for the remote communication connection of the user terminal equipment, so that the information security in the data transmission process is ensured.
Step S140: and accessing a third local area network according to a second request instruction based on the established first VPN tunnel, and establishing a second VPN tunnel between the third local area network and the production equipment so as to enable the user terminal equipment to be in communication connection with the production equipment.
It can be understood that when the first VPN tunnel is connected, that is, the user equipment successfully accesses the second local area network, further connection operation can be performed, that is, the production equipment is further connected, the user equipment sends a second request instruction, so that the second VPN tunnel between the user equipment and the production equipment is established, meanwhile, the third local area network can be normally accessed, communication between the first local area network and the third local area network is realized, data transmission between the user equipment and the production equipment can be performed through the second VPN tunnel, and remote communication between the user equipment and the production equipment is conveniently realized.
It should be noted that, in the embodiment of the present invention, the communication connection tunnel belongs to a nested double-layer tunnel, and the successful establishment of the second VPN tunnel needs to be based on the connection of the first VPN tunnel, that is, the first VPN tunnel is embedded in the second VPN tunnel, so that the security of the data transmission channel can be effectively ensured.
According to the communication connection method based on the double-layer tunnel, in the remote communication process, the user side equipment firstly sends a first request instruction to the VPN server to request to access to the second local area network, a first VPN tunnel between the user side equipment and the VPN server can be established according to the first request instruction and connected to the second local area network, the user side equipment can be connected to the service management platform through the VPN server, the service management platform is in communication connection with the third local area network, after the first VPN tunnel is successfully established, the user side equipment can send a second request instruction to the service management platform to request to connect with production equipment in the third local area network, because the first VPN tunnel is communicated, the user side equipment can be connected to the third local area network according to the second request instruction, and communication interaction can be carried out between the user side equipment and the production equipment through the second VPN tunnel.
The VPN server and the service management platform of the embodiment of the present invention are deployed in a second local area network, and privately deployed in the second local area network, so that user-defined security management and control can be implemented, and the service management platform may not have a function of connecting with a public network, so that production equipment data does not need to be exposed to the public network, which is beneficial to improving information security, and meanwhile, by setting up a nested double-layer tunnel trusted by a user, a first VPN tunnel is embedded in the second VPN tunnel, so that security and reliability of remote operation and maintenance can be improved.
It should be noted that the user side device may be a terminal device in various forms such as a handheld device, a computer device, or an application software or a plug-in installed in the terminal device, and similarly, the production device may be a terminal device, or an application software or a plug-in installed in the terminal device, where the VPN server and the service management platform may be implemented by software, hardware, or a system integration method, and may refer to a device that is a server, or may refer to a software program running on the device. Specifically, the engineering developer can realize communication connection with the production equipment through the first application software and the second application software installed on the user side equipment, firstly, the first application software requests to access the second local area network, establishes a first VPN tunnel between the first local area network and the VPN server, then, the second application software requests to connect with the production equipment in the third local area network, and establishes a second VPN tunnel between the second local area network and the production equipment, so that communication connection between the user side equipment and the production equipment is realized.
As shown in fig. 2, in order to further improve the security of the data transmission channel, by setting a firewall in the second local area network, the VPN server is in communication connection with the public network through the firewall, so that a protection barrier can be constructed between the public network and the second local area network, and illegal users or viruses in the network are prevented from entering the second local area network, thereby ensuring information security.
As shown in fig. 3, in the above-described communication connection method, after the second VPN tunnel is established with the production apparatus in step S140, the communication connection method further includes, but is not limited to, step S210 and step S220:
step S210: receiving a connection control instruction of the VPN server, wherein the connection control instruction represents refusing the user terminal equipment to access the second local area network, and the connection control instruction is obtained by triggering the VPN server by a user management role in the second local area network;
step S220: and responding to the connection control instruction, disconnecting the first VPN tunnel so as to disconnect the second local area network.
IT should be noted that, because the VPN server is disposed in the second local area network, after the second VPN tunnel between the client device and the production device is successfully established, the user management role in the second local area network may trigger the VPN server to send a connection control instruction, so that the client device may disconnect the first VPN tunnel at any time, thereby disconnecting the second VPN tunnel, the second local area network may be a production network in the factory, the VPN server may be managed and controlled by an IT department in the factory, when the user management role in the IT department triggers the VPN server to send the connection control instruction, the VPN server sends the connection control instruction to the client device, to instruct to refuse the client device to access the second local area network, and disconnect the first VPN tunnel after the client device receives the connection control instruction, and simultaneously disconnect the connection with the second local area network, where the client device cannot connect to the service management platform, and also cannot communicate with the production device.
As shown in fig. 4, in the above-mentioned communication connection method, the first request instruction includes first authentication information, and the step S120 establishes a first VPN tunnel with the VPN server according to the first request instruction, including but not limited to step S310 and step S320:
step S310: receiving a first authorization instruction fed back by the VPN server aiming at the first verification information, wherein the first authorization instruction represents that the first verification information is successfully authenticated;
step S320: and establishing a first VPN tunnel between the VPN server and the VPN server according to the first authorization instruction.
It should be noted that, the ue sends a first request instruction to the VPN server, where the first request instruction carries first verification information, after the VPN server receives the first request instruction, performs authentication operation on the ue with respect to the first verification information, if the first verification information matches with information in a preset database, the authentication is successful, and a first authorization instruction is fed back to the ue, where the first authorization instruction includes data for accessing the VPN server, for example, may be data such as a virtual IP address, so as to establish a first VPN tunnel between the ue and the VPN server.
Specifically, an account number and password verification list is stored in a preset database of the VPN server, the first verification information comprises an account number and a password to be verified, an engineering developer obtains the account number and the password after obtaining the trust of a user, the user terminal device is started and inputs the corresponding account number and the corresponding password, and when the account number and the password are matched with the information in the verification list, the VPN server can be successfully connected, namely the VPN server has the access right of the second local area network and can be successfully accessed into the second local area network.
As shown in fig. 5, in the above-mentioned communication connection method, in step S120, a first VPN tunnel is established with the VPN server according to the first request instruction, and further includes, but is not limited to, step S410 and step S420:
step S410: receiving a first limiting instruction fed back by the VPN server aiming at the first verification information, wherein the first limiting instruction represents authentication failure of the first verification information;
step S420: and responding to the first limiting instruction, ending the current request access operation, and retransmitting the first request instruction.
The user terminal equipment sends a first request instruction to the VPN server, the first request instruction carries first verification information, after the VPN server receives the first request instruction, authentication operation is carried out on the user terminal equipment aiming at the first verification information, if the first verification information is not matched with information in a preset database, authentication fails, a first limiting instruction is fed back to the user terminal equipment, the user terminal equipment can determine that the current first verification information is incorrect according to the first limiting instruction, current request access operation is ended, new first verification information is acquired again, and the first request instruction is sent again. For example, the first verification information includes an account number and a password to be verified, and when the engineering developer inputs the account number and the password at the user terminal device, if a prompt of authentication failure occurs, the engineering developer can be reminded that the information currently input by the engineering developer is wrong, so that the correct information can be conveniently input again. The authentication of the first verification information is performed by the VPN server, so that the security of the remote communication connection can be improved.
As shown in fig. 6, in the above communication connection method, the third local area network further includes an internet of things terminal communicatively connected to the service management platform and the production device, respectively, the service management platform includes a management server, and before the second request instruction is sent to the service management platform in step S130, the communication connection method further includes, but is not limited to, step S510 and step S520:
step S510: sending a third request instruction to the management server, wherein the third request instruction comprises second verification information;
step S520: and receiving a second authorization instruction fed back by the management server aiming at the second verification information and corresponding equipment connection information of the terminal of the Internet of things, wherein the second authorization instruction characterizes the successful authentication of the second verification information, and the equipment connection information comprises information of production equipment bound with the terminal of the Internet of things.
It should be noted that, the third local area network further includes an internet of things terminal, the internet of things terminal is bound with the production equipment, and can transmit information of the production equipment to the service management platform, when the user terminal equipment accesses the second local area network, a third request instruction is sent to the management server, the third request instruction carries second verification information, after receiving the third request instruction, the management server authenticates the user terminal equipment with respect to the second verification information, if the second verification information is matched with information in a preset database, the authentication is successful, and feeds back a second authorization instruction to the user terminal equipment, and meanwhile feeds back equipment connection information of the internet of things terminal corresponding to management of the second verification information, so that engineering developers can conveniently select connectable production equipment.
Specifically, the device connection information includes information of all production devices bound by the terminal of the internet of things, for example, signal strength, online condition, network connection mode and the like of the production devices, and the device connection information can be displayed in a list form in the user terminal device.
As shown in fig. 7 and 8, in the above-mentioned communication connection method, the service management platform further includes a data transfer server, where the data transfer server is connected to the VPN server, the management server, and the terminal of the internet of things, respectively, and in step S130, a second request instruction is sent to the service management platform, including but not limited to step S610 and step S620:
step S610: sending a second request instruction to the management server according to the equipment connection information;
step S620: receiving communication connection information fed back by the management server aiming at the second request instruction;
in step S140, accessing the third local area network and establishing a second VPN tunnel with the production device according to the second request instruction, including:
step S710: and accessing the third local area network according to the communication connection information and establishing a second VPN tunnel between the third local area network and the production equipment through the data transfer server.
The communication connection information includes data required by the communication connection between the user equipment and the production equipment, such as encryption and decryption communication modes between the user equipment and the production equipment, port information of the data transfer server, virtual IP address of the production equipment, and the like. The user equipment can know the condition of the production equipment according to the equipment connection information, select the production equipment to be maintained, based on the established first VPN tunnel, the user equipment can send a second request instruction to the management server, after receiving the second request instruction, the management server sends communication connection information to the user equipment and the production equipment, the user equipment can access a third local area network through the data transfer server and establish a second VPN tunnel between the user equipment and the production equipment, and it can be understood that in the second VPN tunnel, data transmission is performed through the data transfer server, and data transmission to the production equipment is achieved.
It should be noted that, the management server and the data transfer server are only used for distinguishing different functions which can be realized by the service management platform, the management server is used for realizing management of the terminal of the internet of things, and the data transfer server is used for realizing data transparent transmission. The management server and the data transfer server may be one logical server, or may be two logical servers, or may be a virtual machine or a physical machine, and the embodiment of the present invention is not limited specifically.
As shown in fig. 9, in the above-described communication connection method, after the second VPN tunnel is established with the production apparatus in step S710, the communication connection method further includes, but is not limited to, step S810 and step S820:
step S810: acquiring a data packet for maintaining production equipment;
step S820: and transmitting the data packet to production equipment through the VPN server, the data transfer server and the Internet of things terminal in sequence through a second VPN tunnel.
After the second VPN tunnel between the user terminal equipment and the production equipment is successfully established, the user terminal equipment and the production equipment can communicate normally, the user terminal equipment acquires a data packet, the data packet is used for maintaining the production equipment, the data packet comprises data such as debugging parameters and upgrading programs required by the maintenance of the production equipment and a destination address of the production equipment in a third local area network, and the data packet is transmitted to the production equipment through a VPN server, a data transfer server and an Internet of things terminal, so that engineering developers can maintain the production equipment remotely.
As shown in fig. 2 and fig. 10, taking the second local area network as a production network of a factory, the production device is a machine, and the third local area network is a machine local area network, the overall implementation procedure of the communication connection method in the embodiment of the present invention will be described below:
step S1010: the method comprises the steps that user side equipment receives a first trigger signal of an engineering developer aiming at first application software and starts the first application software;
step S1020: the method comprises the steps that user equipment requests to access a production network of a factory through first application software;
step S1030: the user terminal equipment receives a first authorization instruction fed back by the VPN server, and establishes a first VPN tunnel;
specifically, the user equipment sends a first request instruction to the VPN server through first application software to request to access the production network of the factory, the first request instruction carries first verification information, the VPN server carries out authentication operation on the user equipment aiming at the first verification information, if the first verification information is matched with information in a preset database, authentication is successful, a first authorization instruction is fed back, and the user equipment establishes a first VPN tunnel with the VPN server according to the first authorization instruction and successfully accesses the production network of the factory;
step S1040: the user equipment receives a second trigger signal of the engineering developer aiming at the second application software and starts the second application software;
Step S1050: the user equipment successfully logs in the management server through second application software and acquires equipment connection information of the terminal of the Internet of things;
specifically, the user equipment sends a third request instruction to the management server through second application software, the third request instruction carries second verification information, the management server performs authentication operation on the user equipment aiming at the second verification information, if the second verification information is matched with information in a preset database, authentication is successful, the user equipment successfully logs in the management server, meanwhile, equipment connection information of the internet of things terminal fed back by the management server is received, and the equipment connection information comprises information such as signal intensity of a machine station, on-line condition and the like;
step S1060: the user terminal equipment receives a second request instruction triggered by the engineering developer through second application software, wherein the second request instruction characterizes a machine in a machine local area network;
step S1070: the user terminal equipment receives communication connection information fed back by the management server and establishes a second VPN tunnel;
specifically, the engineering developer selects an online machine at the second application software, triggers the user side equipment to send a second request instruction, the user side equipment sends the second request instruction to the management server, the management server sends communication connection information to the user side equipment and the machine after receiving the second request instruction, and the user side equipment can access the machine local area network and establish a second VPN tunnel with the machine through the data transfer server;
Step S1080: and the user equipment and the machine communicate through a second VPN tunnel.
Specifically, when the user equipment successfully enters the machine station local area network, engineering developers can write programs or software into equipment such as a computer and a logic controller of the machine station through the user equipment so as to maintain the machine station.
As shown in fig. 11, a second aspect embodiment of the present invention provides an operation control apparatus 1100, including at least one control processor 1110 and a memory 1120 for communication connection with the at least one control processor 1110; the memory 1120 stores instructions executable by the at least one control processor 1110, the instructions being executable by the at least one control processor 1110 to enable the at least one control processor 1110 to perform the communication connection method according to the embodiment of the first aspect as described above, for example, performing steps S110 to S140 in fig. 1, steps S210 to S230 in fig. 3, steps S210 and S220 in fig. 3, steps S310 and S320 in fig. 4, steps S410 and S420 in fig. 5, steps S510 and S520 in fig. 6, steps S610 and S620 in fig. 7, steps S710 and S820 in fig. 8, and steps S1010 to S1080 in fig. 10.
According to the operation control device provided by the embodiment of the invention, in a remote communication process, the user side equipment firstly sends a first request instruction to the VPN server to request to access the second local area network, a first VPN tunnel between the user side equipment and the VPN server can be established according to the first request instruction and connected to the second local area network, the user side equipment can be connected to the service management platform through the VPN server, the service management platform is in communication connection with the third local area network, after the first VPN tunnel is successfully established, the user side equipment can send a second request instruction to the service management platform to request to connect with the production equipment in the third local area network, because the first VPN tunnel is already communicated, the user side equipment can be connected to the third local area network according to the second request instruction, and can carry out communication interaction through the second VPN tunnel, and as a result, only the first VPN tunnel is successfully communicated, the second VPN tunnel can be communicated, through nested double-layer tunnels between the user side equipment and the production equipment, the safety and reliability of a data transmission channel can be enhanced, the safety and the safety of the data transmission channel can be effectively managed, the safety and the safety of the production equipment can be improved, and the safety requirements are more are improved, and the safety of the production engineering equipment can be more developed, and the safety is more required.
An embodiment of a third aspect of the present invention provides a client device, including an operation control apparatus according to the embodiment of the second aspect.
According to the user terminal equipment provided by the embodiment of the invention, in a remote communication process, the user terminal equipment firstly sends a first request instruction to the VPN server to request to access to the second local area network, a first VPN tunnel between the user terminal equipment and the VPN server can be established according to the first request instruction and connected to the second local area network, the user terminal equipment can be connected to the service management platform through the VPN server, the service management platform is in communication connection with the third local area network, after the first VPN tunnel is successfully established, the user terminal equipment can send a second request instruction to the service management platform to request to be connected with production equipment in the third local area network, because the first VPN tunnel is already communicated, the user terminal equipment can be connected to the third local area network according to the second request instruction, and can carry out communication interaction through the second VPN tunnel, and as a result, only the first VPN tunnel is successfully communicated, the second VPN tunnel can be communicated, through nested double-layer tunnels between the user terminal equipment and the production equipment, the safety and reliability of a data transmission channel can be enhanced, the safety and the safety of the production equipment can be effectively controlled, the safety and the safety of the production equipment can be improved, and the safety requirements are more improved, and the safety of the production equipment can be more developed.
As shown in fig. 2, a fourth aspect of the present invention provides a communication system, including a client device located in a first local area network, a VPN server located in a second local area network, a service management platform, and a third local area network, where the public network is respectively connected to the first local area network and the second local area network in a communication manner, and the service management platform is respectively connected to the VPN server and the third local area network in a communication manner;
the user terminal device is used for:
transmitting a first request instruction to the VPN server, wherein the first request instruction characterizes a request for accessing a second local area network;
establishing a first VPN tunnel between the VPN server and the VPN server according to the first request instruction, and accessing a second local area network according to the first VPN tunnel;
sending a second request instruction to the service management platform, wherein the second request instruction characterizes a request for connecting production equipment in a third local area network;
and accessing a third local area network according to a second request instruction based on the established first VPN tunnel, and establishing a second VPN tunnel between the third local area network and the production equipment so as to enable the user terminal equipment to be in communication connection with the production equipment.
According to the communication system provided by the embodiment of the invention, in a remote communication process, the user side equipment firstly sends the first request instruction to the VPN server to request to access the second local area network, the first VPN tunnel between the user side equipment and the VPN server can be established according to the first request instruction and connected to the second local area network, the user side equipment can be connected to the service management platform through the VPN server, the service management platform is in communication connection with the third local area network, after the first VPN tunnel is successfully established, the user side equipment can send the second request instruction to the service management platform to request to be connected with the production equipment in the third local area network, because the first VPN tunnel is already communicated, the user side equipment can be connected to the third local area network according to the second request instruction, and the second VPN tunnel can be established to carry out communication interaction between the user side equipment and the production equipment.
It should be noted that, the implementation principle of the communication system of the present embodiment is the same as that of the communication connection method based on the dual-layer tunnel in the first embodiment, and specific implementation manners and specific technical effects of the user equipment, the VPN server, and the service management platform in the communication system may refer to specific implementation manners and specific technical effects in the communication connection method based on the dual-layer tunnel in the first embodiment, which are not described herein again.
A fifth aspect of the present invention provides a computer-readable storage medium storing computer-executable instructions for causing a computer to perform the communication connection method of the first aspect embodiment as above, for example, performing steps S110 to S140 in fig. 1, steps S210 to S230 in fig. 3, steps S210 and S220 in fig. 3, steps S310 and S320 in fig. 4, steps S410 and S420 in fig. 5, steps S510 and S520 in fig. 6, steps S610 and S620 in fig. 7, steps S710 and S820 in fig. 8, and steps S1010 to S1080 in fig. 10.
According to the computer readable storage medium provided by the embodiment of the invention, in a remote communication process, a user side device firstly sends a first request instruction to a VPN server to request access to a second local area network, a first VPN tunnel between the user side device and the VPN server can be established according to the first request instruction and connected to the second local area network, the user side device can be connected to a service management platform through the VPN server, the service management platform is in communication connection with a third local area network, after the first VPN tunnel is successfully established, the user side device can send a second request instruction to the service management platform to request to be connected with production equipment in the third local area network, because the first VPN tunnel is already communicated, the user side device can be connected to the third local area network according to the second request instruction, and can be communicated and interacted with the production equipment through the second VPN tunnel.
Those of ordinary skill in the art will appreciate that all or some of the steps, systems, and methods disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable media, which may include computer storage media or non-transitory media and communication media or transitory media. The term computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as known to those skilled in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disk DVD or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by a computer. Furthermore, as is well known to those of ordinary skill in the art, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media.
The embodiments of the present invention have been described in detail with reference to the accompanying drawings, but the present invention is not limited to the above embodiments, and various changes can be made within the knowledge of one of ordinary skill in the art without departing from the spirit of the present invention.

Claims (10)

1. The communication connection method based on the double-layer tunnel is characterized by being applied to user terminal equipment positioned in a first local area network, wherein the first local area network is in communication connection with a public network, the public network is in communication connection with a second local area network, and the communication connection method comprises the following steps:
transmitting a first request instruction to a VPN server located in the second local area network, wherein the first request instruction characterizes a request for accessing the second local area network;
establishing a first VPN tunnel between the first VPN server and the VPN server according to the first request instruction, and accessing the second local area network according to the first VPN tunnel, wherein the second local area network further comprises a service management platform in communication connection with the VPN server and a third local area network in communication connection with the service management platform;
sending a second request instruction to the service management platform, wherein the second request instruction characterizes a request for connecting production equipment in the third local area network;
Based on the established first VPN tunnel, accessing the third local area network according to the second request instruction and establishing a second VPN tunnel between the third local area network and the production equipment so as to enable the user terminal equipment to be in communication connection with the production equipment;
the service management platform comprises a data transfer server, and in the second VPN tunnel, data transmission is carried out through the data transfer server;
receiving a connection control instruction of the VPN server, wherein the connection control instruction represents refusing the user side equipment to access the second local area network, and the connection control instruction is obtained by triggering the VPN server by a user management role in the second local area network;
and responding to the connection control instruction, disconnecting the first VPN tunnel so as to disconnect the second local area network.
2. The communication connection method according to claim 1, wherein the first request instruction includes first authentication information, and the establishing a first VPN tunnel with the VPN server according to the first request instruction includes:
receiving a first authorization instruction fed back by the VPN server aiming at the first verification information, wherein the first authorization instruction characterizes that the first verification information is successfully authenticated;
And establishing a first VPN tunnel between the VPN server and the VPN server according to the first authorization instruction.
3. The method of communication connection according to claim 2, wherein the establishing a first VPN tunnel with the VPN server according to the first request instruction further comprises:
receiving a first limiting instruction fed back by the VPN server aiming at the first verification information, wherein the first limiting instruction characterizes authentication failure of the first verification information;
and responding to the first limiting instruction, ending the current request access operation, and retransmitting the first request instruction.
4. The communication connection method according to claim 1, wherein the third local area network further includes an internet of things terminal communicatively connected to the service management platform and the production apparatus, respectively, the service management platform including a management server, the communication connection method further comprising, before the sending of the second request instruction to the service management platform:
sending a third request instruction to the management server, wherein the third request instruction comprises second verification information;
and receiving a second authorization instruction fed back by the management server aiming at the second verification information and corresponding equipment connection information of the terminal of the Internet of things, wherein the second authorization instruction characterizes the authentication success of the second verification information, and the equipment connection information comprises information of production equipment bound with the terminal of the Internet of things.
5. The method of claim 4, wherein the service management platform further comprises a data transfer server, the data transfer server is respectively connected to the VPN server, the management server, and the internet of things terminal, and the sending the second request instruction to the service management platform comprises:
sending a second request instruction to the management server according to the equipment connection information;
receiving communication connection information fed back by the management server aiming at the second request instruction;
the accessing the third local area network and establishing a second VPN tunnel between the third local area network and the production equipment according to the second request instruction comprises the following steps:
and accessing the third local area network and establishing a second VPN tunnel between the third local area network and the production equipment according to the communication connection information through the data transfer server.
6. The communication connection method according to claim 5, characterized in that after the establishment of the second VPN tunnel with the production device, the communication connection method further comprises:
acquiring a data packet for maintaining the production equipment;
and transmitting the data packet to the production equipment through the VPN server, the data transfer server and the Internet of things terminal in sequence through the second VPN tunnel.
7. An operation control device comprising at least one control processor and a memory for communication with the at least one control processor; the memory stores instructions executable by the at least one control processor to enable the at least one control processor to perform the communication connection method of any one of claims 1 to 6.
8. A client device comprising the operation control apparatus according to claim 7.
9. The communication system is characterized by comprising user equipment positioned in a first local area network, a VPN server positioned in a second local area network, a service management platform and a third local area network, wherein a public network is respectively in communication connection with the first local area network and the second local area network, and the service management platform is respectively in communication connection with the VPN server and the third local area network;
the user terminal device is used for:
sending a first request instruction to the VPN server, wherein the first request instruction characterizes a request to access the second local area network;
establishing a first VPN tunnel between the VPN server and the VPN server according to the first request instruction, and accessing the second local area network according to the first VPN tunnel;
Sending a second request instruction to the service management platform, wherein the second request instruction characterizes a request for connecting production equipment in the third local area network;
based on the established first VPN tunnel, accessing the third local area network according to the second request instruction and establishing a second VPN tunnel between the third local area network and the production equipment so as to enable the user terminal equipment to be in communication connection with the production equipment;
the service management platform comprises a data transfer server, and in the second VPN tunnel, data transmission is carried out through the data transfer server;
receiving a connection control instruction of the VPN server, wherein the connection control instruction represents refusing the user side equipment to access the second local area network, and the connection control instruction is obtained by triggering the VPN server by a user management role in the second local area network;
and responding to the connection control instruction, disconnecting the first VPN tunnel so as to disconnect the second local area network.
10. A computer-readable storage medium storing computer-executable instructions for causing a computer to perform the communication connection method according to any one of claims 1 to 6.
CN202211096718.6A 2022-09-08 2022-09-08 Communication connection method, control device and user terminal equipment based on double-layer tunnel Active CN116319162B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211096718.6A CN116319162B (en) 2022-09-08 2022-09-08 Communication connection method, control device and user terminal equipment based on double-layer tunnel

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211096718.6A CN116319162B (en) 2022-09-08 2022-09-08 Communication connection method, control device and user terminal equipment based on double-layer tunnel

Publications (2)

Publication Number Publication Date
CN116319162A CN116319162A (en) 2023-06-23
CN116319162B true CN116319162B (en) 2023-12-12

Family

ID=86832857

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211096718.6A Active CN116319162B (en) 2022-09-08 2022-09-08 Communication connection method, control device and user terminal equipment based on double-layer tunnel

Country Status (1)

Country Link
CN (1) CN116319162B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001217767A (en) * 2000-01-28 2001-08-10 Matsushita Electric Ind Co Ltd Device and method for detecting out-of-step
CN114124584A (en) * 2022-01-28 2022-03-01 卓望数码技术(深圳)有限公司 Method, device and system for remotely accessing office network, network access equipment and medium

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8146145B2 (en) * 2004-09-30 2012-03-27 Rockstar Bidco Lp Method and apparatus for enabling enhanced control of traffic propagation through a network firewall
JP2011077769A (en) * 2009-09-30 2011-04-14 Fujifilm Corp Vpn system and operation control method thereof
FR3010599B1 (en) * 2013-09-11 2016-12-02 Citypassenger METHOD AND SYSTEM FOR ESTABLISHING VIRTUAL PRIVATE NETWORKS BETWEEN LOCAL NETWORKS
US10965494B2 (en) * 2015-10-01 2021-03-30 International Business Machines Corporation Intelligent multi-channel VPN orchestration
US10873891B2 (en) * 2016-07-06 2020-12-22 Oceus Networks, Llc Secure network rollover

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001217767A (en) * 2000-01-28 2001-08-10 Matsushita Electric Ind Co Ltd Device and method for detecting out-of-step
CN114124584A (en) * 2022-01-28 2022-03-01 卓望数码技术(深圳)有限公司 Method, device and system for remotely accessing office network, network access equipment and medium

Also Published As

Publication number Publication date
CN116319162A (en) 2023-06-23

Similar Documents

Publication Publication Date Title
US11425202B2 (en) Session processing method and device
CN107534651B (en) Method and apparatus for communicating session identifier
CN109039436B (en) Method and system for satellite security access authentication
US8842830B2 (en) Method and apparatus for sending a key on a wireless local area network
WO2020143095A1 (en) Method for establishing communication connection and proxy server
US10250581B2 (en) Client, server, radius capability negotiation method and system between client and server
KR101929868B1 (en) Connection establishment method, device, and system
US9288674B2 (en) Convenient WiFi network access using unique identifier value
CN112671763B (en) Data synchronization method and device in networking environment, computer equipment and storage medium
US20230143835A1 (en) Network slice connection management method, terminal, and computer-readable storage medium
WO2017012142A1 (en) Dual-connection security communication method and apparatus
CN111865879B (en) Internet of things access method and system and corresponding Internet of things equipment
CN111194035B (en) Network connection method, device and storage medium
CN108848145B (en) Method and system for accessing near-end network management of equipment through WEB agent and far-end network management
KR20100101887A (en) Method and system for authenticating in communication system
CN104837134A (en) Web authentication user registration method, device and system
CN112751870B (en) NFS (network file system) safety transmission device and method based on proxy forwarding
CN116319162B (en) Communication connection method, control device and user terminal equipment based on double-layer tunnel
CN102075567B (en) Authentication method, client, server, feedthrough server and authentication system
CN114301967B (en) Control method, device and equipment for narrowband Internet of things
CN113573384A (en) Terminal, terminal network distribution method and device, and storage medium
CN103188662A (en) Method and device for verifying wireless access point
CN115002771B (en) Connection method, device and system between intelligent home terminal and wireless network equipment
WO2024000134A1 (en) Verification method and apparatus, device, and storage medium
US20230164655A1 (en) Service transmission method, communication device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant