CN1838638A - VPN data forwarding method and VPN device for data forwarding - Google Patents
VPN data forwarding method and VPN device for data forwarding Download PDFInfo
- Publication number
- CN1838638A CN1838638A CNA2006100660079A CN200610066007A CN1838638A CN 1838638 A CN1838638 A CN 1838638A CN A2006100660079 A CNA2006100660079 A CN A2006100660079A CN 200610066007 A CN200610066007 A CN 200610066007A CN 1838638 A CN1838638 A CN 1838638A
- Authority
- CN
- China
- Prior art keywords
- vpn
- equipment
- data forwarding
- main
- ssl
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The disclosed VPN data transmission method with opposite device comprises: A. selecting a main VPN device to set fixed public network IP address; B. building connection between the accessory and main VPN devices, completing the authentication and certification to SSL VPN access; C. building TCP connection from the accessory device to the main; D. building corresponding relation for the TCP connection by the main VPN, and sending rout information and/or authority information to the accessory; E. building a new VPN connection by the accessory device to send data of the received information.
Description
Technical field
The present invention relates to the VPN(Virtual Private Network) technology, be specifically related to VPN data transmission method and VPN equipment.
Technical background
Based on more than the transport layer and end-to-end needs carry out ciphered data transmission VPN, as SSLVPN, be a kind of based on SSL (SSL, Security Socket Layer) makes up the technology of VPN, be operated between application layer and the TCP layer, based on HTML (Hypertext Markup Language) (HTTP, Hypertext Transfer Protocol) carries out the VPN visit, so this VPN can carry out safe VPN visit by explorer, because SSL VPN is operated on the transport layer, thereby can travel through all NAT device and firewall box, this makes that the user can be from the long-range internal network that is linked into company Anywhere.And the software that does not need additionally to carry out client installs, and becomes a kind of VPN with the fastest developing speed at present.
As shown in Figure 1, suppose that server S erver1 is the WEB server of an inside of certain enterprise, be connected to a computer PC 1 addressable in-company WEB server of internet.Computer PC 1 has access to SSL VPN equipment by HTTP earlier by the WEB browser, after the authentication and authentication by SSL VPN equipment, again by the visit of HTTP initiation to inner WEB server S ERVER1, the data that have access to return to SSL VPN equipment by HTTP, and SSL VPN delivers to computer PC 1 safely by HTTPS again.So just can have access to in-company WEB server S ERVER1 by computer PC 1.Because WEB server S ERVER1 is confidential, can not have access to WEB server S ERVER1 by SSL VPN equipment.The basic functional principle of Here it is SSL VPN.The advantage of this VPN is very obvious, makes that exactly the user can be from Anywhere by the visit of the long-range VPN of carrying out in internet, and is very convenient quick.
The another kind of SSL VPN is used and is set up VPN in the ssl tunneling mode exactly, and this mode can be used for website and insert, and can also be used for the access of network.This mode need insert by the website of ssl tunneling with different regions, each website needs a SSL VPN equipment in this case, generally entering the Internet by ISP all is dynamic public network IP address, if but the address of armamentarium all is a dynamic IP, can not connect automatically between them, so the fixedly main SSL VPN equipment of public network IP usually is set on the net, the SSL VPN equipment of other website just can be set up ssl tunneling with main SSL VPN and is connected like this.
With reference to Fig. 2, an enterprise VPN is made of 3 branching networks, connect by SSL VPN, directly enter the Internet by dynamic IP at branch office network LAN a and branch office network LAN b, branch office network LAN c is provided with a fixed IP addresses, when LAN a and LAN b access network, at first be linked into SSL VPN main equipment, when the network user among the LAN a visits LAN b, also be to conduct interviews by main equipment respectively and set up ssl tunneling between main equipment.
The data flow of LAN b is dealt into earlier on the main SSL VPN equipment, and main SSL VPN equipment is finished deciphering earlier, searches routing table then, and re-encrypting data is dealt into data LAN a afterwards.Because the resource that encryption and decryption need consume main SSL VPN equipment so the burden of SSL VPN main equipment will be very heavy, has a strong impact on forwarding performance.
According to existing a kind of SSL VPN route technology solution, between LANA, LANB, adopt to consult directly to set up the new not method of the ssl tunneling by main SSL VPN equipment, make the data that transmit between LANA, LANB transmit by new ssl tunneling, and no longer by main SSL VPN equipment, as shown in Figure 3.
This method can thoroughly be separated from the flowing of access of SSL VPN equipment room, but such scheme has certain precondition, is exactly must directly set up ssl tunneling between LAN A, LAN B.The access that if LAN is A, the fire compartment wall among the LAN B does not allow SSL, perhaps the user among LAN A, the LAN B surfs the Net by address-translating device, and address-translating device is not supported the internal server function, in this case, just can't directly set up ssl tunneling between LAN A, LAN B, this scheme also just can not be implemented.
Summary of the invention
At problems of the prior art, the technical problem to be solved in the present invention is, a kind of VPN data forwarding method is provided and is used for the VPN equipment of data forwarding, this method makes up a forwarding tunnel again on original VPN connection basis, by VPN device forwards data, no longer carry out the encryption and decryption operation of data, thereby improve VPN data forwarding performance and efficient.
A kind of VPN data forwarding method provided by the invention comprises step:
A. a selected VPN equipment is as main VPN equipment, and other VPN equipment are as from VPN equipment, and is that main VPN equipment is provided with fixed public network IP address or fixed domain name;
B. set up VPN from VPN equipment with main VPN and be connected, and finish relevant authentication and the authentication that VPN inserts;
C. first, second is set up first, second TCP with main VPN equipment respectively from VPN equipment and is connected;
D. main VPN equipment is that described first, second TCP connects and sets up corresponding relation, carrying out data forwarding, and send routing iinformation and/or authority information to first, second from VPN equipment;
E. first, second connects from setting up VPN between the VPN equipment, and carries out data transmission and reception by routing iinformation of being received and/or authority information.
Between step C and D, also comprise step:
Main VPN equipment is verified from VPN equipment first, second;
Step C1 comprises:
Main VPN equipment transmission authorization information and connection identifier from VPN equipment, after first, second receives identifying code and connection identifier from VPN equipment, send the main VPN equipment that feeds back to first, second;
If the feedback information that the main equipment checking is received conforms to, then, described two TCP set up corresponding relation for connecting.
Step e also comprises: the step that first, second is verified after connecting between VPN equipment mutually.
The length of wherein said identifying code is more than or equal to the key length of the public key algorithm of SSL.
This method also comprises step:
Main VPN equipment is set at server end and client with first, second respectively from VPN equipment.
Data forwarding in the described main VPN equipment is transparent.
In the step e, when first, second VPN between VPN equipment connected the foundation failure, the described TCP of main VPN unit deletion connected and corresponding relation.
Described VPN is SSL VPN.
Described VPN is based on more than the transport layer and VPN that end-to-end needs are encrypted.
According to a kind of VPN data forwarding method of the present invention, comprise step:
A) to VPN connection request be correlated with authentication and authentication;
B) set up corresponding relation for the VPN equipment of mutual swap data, and send relevant routing iinformation and/or authority information to corresponding VPN equipment;
C) carry out data forwarding according to described corresponding relation.
This method also comprises: the step of verifying mutually after connecting between the VPN equipment of swap data mutually.
When VPN between the VPN of the mutual swap data equipment connects the foundation failure, delete described connection and corresponding relation.
Described VPN connect based on more than the transport layer and end-to-end needs encrypt.
Also provide a kind of VPN equipment according to the present invention, be used to transmit data, comprising:
The authentication unit is used for VPN connection request be correlated with authentication and authentication;
Data communication units is set up corresponding relation for the VPN equipment of mutual swap data, sends relevant routing iinformation and/or authority information to corresponding VPN equipment, and carries out data forwarding according to described corresponding relation.
The data forwarding of being carried out in this VPN equipment is transparent.
When VPN between the VPN of the mutual swap data equipment connected the foundation failure, the described VPN of this VPN unit deletion connected and corresponding relation.
The present invention is as follows with respect to the beneficial effect of prior art:
Existing based on the VPN more than the transport layer in, for the implementation that need transmit by middle VPN equipment, because the resource that encryption and decryption consumes SSL VPN equipment very much so the burden of the middle SSL VPN equipment of transmitting will be very heavy, has a strong impact on forwarding performance.And adopting the mode of consulting directly to set up new ssl tunneling, transmit data by new ssl tunneling, no longer by main VPN equipment.But its prerequisite is can directly set up ssl tunneling between the VPN user who communicates.Because the fire compartment wall that is provided with does not allow the access of SSL usually, when perhaps surfing the Net by address-translating device, address-translating device is not supported the internal server function again.Therefore, at present poor based on the data forwarding performance of the SSL VPN of prior art, efficient is low.
And VPN data forwarding method provided by the present invention, on the basis of original ssl tunneling, set up new TCP connection and consult a forwarding tunnel again, only need simple the forwarding during data process main equipment, and the encryption and decryption of no longer carrying out data is operated, reduce the load of main SSL VPN equipment, make most of resource of VPN equipment be used for forwarding of data, improve the data forwarding ability, thereby improve the Performance And Reliability of VPN network.This method is fit to the environment of various networkings, is not subjected to the restriction of address-translating device and firewall configuration, and is safe.
Description of drawings
Fig. 1 is the schematic diagram that is used to illustrate the basic functional principle of SSL VPN;
Fig. 2 is the schematic diagram according to the SSL VPN technologies scheme principle of prior art;
Fig. 3 is the schematic diagram according to another technical scheme principle of SSL VPN of prior art;
Fig. 4 is that SSL VPN realizes the schematic diagram of principle according to an embodiment of the invention;
Fig. 5 is the flow chart according to SSL VPN data forwarding method of the present invention.
Embodiment
For the ease of operation principle of the present invention is described, be that example is described with SSL VPN.At this, be that example is described with two the simplest networking modes from SSL VPN equipment and a main SSL VPN equipment.For the situation of more VPN equipment networks, its principle is similar.
VPN is that a kind of infrastructure by the internet usage network is utilized Internet routable address, and promptly public network address is visited far VPN equipment, and the mode of Data transmission between the network of strange land realizes the intercommunication of strange land network.SSL VPN utilizes the built-in Secure Socket Layer package processing capacity of browser, by browser connection inside SSL VPN equipment far, see through the mode that network package turns to then,, read internal server data far at the remote computer executive utility.This inside SSL VPN equipment far need be provided with Internet routable address, i.e. public network address.
VPN as shown in Figure 4 is respectively equipped with SSL VPN equipment (router, or gateway device): R1, R2, R3 in these three LAN.
Fig. 5 is the flow chart according to SSL VPN data forwarding method of the present invention, with reference to Fig. 5.
At first, select R3 as main VPN equipment, and for R3 is provided with fixed public network IP address, or fixed domain name, R1, R2 then are from VPN equipment; (step S11)
Then, from SSL VPN equipment R1, R2 sets up ssl tunneling with main VPN equipment R3 respectively, and finishes relevant authentication and authentication that SSL VPN inserts; (step S12)
R3 is to the server end of selected R2 as SSL, and R1 is as the client of SSL; (step S13)
R3 generates an identifying code code and connection identifier linkid at random, and for safety, identifying code code is not less than the length of the used public key algorithm key of SSL.
R3 sends out message to R2, informs R2 identifying code, connection identifier linkid and as the SSL server end; R3 sends out message to R1, informs R1 identifying code, connection identifier linkid and does the SSL client.R2 starts corresponding SSL service processing.
R1, R2 set up TCP with main VPN equipment R3 respectively and are connected LINK1, LINK2; (step S14)
TCP connects after the foundation, R1, R2 is respectively by LINK1, and LINK2 transmission identifying code and connection identifier linkid are to R3, and R3 checks this identifying code and connection identifier linkid, if conform to the identifying code that generates and linkid consistent, then be that these two TCP connect LINK1, LINK2 sets up corresponding relation, and notice R1, R2 connect foundation, send new route and authority information simultaneously to R1, R2, afterwards the data of R3 transparent forwarding R1, R2.(step S15)
Set up new SSL between R1, the R2 and connect, R1 sends identifying code code1 to R2, and whether R2 checking code1 with own consistent, if consistent, is undertaken by new routing information of being received and/or authority information that data send and reception.(step S16)
If the R2 checking is inconsistent, delete newly-established SSL and connect, delete TCP simultaneously and connect, the TCP of the R1 that the R3 deletion is corresponding connects and annexation.
With reference to Fig. 4, the VPN connection request that VPN equipment R3 sends VPN equipment R1, R2 respectively be correlated with authentication and authentication;
VPN equipment R3 is that VPN equipment R1, the R2 of mutual swap data sets up corresponding relation, and sends relevant routing iinformation and/or authority information to corresponding VPN equipment R1, R2;
VPN equipment R3 carries out data forwarding according to described corresponding relation, is about to give R2, R1 from the data forwarding of R1, R2 respectively.
Verify mutually after connecting between VPN equipment R1, the R2 of swap data mutually.
When VPN between the VPN of mutual swap data equipment R1, the R2 connects the foundation failure, delete described VPN and connect and corresponding relation.
Still with reference to Fig. 4, VPN equipment R3 is used to transmit data among the figure, comprising:
The authentication unit is used for VPN connection request be correlated with authentication and authentication;
Data communication units is set up corresponding relation for the VPN equipment of mutual swap data, sends relevant routing iinformation and/or authority information to corresponding VPN equipment, and carries out data forwarding according to described corresponding relation.
The data forwarding of being carried out in VPN equipment R3 is transparent.
Embodiment
With reference to Fig. 4, with one enterprise's SSL VPN networking of three branches being arranged is example, describe operation principle of the present invention in detail, 3 branched structure networks are formed: LAN I, LAN II, LANIII, the responsible SSL VPN equipment (SSL vpn gateway equipment) that connects these 3 networks: R1, R2, R3.Suppose that place, corporate HQ network is LAN III, R3 is as the main equipment that inserts SSL VPN.Fixed domain name of access SSL VPN equipment application of general headquarters is assumed to be
Www.abc.comOther two networks enter the Internet by the PPPOE of operator, and all surf the Net by NAT device.
At first, from SSL VPN equipment R1, R2 respectively with main VPN equipment R3, the address is
Www.abc.comSet up SSL and connect, and finish relevant authentication and the authentication that SSL VPN inserts; This is a common SSL VPN access procedure.
Setting up new SSL if desired between R1, R2 connects, R3 is according to configuring condition, perhaps R1, R2 set up in front and report oneself whether to support the server capability of SSL after SSL connects, R3 selects to have the access of server capability as server end, if all support, then select by configured strategy.We suppose that R2 can support the SSL server, and R1 does not support, so select the server end of R2 as SSL, R1 is as the client of SSL;
R3 generates an identifying code code1 at random and a R3 goes up unique connection identifier LinkID, can adopt the same secret method of formation of SSL to generate identifying code, and length is not less than the length of the used public key algorithm key of SSL.
R3 connects by the SSL that sets up previously and sends out message to R2, informs R2 identifying code code1, linkID and as the SSL server end; R3 sends out message to R1, informs R1 identifying code code1, linkID and does the SSL client.R2 starts corresponding SSL service processing.
R1, R2 set up TCP with main VPN equipment R3 respectively and are connected LINK1, LINK2;
TCP connects after the foundation, and R1, R2 send linkid to R3 by LINK1 and LINK2 respectively, and whether R3 checking linkid is consistent with the linkid that distributes.
R3 is that these two TCP connect LINK1, and LINK2 sets up corresponding relation, and notifies R1, R2 to connect foundation, sends new route and authority information simultaneously to R1, R2, afterwards the data of R3 transparent forwarding R1, R2.
Set up new SSL between R1, the R2 and connect, connect and set up back R1 and send code1 to R2, more whether R2 is consistent with the code1 of local terminal, if consistent then and undertaken by new routing information of being received and/or authority information that data send and reception.Otherwise deletion SSL connects with corresponding TCP and is connected, the corresponding TCP annexation of R3 deletion.
Principle of the present invention can be used to be operated in transport layer (TCP, UDP etc.) or more than the transport layer, need carry out the end-to-end VPN that carries out the ciphered data transmission, for example the IP SEC VPN based on UDP also can use identical principle to realize, that at this moment sets up is one and carries out UDP by main equipment and transmit, rather than TCP, foundation be that IP SEC connects rather than SSL connects.
The above only explains, the preferred embodiments of the present invention is described that for being used for be not limited to the present invention, for a person skilled in the art, the present invention can have various changes and variation.All within essence of the present invention and principle, any modification of being done, be equal to replacement, improvement etc., all should be included within the claim scope of the present invention.
Claims (17)
1, a kind of VPN data forwarding method is characterized in that, comprises step:
A. a selected VPN equipment is as main VPN equipment, and other VPN equipment conducts are from VPN equipment;
B. set up VPN from VPN equipment with main VPN and be connected, and finish relevant authentication and the authentication that VPN inserts;
C. first, second is set up first, second TCP with main VPN equipment respectively from VPN equipment and is connected;
D. main VPN equipment is that described first, second TCP connects and sets up corresponding relation, and send routing iinformation and/or authority information to first, second from VPN equipment;
E. first, second connects from setting up VPN between the VPN equipment, and carries out data transmission and reception by routing iinformation of being received and/or authority information.
2, VPN data forwarding method as claimed in claim 1 is characterized in that, also comprises step between step C and D:
Main VPN equipment is verified from VPN equipment first, second.
3, VPN data forwarding method as claimed in claim 2 is characterized in that step C1 comprises:
Main VPN equipment transmission authorization information and connection identifier from VPN equipment, after first, second receives identifying code and connection identifier from VPN equipment, send the main VPN equipment that feeds back to first, second;
If the feedback information that the main equipment checking is received conforms to, then, described two TCP set up corresponding relation for connecting.
4, VPN data forwarding method as claimed in claim 1 is characterized in that step e also comprises: the step that first, second is verified after connecting between VPN equipment mutually.
5, VPN data forwarding method as claimed in claim 1, the length of wherein said identifying code is more than or equal to the key length of the public key algorithm of SSL.
6, VPN data forwarding method as claimed in claim 1 is characterized in that, also comprises step:
Main VPN equipment is set at server end and client with first, second respectively from VPN equipment.
7, VPN data forwarding method as claimed in claim 1 is characterized in that, the data forwarding in the described main VPN equipment is transparent.
8, VPN data forwarding method as claimed in claim 1 is characterized in that,
In the step e, when first, second VPN between VPN equipment connected the foundation failure, the described TCP of main VPN unit deletion connected and corresponding relation.
9, as each described VPN data forwarding method in the claim 1 to 8, it is characterized in that described VPN is SSL VPN.
As each described VPN data forwarding method in the claim 1 to 8, it is characterized in that 10, described VPN is based on more than the transport layer and VPN that end-to-end needs are encrypted.
11, a kind of VPN data forwarding method is characterized in that, comprises step:
A) to VPN connection request be correlated with authentication and authentication;
B) set up corresponding relation for the VPN equipment of mutual swap data, and send relevant routing iinformation and/or authority information to corresponding VPN equipment;
C) carry out data forwarding according to described corresponding relation.
12, VPN data forwarding method as claimed in claim 11 is characterized in that, comprising: the step of verifying mutually after connecting between the VPN equipment of swap data mutually.
13, VPN data forwarding method as claimed in claim 11 is characterized in that, when VPN between the VPN of the mutual swap data equipment connects the foundation failure, deletes described connection and corresponding relation.
14, VPN data forwarding method as claimed in claim 11 is characterized in that, described VPN connect based on more than the transport layer and end-to-end needs encrypt.
15, a kind of VPN equipment is used to transmit data, it is characterized in that, comprising:
The authentication unit is used for VPN connection request be correlated with authentication and authentication;
Data communication units is set up corresponding relation for the VPN equipment of mutual swap data, sends relevant routing iinformation and/or authority information to corresponding VPN equipment, and carries out data forwarding according to described corresponding relation.
16, VPN equipment as claimed in claim 15 is characterized in that the data forwarding of being carried out is transparent.
17, VPN data forwarding method as claimed in claim 15 is characterized in that, when VPN between the VPN of the mutual swap data equipment connects the foundation failure, deletes described connection and corresponding relation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100660079A CN100463452C (en) | 2006-03-21 | 2006-03-21 | VPN data forwarding method and VPN device for data forwarding |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100660079A CN100463452C (en) | 2006-03-21 | 2006-03-21 | VPN data forwarding method and VPN device for data forwarding |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1838638A true CN1838638A (en) | 2006-09-27 |
| CN100463452C CN100463452C (en) | 2009-02-18 |
Family
ID=37015895
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100660079A Active CN100463452C (en) | 2006-03-21 | 2006-03-21 | VPN data forwarding method and VPN device for data forwarding |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100463452C (en) |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009132594A1 (en) * | 2008-04-30 | 2009-11-05 | 成都市华为赛门铁克科技有限公司 | Method and system for forwarding data among private networks |
| CN101286919B (en) * | 2007-04-11 | 2010-11-10 | 杭州华三通信技术有限公司 | Method and device for implementing inter-access between virtual private networks by conversion of network addresses |
| CN102088441A (en) * | 2009-12-08 | 2011-06-08 | 北京大学 | Data encryption transmission method and system for message-oriented middleware |
| CN102549990A (en) * | 2011-07-26 | 2012-07-04 | 华为技术有限公司 | Method and device for generating forwarding table term of virtual private network |
| CN102790775A (en) * | 2012-08-01 | 2012-11-21 | 北京映翰通网络技术有限公司 | Method and system for enhancing network safety performance |
| CN102843281A (en) * | 2012-09-18 | 2012-12-26 | 汉柏科技有限公司 | Method for accessing local network |
| CN103475563A (en) * | 2013-09-28 | 2013-12-25 | 上海成业智能科技股份有限公司 | Implementation method and monitoring system for public network VPN with non-fixed IP address |
| CN104202398A (en) * | 2014-09-04 | 2014-12-10 | 北京星网锐捷网络技术有限公司 | Remote control method, device and system |
| CN106385404A (en) * | 2016-08-31 | 2017-02-08 | 华北电力大学(保定) | Construction method for power information system based on mobile terminal |
| CN106534153A (en) * | 2016-11-30 | 2017-03-22 | 广东科达洁能股份有限公司 | Bridging special-line system established based on internet |
| CN106921552A (en) * | 2015-12-25 | 2017-07-04 | 航天信息股份有限公司 | Terminal, gateway and tunnel multiplex system |
| CN107508739A (en) * | 2017-09-06 | 2017-12-22 | 成都佑勤网络科技有限公司 | A kind of method for authenticating that data are transmitted by vpn tunneling |
| CN108401262A (en) * | 2018-02-06 | 2018-08-14 | 武汉斗鱼网络科技有限公司 | A kind of method and device that terminal applies communication data is obtained and analyzed |
| CN109547470A (en) * | 2018-12-20 | 2019-03-29 | 北京交通大学 | Protect electrical isolation wall method, the apparatus and system of network space safety |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| FI20021161A (en) * | 2002-06-14 | 2003-12-15 | Sonera Oyj | Method of transmitting a local network user data in a data transfer device and a local network system |
| CN1297105C (en) * | 2003-01-06 | 2007-01-24 | 华为技术有限公司 | Method for implementing multirole main machine based on virtual local network |
-
2006
- 2006-03-21 CN CNB2006100660079A patent/CN100463452C/en active Active
Cited By (25)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101286919B (en) * | 2007-04-11 | 2010-11-10 | 杭州华三通信技术有限公司 | Method and device for implementing inter-access between virtual private networks by conversion of network addresses |
| US8549286B2 (en) | 2008-04-30 | 2013-10-01 | Chengdu Huawei Symantec Technologies Co., Ltd. | Method and system for forwarding data between private networks |
| EP2262185A1 (en) * | 2008-04-30 | 2010-12-15 | Chengdu Huawei Symantec Technologies Co., Ltd. | Method and system for forwarding data among private networks |
| CN101572643B (en) * | 2008-04-30 | 2011-06-22 | 成都市华为赛门铁克科技有限公司 | Method and system for realizing data transmission among private networks |
| EP2262185A4 (en) * | 2008-04-30 | 2011-11-30 | Chengdu Huawei Symantec Tech | Method and system for forwarding data among private networks |
| WO2009132594A1 (en) * | 2008-04-30 | 2009-11-05 | 成都市华为赛门铁克科技有限公司 | Method and system for forwarding data among private networks |
| CN102088441A (en) * | 2009-12-08 | 2011-06-08 | 北京大学 | Data encryption transmission method and system for message-oriented middleware |
| CN102088441B (en) * | 2009-12-08 | 2014-07-02 | 北京大学 | Data encryption transmission method and system for message-oriented middleware |
| CN102549990B (en) * | 2011-07-26 | 2014-06-04 | 华为技术有限公司 | Method and device for generating forwarding table term of virtual private network |
| WO2012106930A1 (en) * | 2011-07-26 | 2012-08-16 | 华为技术有限公司 | Method and apparatus for generating virtual private network (vpn) forwarding entry |
| CN102549990A (en) * | 2011-07-26 | 2012-07-04 | 华为技术有限公司 | Method and device for generating forwarding table term of virtual private network |
| CN102790775A (en) * | 2012-08-01 | 2012-11-21 | 北京映翰通网络技术有限公司 | Method and system for enhancing network safety performance |
| CN102843281B (en) * | 2012-09-18 | 2014-12-10 | 汉柏科技有限公司 | Method for accessing local network |
| CN102843281A (en) * | 2012-09-18 | 2012-12-26 | 汉柏科技有限公司 | Method for accessing local network |
| CN103475563A (en) * | 2013-09-28 | 2013-12-25 | 上海成业智能科技股份有限公司 | Implementation method and monitoring system for public network VPN with non-fixed IP address |
| CN104202398A (en) * | 2014-09-04 | 2014-12-10 | 北京星网锐捷网络技术有限公司 | Remote control method, device and system |
| CN104202398B (en) * | 2014-09-04 | 2017-09-26 | 北京星网锐捷网络技术有限公司 | The method of remote control, apparatus and system |
| CN106921552A (en) * | 2015-12-25 | 2017-07-04 | 航天信息股份有限公司 | Terminal, gateway and tunnel multiplex system |
| CN106385404B (en) * | 2016-08-31 | 2019-08-02 | 华北电力大学(保定) | Power information system construction method based on mobile terminal |
| CN106385404A (en) * | 2016-08-31 | 2017-02-08 | 华北电力大学(保定) | Construction method for power information system based on mobile terminal |
| CN106534153A (en) * | 2016-11-30 | 2017-03-22 | 广东科达洁能股份有限公司 | Bridging special-line system established based on internet |
| CN107508739A (en) * | 2017-09-06 | 2017-12-22 | 成都佑勤网络科技有限公司 | A kind of method for authenticating that data are transmitted by vpn tunneling |
| CN107508739B (en) * | 2017-09-06 | 2020-08-11 | 成都佑勤网络科技有限公司 | Authentication method for transmitting data through VPN tunnel |
| CN108401262A (en) * | 2018-02-06 | 2018-08-14 | 武汉斗鱼网络科技有限公司 | A kind of method and device that terminal applies communication data is obtained and analyzed |
| CN109547470A (en) * | 2018-12-20 | 2019-03-29 | 北京交通大学 | Protect electrical isolation wall method, the apparatus and system of network space safety |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100463452C (en) | 2009-02-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1838638A (en) | VPN data forwarding method and VPN device for data forwarding | |
| US6131120A (en) | Enterprise network management directory containing network addresses of users and devices providing access lists to routers and servers | |
| US7769838B2 (en) | Single-modem multi-user virtual private network | |
| CN100571188C (en) | A kind of method and SSL gateway that improves SSL gateway processes efficient | |
| US7197550B2 (en) | Automated configuration of a virtual private network | |
| KR100758733B1 (en) | System and method for managing a proxy request over a secure network using inherited security attributes | |
| US20030041091A1 (en) | Domain name system resolution | |
| EP1134955A1 (en) | Enterprise network management using directory containing network addresses of users and devices providing access lists to routers and servers | |
| CN104270379A (en) | HTTPS proxy forwarding method and device based on transmission control protocol | |
| CN1731786A (en) | Network system, internal server, terminal device, storage medium and packet relay method | |
| CN1949705B (en) | Dynamic tunnel construction method for safety access special LAN and apparatus therefor | |
| JP2008507929A (en) | Method and system for securing remote access to a private network | |
| CN101040496A (en) | VPN gateway device and hosting system | |
| CN1753364A (en) | Method of controlling network access and its system | |
| CN101076796A (en) | Virtual special purpose network established for roam user | |
| CN101958822A (en) | Cryptographic communication system and gateway device | |
| CN106685785B (en) | Intranet access system based on IPsec VPN proxy | |
| CN1921441A (en) | Method and device for message transfer of virtual private local area network | |
| CN103716280B (en) | data transmission method, server and system | |
| CN1297105C (en) | Method for implementing multirole main machine based on virtual local network | |
| WO2014001871A1 (en) | System and method for facilitating communication between multiple networks | |
| CN1589060A (en) | Method for realizing self surrogate function for mobile node | |
| Farrell | Security in the Wild | |
| CN1901499A (en) | Safety access method for special local area net and device used for said method | |
| Cisco | L2TP Security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Patentee before: Huasan Communication Technology Co., Ltd. |