JP2010258883A - Gateway device and network connection method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To enable a general user to easily achieve an internal inter-network connection without installing any external device. <P>SOLUTION: In a gateway device 1, in such a state that a call is established between a telephone set 2 connected to the gateway device 1 and a telephone set connected to another gateway device 9, when a detection means 5 detects an instruction signal for giving the instruction of transmission of connection information required for internal inter-network connection, a data transmitting/receiving means 7 transmits the connection information relating to the gateway device 1 to the other gateway device 9 through a telephone communication network 6, and stores connection information received from the other gateway device 9 through the telephone communication network 6 into a connection information storage means 8. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to a gateway device installed between an internal network and an external network, and a network connection method.

  Due to the low cost of building and maintaining the Internet environment and the widening of the Internet, the Internet has become widely used in ordinary homes. In addition, with the enhancement of the Internet environment, digitalization of camera content and video content has increased, and the number of users who manage, view, and distribute camera content and video content on an information processing terminal or network is increasing.

  With this background, there is an increasing need to easily and safely share camera content and video content at a remote location. In business, virtual private networks (VPNs) have been used to securely connect and exchange or share information between remote locations within a company. Is considered to be used.

  When a VPN is constructed on the Internet, an encrypted communication means such as IPsec (Security Architecture for Internet Protocol) is used for countermeasures against information leakage, spoofing, and impersonation. In order to construct a VPN, it is necessary to set encryption information such as an encryption key in consideration, but it is complicated and difficult for a general user in a general household.

  In addition, when constructing a VPN between home gateways (HGW), it is necessary to confirm the IP address assigned to the HGW from the Internet connection provider in each HGW, which is also difficult for general users to construct a VPN. It is a factor.

  Patent Document 1 describes a network connection system that enables connections between internal networks that are easy to handle even for users with low IT literacy. In the network connection system described in Patent Document 1, a gateway installed at a boundary point between an internal network such as a home network and the Internet as an external network is used for connection between internal networks in response to a call request from a connection UI device. Necessary information is provided and acquired, and a session is established with the facing gateway using a connection protocol such as VPN to realize connection between internal networks.

JP 2008-28600 A (paragraphs 0007-0008, paragraphs 0031-0032)

  However, the network connection system described in Patent Document 1 requires an external device (connection control device) that accumulates information for building a VPN. In such a network connection system, a cost for installing an external device occurs.

  Therefore, an object of the present invention is to provide a gateway device and a network connection method that enable a general user to easily realize connection between internal networks without installing an external device.

  A gateway device according to the present invention is a gateway device that can be connected to a telephone and is installed at the boundary between an internal network and an external network, and detects a command signal from a device that can communicate with the gateway device; Data transmission / reception means for transmitting communication data via a telephone communication network connected to the gateway device, and connection information storage means for storing connection information which is information relating to other gateway devices necessary for connection between internal networks The data transmission / reception means is connected to an internal network in a state where a call is established between a telephone connected to a gateway device and a telephone connected to the other gateway device. When an instruction signal instructing transmission of necessary connection information is detected, Transmitting connection information to the other gateway device via the telephone communication network, and storing connection information received from the other gateway device via the telephone communication network in the connection information storage means. Features.

  The network connection method according to the present invention is a network connection method for connecting two internal networks in a communicable manner using a gateway device installed at the boundary between the internal network and the external network, and is a device capable of communicating with the gateway device. An instruction signal from the gateway device is transmitted, communication data is transmitted via a telephone communication network connected to the gateway device, and a telephone connected to the gateway device and a telephone connected to the other gateway device When an instruction signal instructing transmission of connection information necessary for connection between internal networks is detected in a state where a call has been established between the two, the connection information regarding the gateway device is transmitted to the other via the telephone communication network. Sent to the other gateway device and received from the other gateway device via the telephone communication network The connection information, and storing, in the connection information storage means for storing connection information relating to other gateway devices.

  According to the present invention, it is possible to easily prepare information necessary for connection between internal networks using a telephone function without installing an external device, so that a general user can easily realize connection between internal networks. can do.

It is a block diagram which shows the structure of 1st Embodiment of the network connection system containing the gateway apparatus by this invention. It is explanatory drawing which shows operation | movement of the network connection system shown by FIG. It is explanatory drawing which shows the state by which the telephone call between users was attained in the network connection system shown by FIG. It is explanatory drawing which shows the state in which transmission / reception (exchange) of VPN construction information is performed between HGW in the network connection system shown by FIG. It is explanatory drawing which shows the state by which VPN was constructed | assembled between HGW in the network connection system shown by FIG. It is explanatory drawing which shows operation | movement of the network connection system of 2nd Embodiment. It is a block diagram which shows the principal part of the gateway apparatus by this invention.

Embodiment 1. FIG.
FIG. 1 is a block diagram showing a configuration of a first embodiment (embodiment 1) of a network connection system including a gateway device according to the present invention. With reference to FIG. 1, the structure of the network connection system of 1st Embodiment is demonstrated.

  A home network (home NW) 11 is an internal network accommodated in a home gateway (HGW) 12. In the network connection system shown in FIG. 1, a personal computer (PC) 14, a video recorder 15, and a network storage 16 are installed as examples of terminals in the home NW11. The PC 14, the video recorder 15, and the network storage 16 are devices that can communicate with the HGW 12. A telephone 13 connected to a telephone port (not shown) of the HGW 12 is a VoIP (Voice over Internet Protocol) using a protocol such as SIP (Session Initiation Protocol) or MGCP (Media Gateway Control Protocol) provided by a communication carrier. A telephone call can be made using the network 32 or a PSTN (Public Switched Telephone Network) 33 or the like. Each terminal and telephone 13 in the home NW 11 are used by the user A.

  The HGW 12 is a gateway device installed at the boundary between the home NW 11 and the Internet 31. The HGW 12 includes a telephone communication unit 101 that transmits and receives voice data and communication data, an input detection unit 102 that detects an input signal input from each terminal in the home NW 11 and the telephone 13, a control unit 103 that controls each unit, and A connection information storage unit 104 is included.

  The telephone communication unit 101 transmits and receives voice data and communication data to and from the telephone communication unit 201 of the HGW 22 via the VoIP network 32 or the PSTN 33 when, for example, the telephone 13 performs a call with the telephone 23 connected to the HGW 22. To do. The input detection unit 102 monitors input operations at each terminal of the home NW 11 connected to the HGW 12 and the telephone 13 and detects an input signal. The control unit 103 controls each unit of the HGW 11, performs processing according to the input signal detected by the input detection unit 102, and accumulates data in the connection information storage unit 104.

  The home network (home NW) 21 is an internal network accommodated in a home gateway (HGW) 22. In the network connection system shown in FIG. 1, a personal computer (PC) 24 and a digital photo frame 25 are installed as examples of terminals in the home NW 21. The PC 24 and the digital photo frame 25 are devices that can communicate with the HGW 22. A telephone 23 connected to a telephone port (not shown) of the HGW 22 can make a call using a VoIP network 32 or a PSTN 33 using a protocol such as SIP or MGCP provided by a communication carrier. Each terminal and telephone 23 in the home NW 21 are used by the user B.

  The HGW 22 is a gateway device installed at the boundary between the home NW 21 and the Internet 31. The HGW 22 includes a telephone communication unit 201 that transmits and receives voice data and communication data, an input detection unit 202 that detects input signals input from each terminal in the home NW 21 and the telephone 23, and a control unit 203 that controls each unit. The connection information storage unit 204 is included.

  The telephone communication unit 201 transmits / receives voice data and communication data to / from the telephone communication unit 101 of the HGW 12 via the VoIP network 32 or the PSTN 33 when the telephone 23 performs a call with the telephone 13 connected to the HGW 12. To do. The input detection unit 202 monitors an input operation at each terminal of the home NW 21 connected to the HGW 22 or the telephone 23 and detects an input signal. The control unit 203 controls each unit of the HGW 22, performs processing according to the input signal detected by the input detection unit 202, and accumulates data in the connection information storage unit 204.

  When a VPN is established between the HGW 12 and the HGW 22, the HGWs 12 and 22 realize an internal network connection between the home NW 11 and the home NW 21 via the Internet 31 of the external network.

  FIG. 2 is an explanatory diagram showing the operation of the network connection system shown in FIG. With reference to FIG. 2, the operation of the network connection system shown in FIG. 1 connecting the in-home NW 11 used by the user A and the in-home NW 21 used by the user B to construct a VPN will be described. It is assumed that the HGW 12 and the HGW 22 are in a state where they can be connected to the Internet 31 and can make a call using the VoIP network 32 or the PSTN 33 using telephones connected to the respective HGWs.

  The user A inputs the telephone number assigned to the telephone 23 used by the user B from the telephone 13 and makes a telephone call to the telephone 23 (step S11). Here, the user A does not need to be aware of information (IP address or the like) on the network of the home NW 21 and the HGW 22. When the input detection unit 102 detects that a telephone number has been input from the telephone set 13, the control unit 103 performs call control processing. The telephone communication unit 101 transmits to the HGW 22 corresponding to the input telephone number via the VoIP network 32 or the PSTN 33. The HGW 22 notifies the telephone 23 of the incoming call (step S12). When the user B receives an incoming call at the telephone 23, a call is established between the telephone 13 and the telephone 14, and a call between the user A and the user B is started (step S13). The user A and the user B can confirm the other party who wants to construct the VPN by calling (step S14). FIG. 3 is an explanatory diagram showing a state in which a call between users is enabled in the network connection system shown in FIG. A call executed between the telephone set 13 and the telephone set 23 is performed via the VoIP network 32 or the PSTN 33 without going through the Internet 31.

  When a call between the user A and the user B is started, the user A performs a predetermined push button (PB) operation from the telephone set 13 and information (VPN construction information) necessary for constructing a VPN in the HGW 12 The exchange start is instructed (step S15). When the input detection unit 102 detects an input signal corresponding to the PB operation in step S15, the control unit 103 acquires VPN construction information stored in advance in the connection information storage unit 104. Then, the telephone communication unit 101 transmits the VPN construction information acquired by the control unit 103 to the telephone communication unit 201 (step S16). The VPN construction information transmitted by the telephone communication unit 101 is, for example, an IP address on the HGW 12 side for VPN connection (an IP address assigned to the HGW 12 from a communication provider such as an Internet connection provider), an encryption key, and a certificate. If a call using the VoIP network 32 is being made in step S16, the telephone including the VPN construction information in a specific message in a protocol such as RTP (Real-time Transport Protocol) or RTCP (RTP Control Protocol). Transmit to the communication unit 201. In step S16, when a call using the PSTN 33 is being performed, the VPN construction information is converted into a modem signal and transmitted to the telephone communication unit 201. When the telephone communication unit 101 transmits the VPN construction information, the control unit 103 waits for reception of the VPN construction information from the HGW 22 (step S17).

  On the other hand, the user B also performs a predetermined PB operation from the telephone set 23 and instructs the HGW 22 to start exchanging information (VPN construction information) necessary for constructing the VPN (step S18). When the input detection unit 202 detects an input signal corresponding to the PB operation in step S18, the control unit 203 acquires VPN construction information stored in advance in the connection information storage unit 204. Then, the telephone communication unit 201 transmits the VPN construction information acquired by the control unit 203 to the telephone communication unit 101 (step S19). The VPN construction information transmitted by the telephone communication unit 201 is, for example, an IP address on the HGW 22 side for VPN connection (an IP address assigned to the HGW 22 by a communication provider such as an Internet connection provider), an encryption key, a certificate, and the like. In step S19, the method in which the telephone communication unit 201 transmits VPN construction information to the telephone communication unit 101 is the same as the method in which the telephone communication unit 101 transmits VPN construction information to the telephone communication unit 201 in step S16. When the telephone communication unit 201 transmits VPN construction information, the control unit 203 waits for reception of VPN construction information from the HGW 12 (step S20).

  FIG. 4 is an explanatory diagram showing a state where VPN construction information is transmitted / received (exchanged) between HGWs in the network connection system shown in FIG. In FIG. 4, VPN construction information is exchanged as indicated by dotted arrows. In FIG. 4, a solid arrow indicates a call performed between the telephone set 13 and the telephone set 14. Note that the communication in the exchange of the VPN construction information may be a communication encrypted by a predetermined encryption format such as SSL (Secure Sockets Layer). By performing encrypted communication, the exchange of VPN construction information can be performed more securely, so it can be expected to construct the VPN safely.

  In step S16 and step S19, if the transmitted VPN construction information is not received by the opposite HGW telephone communication unit, the telephone communication units 101 and 201 may receive the VPN construction information for a predetermined number of times or a predetermined time. The transmission retry process may be performed. By performing such processing, it is possible to reduce the probability that the exchange of the VPN construction information fails between the HGW 12 and the HGW 22.

  In steps S15 to S20, when the VPN construction information is transmitted / received by the HGW 12 and the HGW 22, the control units 103 and 203 connect the VPN construction information received by the telephone communication units 101 and 201 from the opposing HGWs to the connection information storage unit 104, respectively. , 204 (steps S21, 22). When the exchange of the VPN construction information is completed and the VPN construction information necessary for constructing the VPN is accumulated, each HGW enters a construction waiting state. When the VPN construction information has been stored in the connection information storage units 104 and 204, the control units 103 and 203 of the respective HGWs control the telephone communication units 101 and 201 to store the VPN construction information in the opposing HGW. You may be notified of the completion of. When the exchange of the VPN construction information is completed, the control units 103 and 203 output predetermined voice signals (for example, melody and voice announcement) from the telephones 13 and 23, or are provided in the HGWs 12 and 22. The output unit (not shown: for example, LED or liquid crystal display) may be used to perform a predetermined output. In such a case, the user can be surely notified that the HGW has completed the exchange of the VPN construction information, so that the convenience for the user is improved.

  Further, in steps S17 and S20, even when the VPN construction information is transmitted from the opposing HGW before the HGWs 12 and 22 are in a state of waiting for reception of the VPN construction information, the telephone communication units 101 and 201 establish the VPN construction. Control may be performed so that information is received and stored in the connection information storage units 104 and 204. By controlling in this way, even when the timing when the user A instructs the HGW 12 to start the exchange of the VPN construction information is different from the timing when the user B instructs the HGW 22 to start the exchange of the VPN construction information, Exchanges can be made.

  After the HGWs 12 and 22 are in a construction waiting state, the user A performs a predetermined PB operation from the telephone set 13 and instructs the HGW 12 to start processing for constructing a VPN with the HGW 22 (step S23). When the input detection unit 102 detects an input signal corresponding to the PB operation in step S23, the control unit 103 receives the VPN construction information related to the HGW 12 transmitted to the HGW 22 in step S16, and the connection information stored from the HGW 22 in step S21. The setting for connecting the HGW 12 and the HGW 22 is executed according to the VPN construction information related to the HGW 22 stored in the unit 104. These VPN construction information also includes encryption information such as an IP address assigned to each HGW from the Internet connection provider and an encryption key. As a result, as shown in FIG. 2, between the HGW 12 and the HGW 22 In between, a VPN is built. Note that when the HGW 12 and the HGW 22 are in a construction waiting state, the control unit 103 or the control unit 203 may automatically construct a VPN. When a VPN is established between the HGW 12 and the HGW 22, an internal network connection for connecting the home NW 11 and the home NW 21 is realized.

  In addition, when the construction of the VPN is completed, the control units 103 and 203 output predetermined audio signals from the telephones 13 and 23 or perform predetermined output at the output units provided in the HGWs 12 and 22. Etc. In such a case, since the user can be surely notified that the HGW has completed the construction of the VPN, the convenience for the user is improved.

  FIG. 5 is an explanatory diagram showing a state in which a VPN is constructed between HGWs in the network connection system shown in FIG. When a VPN is constructed between the HGW 12 and the HGW 22, as shown in FIG. 2, during the call between the telephone set 13 and the telephone set 23, secure communication by the VPN is possible between the home NW 11 and the home NW 21. become. After the VPN is established, the VPN between the HGW 12 and the HGW 22 is maintained on the Internet regardless of the use state of the telephone 13 and the telephone 23, and secure communication by the VPN between the home NW 11 and the home NW 21 is performed. It can be carried out.

  In the network connection system of the first embodiment, the user makes a call using a phone number that makes it easy to recognize the other party, and specifies the VPN construction destination without understanding the IP address of the VPN construction destination. can do. Therefore, in such a network connection system, a VPN construction destination can be easily specified. When the user designates a VPN construction destination, the HGWs constructing the VPN exchange encryption keys, encryption information, certificates, and the like, so information transmission errors are reduced as compared with the case where the user constructs the VPN directly. .

  In the network connection system of the first embodiment, the user designates the VPN construction destination while a call is established between the telephones, and the VPN is constructed after each HGW accumulates the VPN construction information. A VPN can be established with the HGW designated by the user without performing complicated settings simply by giving an instruction to do so. Furthermore, since the user can confirm the VPN construction destination while making a call with the other party and give an instruction to construct the VPN, it is possible to prevent the wrong construction destination and VPN from being constructed.

  In the network connection system according to the first embodiment, when a VPN is constructed, both users who intend to construct a VPN need to instruct the start of the exchange of VPN information. It is possible to prevent the VPN from being constructed.

Embodiment 2. FIG.
A network connection system according to a second embodiment (embodiment 2) including the gateway device according to the present invention will be described. The configuration of the network connection system of the second embodiment is the same as the configuration of the network connection system of the first embodiment shown in FIG.

  FIG. 6 is an explanatory diagram illustrating the operation of the network connection system according to the second embodiment. With reference to FIG. 6, the operation of the network connection system of the second embodiment connecting the in-home NW 11 used by the user A and the in-home NW 21 used by the user B to construct a VPN will be described.

  It is assumed that the HGW 12 and the HGW 22 are in a state where they can be connected to the Internet 31 and can make a call using the VoIP network 32 or the PSTN 33 using telephones connected to the respective HGWs. Further, the HGWs 12 and 22 provide a service (setting Web service) that allows a user to instruct the construction of a VPN from an information processing terminal such as a PC. The PC 14 can access the setting Web service provided by the HGW 12, and the PC 24 can access the setting Web service provided by the HGW 22. The users A and B connected to the setting Web service on the PCs 14 and 24 confirm the information regarding the VPN construction from the setting Web screen displayed on the display unit (not shown) of each PC, and input each PC. An input operation for instructing the construction of a VPN can be performed from a section (not shown). The input detection units 102 and 202 detect an input signal corresponding to an input operation performed at the input unit of each PC.

  The user A inputs the telephone number of the telephone 23 used by the user B from the telephone 13 to make a call to the telephone 23, the user B receives the incoming call, and the telephone conversation between the user A and the user B is started. The operation (steps S31 to S34) until the user B can mutually confirm the other party to construct the VPN by calling is the same as the operation shown in steps S11 to S14 in FIG.

  User A accesses the setting Web service on the PC 14. The user A confirms the setting Web screen displayed on the display unit of the PC 14 and instructs the start of the exchange of the VPN construction information from the input unit of the PC 14 by, for example, selecting the “Setting” button on the setting Web screen. An input operation is performed (step S35). Before performing an input operation for instructing the start of the exchange of the VPN construction information, for example, the telephone number of the telephone 23 that is in a call is displayed on the setting Web screen, and the user A confirms the partner with whom the VPN is to be constructed. It may be easier. When an input operation for instructing the start of the exchange of VPN construction information is performed in step S35 and the input detection unit 102 detects an input signal corresponding to the input operation, the control unit 103 stores the VPN stored in advance in the connection information storage unit 104. Get construction information. Then, the telephone communication unit 101 transmits the VPN construction information acquired by the control unit 103 to the telephone communication unit 201 (step S36). When the telephone communication unit 101 transmits VPN construction information, the control unit 103 waits for reception of VPN construction information from the HGW 22 (step S37).

  On the other hand, the user B also accesses the setting Web service on the PC 24, confirms the setting Web screen displayed on the display unit of the PC 24, and selects the “Setting” button on the setting Web screen, for example. An input operation for instructing the start of the exchange of VPN construction information from the unit is performed (step S38). Before performing the input operation for instructing the start of the exchange of the VPN construction information, for example, the telephone number of the telephone 13 that is in a call is displayed on the setting Web screen, and the user B confirms the partner to construct the VPN. It may be easier. When an input operation instructing the start of the exchange of VPN construction information is performed in step S38, and the input detection unit 202 detects an input signal corresponding to the input operation, the control unit 203 stores the VPN stored in advance in the connection information storage unit 204. Get construction information. Then, the telephone communication unit 201 transmits the VPN construction information acquired by the control unit 203 to the telephone communication unit 101 (step S39). When the telephone communication unit 201 transmits VPN construction information, the control unit 203 waits for reception of VPN construction information from the HGW 12 (step S40).

  In steps S35 to S40, when the VPN construction information is transmitted / received by the HGW 12 and the HGW 22, the control units 103 and 203 connect the VPN construction information received by the telephone communication units 101 and 201 from the opposing HGWs to the connection information storage unit 104, respectively. , 204 (steps S41, 42). When the exchange of the VPN construction information is completed and the VPN construction information necessary for constructing the VPN is accumulated, the control unit 103 transmits the VPN construction information related to the HGW 12 transmitted to the HGW 22 in step S36 and the HGW 22 in step S41. The setting for connecting the HGW 12 and the HGW 22 is executed according to the VPN construction information relating to the HGW 22 received and stored in the connection information storage unit 104. The VPN construction information also includes encryption information such as an IP address assigned to each HGW from the Internet connection provider and an encryption key. As a result, as shown in FIG. 6, the HGW 12 and the HGW 22 In between, a VPN is built. Note that the control unit of the HGW whose storage completion of VPN construction information in Step S41 and Step S42 has been completed may construct a VPN with the opposing HGW. Further, as in the process in step S23 of the network connection system of the first embodiment, the user A or the user B may be able to instruct the start of the process of building a VPN from the setting Web screen.

  In addition, when the construction of the VPN is completed, a predetermined audio signal may be output from the telephones 13 and 23, or a predetermined output may be performed by an output unit provided in the HGWs 12 and 22. In such a case, since the user can be surely notified that the HGW has completed the construction of the VPN, the convenience for the user is improved.

  When a VPN is constructed between the HGW 12 and the HGW 22, as shown in FIG. 6, secure communication by VPN is possible between the home NW 11 and the home NW 21 during a call between the phone 13 and the phone 23. become. After the VPN is established, the VPN between the HGW 12 and the HGW 22 is maintained on the Internet regardless of the use state of the telephone 13 and the telephone 23, and secure communication by the VPN between the home NW 11 and the home NW 21 is performed. It can be carried out.

  In the network connection system of the second embodiment, by using the setting Web service on the PC 14 and the PC 24, the user can check the VPN construction destination by a method other than the conversation with the other party. Further, in such a network connection system, the VPN construction can be automatically completed only by the user performing an input operation instructing the start of the exchange of the VPN construction information.

  FIG. 7 is a block diagram showing a main part of the gateway device according to the present invention. As shown in FIG. 7, the gateway device 1 (for example, equivalent to the HGW 12 shown in FIG. 1) can be connected to the telephone 2 (for example, equivalent to the telephone 13 shown in FIG. 1), and the internal network 3 (for example, FIG. 1, which is installed at the boundary between the home network NW 11 shown in FIG. 1 and the external network 4 (e.g., equivalent to the Internet 31 shown in FIG. 1) and detects an instruction signal from a device capable of communicating with the gateway device 1 ( For example, data that transmits communication data via the input detection unit 102 shown in FIG. 1 and the telephone communication network 6 (for example, equivalent to the VoIP network 32 and PSTN 33 shown in FIG. 1) connected to the gateway device 1. The transmission / reception means 7 (for example, equivalent to the telephone communication unit 101 shown in FIG. 1) and another gateway device 9 (for example, shown in FIG. Connection information storage means 8 for storing connection information (for example, VPN construction information), which is information related to the HGW 22), and connected to a telephone connected to the gateway device and another gateway device 9 In a state where a call is established with a telephone set, the detection means 5 instructs the transmission of connection information necessary for connection between internal networks (for example, PB that instructs the exchange start of VPN construction information) The connection information related to the gateway device 1 is transmitted to the other gateway device 9 via the telephone communication network 6, and the communication information about the gateway device 1 is transmitted via the telephone communication network 6. The connection information received from the other gateway device 9 is stored in the connection information storage means 8.

  In each of the above embodiments, gateway devices as shown in the following (1) to (6) are also disclosed.

(1) When the condition for realizing the connection between the internal networks is established, the gateway is set according to the IP address, the certificate, and the setting information necessary for the connection between the internal networks included in the connection information stored in the connection information storage unit 8. Connection setting means for setting a connection between internal networks via an external network between an internal network connected to the apparatus and an internal network connected to another gateway apparatus (for example, in the control unit 103 shown in FIG. 1) Realized).

(2) When the detection unit detects an instruction signal instructing connection between internal networks (for example, corresponding to an input signal corresponding to a PB operation instructing start of processing for constructing a VPN), the connection setting unit A gateway device that sets up an internal network connection (for example, realized by the operations of steps S23 to S24), assuming that a condition for realizing the connection between networks is established.

(3) A gateway device in which data transmission / reception means sets connection information in a message (for example, a message in a protocol such as RTP or RTCP) that passes through a VoIP network as a telephone communication network.

(4) The gateway device detects an instruction signal from a telephone connected to the gateway device (for example, realized by the operation of step S15).

(5) A gateway device in which the detection means detects an instruction signal from an information processing terminal (for example, equivalent to the PC 14 shown in FIG. 1) connected to the internal network (for example, realized by the operation of step S35).

(6) The data transmitting / receiving means transmits the connection information encrypted in a predetermined encryption format (for example, the communication in the exchange of the VPN construction information is changed to encrypted communication such as SSL in steps S16 to S20). Realized by :) Gateway device.

DESCRIPTION OF SYMBOLS 1,9 Gateway apparatus 2 Telephone 3 Internal network 4 External network 5 Detection means 6 Telephone communication network 7 Data transmission / reception means 8 Connection information storage means 11, 21 Home NW
12,22 HGW
13,23 Telephone 14,24 PC
15 Video Recorder 16 Network Storage 25 Digital Photo Frame 31 Internet 32 VoIP Network 33 PSTN
101, 201 Telephone communication unit 102, 202 Input detection unit 103, 203 Control unit 104, 204 Connection information storage unit

Claims (9)

A gateway device to which a telephone can be connected and installed at the boundary between an internal network and an external network,
Detecting means for detecting an instruction signal from a device capable of communicating with the gateway device;
Data transmitting and receiving means for transmitting communication data via a telephone communication network connected to the gateway device;
Connection information storage means for storing connection information, which is information related to other gateway devices necessary for connection between internal networks,
The data transmission / reception means is required for connection between internal networks in a state where a call is established between a telephone connected to the gateway apparatus and a telephone connected to the other gateway apparatus. When an instruction signal instructing transmission of the correct connection information is detected, connection information regarding the gateway device is transmitted to the other gateway device via the telephone communication network, and the other information is transmitted via the telephone communication network. Connection information received from the gateway device is stored in the connection information storage means. When the conditions for realizing the internal network connection are established, the gateway device is connected according to the IP address, certificate, and setting information necessary for the internal network connection included in the connection information stored in the connection information storage means. The gateway device according to claim 1, further comprising connection setting means for setting a connection between internal networks via an external network between an internal network connected to the internal network and an internal network connected to another gateway device. The gateway apparatus according to claim 2, wherein the connection setting means sets the connection between the internal networks when the condition for realizing the connection between the internal networks is satisfied when the detection means detects the instruction signal instructing the connection between the internal networks. . The gateway device according to any one of claims 1 to 3, wherein the data transmitting / receiving means sets connection information in a message passing through a VoIP network as a telephone communication network. The gateway device according to any one of claims 1 to 4, wherein the detecting means detects an instruction signal from a telephone connected to the gateway device. The gateway device according to any one of claims 1 to 4, wherein the detection unit detects an instruction signal from an information processing terminal connected to the internal network. The gateway device according to any one of claims 1 to 6, wherein the data transmitting / receiving means transmits connection information encrypted in a predetermined encryption format. A network connection method for connecting two internal networks in a communicable manner using a gateway device installed at a boundary between the internal network and the external network,
Detecting an instruction signal from a device capable of communicating with the gateway device,
Transmitting communication data via a telephone communication network connected to the gateway device;
Instruction for instructing transmission of connection information necessary for connection between internal networks in a state where a call is established between the telephone connected to the gateway device and the telephone connected to the other gateway device. When a signal is detected, the connection information regarding the gateway device is transmitted to the other gateway device via the telephone communication network, and the connection information received from the other gateway device via the telephone communication network, A network connection method, characterized in that it is stored in connection information storage means for storing connection information relating to another gateway device. When the conditions for realizing the internal network connection are established, the gateway device is connected according to the IP address, certificate, and setting information necessary for the internal network connection included in the connection information stored in the connection information storage means. The network connection method according to claim 8, wherein a connection between internal networks via an external network is set between an internal network connected to the internal network and an internal network connected to another gateway device.

Images