WO2012171430A1 - Procédé d'obtention d'informations de tunnel, passerelle de sécurité (segw) et station de base domestique évoluée/station de base domestique - Google Patents

Procédé d'obtention d'informations de tunnel, passerelle de sécurité (segw) et station de base domestique évoluée/station de base domestique Download PDF

Info

Publication number
WO2012171430A1
WO2012171430A1 PCT/CN2012/076020 CN2012076020W WO2012171430A1 WO 2012171430 A1 WO2012171430 A1 WO 2012171430A1 CN 2012076020 W CN2012076020 W CN 2012076020W WO 2012171430 A1 WO2012171430 A1 WO 2012171430A1
Authority
WO
WIPO (PCT)
Prior art keywords
segw
address
tunnel information
message
request
Prior art date
Application number
PCT/CN2012/076020
Other languages
English (en)
Chinese (zh)
Inventor
毕以峰
刘国燕
宗在峰
周晓云
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012171430A1 publication Critical patent/WO2012171430A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2592Translation of Internet protocol [IP] addresses using tunnelling or encapsulation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0485Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/164Implementing security features at a particular protocol layer at the network layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W92/00Interfaces specially adapted for wireless communication networks
    • H04W92/04Interfaces between hierarchically different network devices
    • H04W92/12Interfaces between hierarchically different network devices between access points and access point controllers

Definitions

  • the present invention relates to the field of communications, and in particular to a tunnel information acquisition method, a security gateway, and an evolved home base station/home base station.
  • EPS Evolved Packet System
  • 3GPP 3rd Generation Partnership Project
  • E- UTRAN Evolved Universal Terrestrial Radio Access Network
  • MME Mobility Management Entity
  • S-GW Serving Gateway
  • P-GW Packet Data Network Gateway
  • HSS Home Subscriber Server
  • 3GPP's Authentication Authorization and Accounting (AAA) server Policy and Charging Rules Function (PCRF) and other supporting nodes.
  • FIG. 1 is a structural diagram of a HeNB accessing EPS convergence according to the related art.
  • the MME is responsible for control planes such as mobility management, processing of non-access stratum signaling, and management of user mobility management context;
  • S-GW is connected to E-UTRAN.
  • Access gateway device forwarding data between E-UTRAN and P-GW, and responsible for buffering paging waiting data;
  • P-GW is a border gateway of EPS and Packet Data Network (PDN), It is responsible for the access of the PDN and the forwarding of data between the EPS and the PDN.
  • the S-GW and the P-GW can be set up or set up in the network deployment.
  • the Evolved Packet Core can be called the Evolved Packet Core. , referred to as EPC) Gateway or Integrated Services Gateway.
  • the PCRF is a policy and charging rule function entity. It is connected to the carrier network protocol service network through the receiving interface Rx to obtain service information. In addition, it is connected to the gateway device in the network through the Gx/Gxc interface, and is responsible for initiating the IP bearer. Establish, ensure the quality of service (Quality of Service, QoS for short), and perform charging control.
  • the EPS system supports Home evolved NodeB (HeNB) access, as shown in Figure 1.
  • HeNB is a small, low-power base station deployed in indoor locations such as homes, offices, and corporate buildings.
  • the HeNB usually accesses the core network of the EPS through a leased fixed line.
  • the security gateway (SeGW) is shielded in the core network.
  • HeNB Internet Protocol Security
  • IP Security Internet Protocol Security
  • HeNB can pass After being connected to the IPSec tunnel established by the SeGW, the MME and the S-GW that are directly connected to the core network may also be connected to the MME and the P S-GW through the HeNB GW, that is, the HeNB GW is an optional network element.
  • a Home eNodeB Management System HeMS
  • the GPRS General Packet Radio Service
  • HNB Home NodeB
  • the related art is similar to HeNB.
  • the QoS of the fixed line that is accessed by H(e)B (that is, the collective name of HeNB and HNB) is usually restricted by the contract of the owner of H(e) B and the fixed network operator. Therefore, when the 3GPP UE passes the H (e) When B accesses the 3GPP core network access service, the required QoS cannot exceed the QoS of the fixed line subscription that the fixed network operator can provide. Otherwise, the QoS of the UE access service will not be guaranteed, especially the service of Guaranteed Bitrates (GBR). Therefore, for 3GPP networks and fixed networks, a unified control mechanism is needed to implement user/connection/service admission control, as shown in Figure 1 (HeNB case).
  • the Policy Control and Charging (PCC) network element PCRF of the 3GPP system is connected to the fixed-band policy control function (BPCF) of the fixed network through the S9* interface to implement policy interworking and resources. Management, so that the reasonable control and management of fixed network resources can be realized, and the higher priority resources accessed through H(e) B are preferentially guaranteed.
  • the fixed network if the fixed network is required to provide QoS guarantee for the accessed H(e)B line, the fixed network needs to locate the fixed line where the current H(e) B is located (the technical specification is called backhaul, that is, the fixed network backhaul network). ). In the prior art, the fixed network line is located through the tunnel information of H(e)B.
  • the information is sent by the terminal from the H(e)B attaching process or the PDN connection establishing process to the PCRF. Based on the information, the PCRF finds the BPCF of the fixed network line that manages the H(e)B and establishes an S9* session with the resource.
  • the home base station HeNB HNB-like
  • NAT Network Address Translation
  • the outer IP address of the HeNB is allocated by the fixed network/wireless LAN access network, specifically by the broadband access service gateway/broadband remote access server (Broadband Network Gateway/ The Broadband Remote Access Server (BNG/BRAS for short) is assigned to it.
  • BNG/BRAS Broadband Network Gateway/ The Broadband Remote Access Server
  • This address is a valid local/outer IP address and is part of constructing tunnel information. If there is network address translation in the WLAN network, as shown in FIG. 3, the NAT converter allocates a private network IP address to the HeNB, and the address is invalid as the local/outer IP address of the terminal to locate the fixed network link.
  • BNG/BRAS assigns a public network IP address to the RG, and there is a one-to-one correspondence between the private local/outer IP address of He B and the public IP address of the RG plus the port number on the RG.
  • the data packet is transmitted between the HeNB and the RG.
  • the outer layer encapsulates the private address of the HeNB.
  • the outer layer encapsulates the public IP address of the RG plus the corresponding port number.
  • the private local/outer IP address of the HeNB is invalid, and the public IP address of the RG (or the external port number) is the effective information for locating the fixed line, so it is called RG here.
  • the public IP address is also the effective outer/local IP address/port number of the HeNB, or simply the outer/local IP address/port number of the HeNB. This information is also part of the tunnel information.
  • the tunnel information may include the following information: Fully Qualified Domain Name (FQDN) of the BPCF; Endpoint of the IPsec tunnel The address and/or the port number of the SeGW; the identity of the HeNB, such as the International Mobile Station Identity (IMSI); the Virtual Local Area Network Identity (VLAN ID) where the HeNB is located. .
  • FQDN Fully Qualified Domain Name
  • IMSI International Mobile Station Identity
  • VLAN ID Virtual Local Area Network Identity
  • H(e) B can obtain information such as its own valid outer or local IP address and port number, ie part of the tunnel information.
  • H(e) B establishes an IPSec tunnel with SeGW, if there is no device responsible for address translation between H(e)B and SeGW, such as RG, then H(e)B itself can know its own effective outer layer. Or information such as the local IP address and port number; but if there is a device responsible for address translation between H(e) B and SeGW, H(e) B knows its own outer or local IP address and port number, etc.
  • the address and port number information is private and invalid (invalid for locating the fixed network link) and cannot be used to locate the fixed network link where H(e)B is located.
  • a tunnel information acquisition method including: establishing an IPSec tunnel between a security gateway SeGW and an evolved home base station/home base station H(e)B; and sending, by the SeGW, tunnel information to H(e)B
  • the tunnel information includes a valid local IP address of H(e)B.
  • the method further includes: the SeGW receiving the first message from the H(e)NB for requesting the tunnel information.
  • the first message carries the initial address of H(e) B detected by H(e)B and the initial address of the SeGW detected by H(e)NB.
  • the sending, by the SeGW, the tunnel information to the H(e)NB comprises: the SeGW sending a second message to the H(e)NB, where the second message carries the valid local IP address of the H(e)B.
  • the second message further carries an initial address of the SeGW detected by the SeGW.
  • the second message also carries a valid local port number of H(e)B.
  • the first message is one of the following: IKE_SA_INIT request/response (Internet Key Exchange-Security Association initial request/response, Internet Key Exchange Security Alliance initial request/response), IKE AUTH request/response (Internet Key Exchange Authentication) Request/Response), CREATE CHILD SA request/response (Create a child SA request/response).
  • the second message is one of the following: IKE_SA_INIT request/response IKE AUTH request/response, CRE ATE CHILD SA request/response.
  • the second message carries the TSi and the TSr, where the TSi carries the initial address of the initiator HCe)NB detected by the responder SeGW, and the TSr carries the initial address of the responder SeGW detected by the responder SeGW.
  • H(e) B reports the tunnel information to the fixed network side to which it is connected via the EPC network; the fixed network side locates the fixed network link of H(e) B according to the tunnel information.
  • a security gateway including: a first tunnel module, configured to establish an IPSec tunnel between the SeGW and the evolved home base station/home base station H(e)B; and a tunnel information sending module, configured to The tunnel information is sent to H(e) B, where the tunnel information includes a valid local IP address of H(e)B.
  • the SeGW further comprises: a receiving module, configured to receive the first message from H(e) B to request tunnel information.
  • the tunnel information sending module comprises: a sending submodule, configured to send a second message to H(e)B, where the second message carries a valid local IP address of H(e)B.
  • the second message also carries a valid local port number of H(e)B.
  • an evolved home base station/home base station including: a second tunnel module, configured to establish an IPSec tunnel between the security gateway SeGW and H(e)B; and a tunnel information receiving module, configured to Receiving tunnel information from the SeGW, where the tunnel information includes a valid local IP address of H(e)B.
  • the tunnel information including the valid local IP address of the H(e)NB is sent to the H(e) B through the SeGW, thereby solving how the H(e) B obtains its effective locality in the NAT scenario.
  • FIG. 1 is a schematic diagram of an HeNB accessing an EPS convergence according to the related art
  • FIG. 2 is a schematic diagram of an address allocation in a NAT-free scenario according to the related art
  • FIG. 3 is a NAT scenario according to the related art.
  • FIG. 4 is a flowchart of a method for acquiring tunnel information according to an embodiment of the present invention
  • FIG. 5 is a flowchart of a method for acquiring tunnel information according to Embodiment 1 of the present invention
  • FIG. 6 is a tunnel information according to Embodiment 2 of the present invention
  • FIG. 7 is a schematic structural diagram of a SeGW according to an embodiment of the present invention
  • FIG. 8 is a schematic structural diagram of an evolved home base station/home base station according to an embodiment of the present invention.
  • FIG. 4 is a flowchart of a method for acquiring tunnel information according to an embodiment of the present invention. As shown in FIG. 4, the method includes the following steps: Step S402: An IPSec tunnel is established between a security gateway SeGW and an evolved home base station/home base station H(e)B. Step S404, the SeGW sends the tunnel information to H(e)B, where the tunnel information includes a valid local IP address of H(e)B.
  • the tunnel information including the valid local IP address of the H(e)NB is sent to the H(e) B through the SeGW, thereby solving the problem that how the H(e) B obtains itself in the NAT scenario.
  • the problem of the local IP address enables the fixed network side to locate the fixed network link of H(e) B according to the tunnel information to ensure the quality of service on the fixed network link.
  • Embodiment 1 when an IPsec tunnel is established between H(e)B and SeGW in the Quick Mode of IKEvl (The Internet Key Exchange Protocol version 1), the two parties negotiate each other. The process of the address.
  • the data security between H(e)B and SeGW is the tunnel mode adopted.
  • Step S502 H(e)B sends a first message to the SeGW.
  • NAT-OAi refers to the initial address (OA, original address) of the initiator (i, initiator) H(e) B observed by the initiator H(e) B, and the actual value of the address is laddr (Initiator address, ie RG is the private IP address assigned to the terminal);
  • NAT-OAr refers to the initial address (original address, OA for short) of the responding party (r, responder), and the actual value of the address is Raddr (Responder address), which is the actual address of the SeGW; wherein the first message may be an IKE_SA_INIT request/response or an IKE AUTH request/response, CREATE CHILD SA request/response message.
  • the first message may carry an indication, where the indication is used to indicate that the local/outer IP address of the H(e)B request is valid to the SeGW.
  • the SeGW may not change the first message, and the SeGW defaults.
  • Step S504 the SeGW sends a second message to ⁇ ⁇ ;> ⁇ .
  • NAT-OAi refers to the initial address (0A, original address) of the initiator (i, initiator) H(e) B observed by the responding party SeGW after NAT traversal.
  • the actual value of the address is NATPub (NAT public Address, ie RG's public IP address); where NAT-OAr refers to the respondent (r, responder) SeGW's initial address (Original Address, OA for short) after NAT traversal, the actual value of the address is Raddr (Responder address), which is the actual address of SeGW.
  • H(e)B obtains the valid local/outer IP address after NAT conversion, that is, NATPub in the above process.
  • the port number can also be carried to H(e)B by extending the cell NAT-OAi, or by adding a similar cell to enable H(e)B to obtain its valid local/outer port number.
  • the initial address of the initiator H(e) B that can be observed by the foregoing SeGW means that the SeGW obtains the source address of the first message as the observed initiator H after receiving the first message of step 502. ) The initial address of B.
  • Step S506 H(e) B acquires the valid local/outer address of the H(e)NB observed by the SeGW (ie, the IP address of the RG) by step S504, and H(e)B constructs the local as a component. Tunnel information.
  • Step S508 when the terminal initiates an attach, a PDN connection establishment, a handover, a TAU (Tracking Area Update), a RAU (Routing Area Update), and the like from H(e)B, H(e) B.
  • the tunnel message between the H(e)NB and the 3GPP core network element (the MME for the HeNB and the SGSN for the HNB) (the SI interface message for the HeNB and the Iu interface message for the HNB), the "tunnel information" Send to the 3GPP core network element (MME/SGSN).
  • the GPP core network After receiving the tunnel information, the GPP core network transmits the tunnel information through the path of the MME S-GW (P-GW ⁇ ) PCRF fixed network (BPCF) or through the SGSN GGSN PCRF fixed network (BPCF).
  • the PCRF uses the tunnel information to locate the fixed network BPCF, and the fixed network related network element (BPCF or other proxy network element) receives the tunnel information and locates the fixed network line where the H(e) B is located. Resources on fixed line lines (such as QoS guarantees, etc.).
  • the second embodiment describes the processing flow in which the two parties negotiate each other's addresses when the IPsec tunnel is established between the H(e)B and the SeGW in the scenario of the IKEv2 (The Internet Key Exchange Protocol version 2), where The address is passed through the Traffic Selector (TS).
  • IKEv2 The Internet Key Exchange Protocol version 2
  • TS Traffic Selector
  • the data security between H(e)B and SeGW is the tunnel mode adopted.
  • Step S602 H(e) B sends a first message to the SeGW.
  • the first message carries the TSi and the TSr.
  • the TSi specifies the source address of the service data sent by the initiator of the security association, or the destination address of the service data sent to the initiator of the security association.
  • the TSr specifies the source address of the service data sent by the responder of the security association, or the destination address of the service data sent to the responder of the security association.
  • the TSi carries the initial address of the initiator (i, initiator) H ( ⁇ ), and the actual value of the address is the private IP address assigned by the RG to the terminal; where the TSr carries the initiator H ( e) The observed respondent (r, responder) The initial address of the SeGW, the actual value of the address is the actual address of the SeGW; wherein the first message may be IKE_SA_INIT request/response (Internet Key Exchange-Security Association initial request/ Response, Internet Key Exchange Security Association Initial Request/Response) or IKE_AUTH request/response, CREATE CHILD SA request/response message.
  • IKE_SA_INIT request/response Internet Key Exchange-Security Association initial request/ Response, Internet Key Exchange Security Association Initial Request/Response
  • IKE_AUTH request/response CREATE CHILD SA request/response message.
  • the message carries an indication, where the indication is used to indicate that the local/outer IP address of the H(e)B request is valid to the SeGW; wherein the first message is not changed, and the SeGW receives the first message by default. Sending its valid local/outer IP address to H(e) B. Step S604, the SeGW sends a second message to ⁇ ( ⁇ ⁇ .
  • the second message carries TSi and TSr
  • the TSI carries the initial address of the initiator (i, initiator) H(e) B observed by the responding party SeGW after the NAT traversal, and the actual value of the address is the public IP address of the RG; wherein the TSr carries the NAT traversal After the respondent SeGW observes the respondent (r, responder) the initial address of the SeGW, the actual value of the address is the actual address of the SeGW.
  • the second message may be IKE SA INIT request/response or IKE AUTH request/ Response, CREATE CHILD SA request/response message, wherein the second message can only carry TSi to H(e) B.
  • H(e) B obtains the valid local/outer IP address after NAT conversion.
  • the port number can also be carried to H(e) B by extending the cell TSi, or H(e) B can be obtained by adding a similar cell. Its valid local/outer port number.
  • the initial address of the initiator H(e) B that can be observed by the foregoing SeGW is that the SeGW obtains the source address of the first message as the observed initiator H after receiving the first message of step 602. ) The initial address of B.
  • Step S606 H(e) B acquires the valid local/outer address of the H(e)NB observed by the SeGW (ie, the IP address of the RG) by step S604, and H(e)B constructs the local as a component. Tunnel information.
  • Step S608 when the terminal initiates an operation such as attach, PDN connection establishment, handover, TAU (Tracking Area Update), RAlKRouting Area Update, and routing area update from H(e)B, ⁇ 0) ⁇ passes H ( e) an interface message between the NB and the 3GPP core network element (the HeNB is the MME and the HNB is the SGSN) (the SI interface is the SI interface message and the HNB is the Iu interface message), and the "tunnel information" is sent to the 3GPP core.
  • Network element MME/SGSN).
  • FIG. 7 is a schematic structural diagram of a SeGW according to an embodiment of the present invention.
  • the SeGW 100 includes: a first tunnel module 102 and a tunnel information sending module 104.
  • the first tunnel module 102 is configured to establish an IPSec tunnel between the SeGW and the evolved home base station/home base station H(e)B.
  • the tunnel information sending module 104 is configured to send tunnel information to H(e) B, where the tunnel information includes a valid local IP address of H(e)B.
  • the tunnel information including the valid local IP address of the H(e)NB is sent to the H(e) B through the SeGW, thereby solving the problem that how the H(e) B obtains itself in the NAT scenario.
  • the problem of the local IP address enables the fixed network side to locate the fixed network link of H(e) B according to the tunnel information, and guarantees the service quality of H(e) B in the fixed network.
  • the SeGW further includes a receiving module 106 (not shown), and the receiving module 106 is configured to receive the first message from H(e) B to request tunnel information.
  • FIG. 8 is a schematic structural diagram of an evolved home base station/home base station according to an embodiment of the present invention.
  • the H(e)B 200 includes: a second tunnel module 202 and a tunnel information receiving module 204.
  • the second tunnel module 202 is configured to establish an IPSec tunnel between the security gateway SeGW and the H(e)NB.
  • the tunnel information receiving module 204 is configured to receive tunnel information from the SeGW, wherein the tunnel information includes a valid local IP address of H(e)B.
  • the tunnel information including the valid local IP address of the H(e) B is sent to the H(e) B through the SeGW, thereby solving the H(e) B in the NAT scenario.
  • the problem of obtaining a valid local IP address is such that the fixed network side can locate the fixed network link of H(e) B according to the tunnel information, thereby ensuring the quality of service on the fixed network link.
  • the computing device may be implemented by program code executable by the computing device, such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein.
  • the steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps are fabricated as a single integrated circuit module.
  • the invention is not limited to any specific combination of hardware and software.
  • the above is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention porte sur un procédé d'obtention d'informations de tunnel, une passerelle de sécurité (SeGW) et une station de base domestique évoluée/station de base domestique. Le procédé comprend les opérations suivantes : un tunnel est établi entre la SeGW et la station de base domestique évoluée/station de base domestique (H(e)NB), et la SeGW envoie les informations de tunnel à l'H(e)NB, les informations de tunnel comprenant une adresse IP locale de l'H(e)NB. Selon l'invention, par envoi à l'H(e)NB par la SeGW des informations de tunnel qui comprennent l'adresse IP locale de l'H(e)NB, le problème lié à l'obtention par l'H(e)NB de son adresse IP locale effective dans la situation de traduction d'adresse réseau (NAT) est résolu, ce qui permet à un côté réseau fixe de localiser la liaison fixe dans laquelle se trouve l'H(e)NB conformément aux informations de tunnel, de sorte que la qualité de service soit assurée dans la liaison de réseau fixe.
PCT/CN2012/076020 2011-06-14 2012-05-24 Procédé d'obtention d'informations de tunnel, passerelle de sécurité (segw) et station de base domestique évoluée/station de base domestique WO2012171430A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110159243.6 2011-06-14
CN2011101592436A CN102833359A (zh) 2011-06-14 2011-06-14 隧道信息获取方法、安全网关及演进家庭基站/家庭基站

Publications (1)

Publication Number Publication Date
WO2012171430A1 true WO2012171430A1 (fr) 2012-12-20

Family

ID=47336326

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/076020 WO2012171430A1 (fr) 2011-06-14 2012-05-24 Procédé d'obtention d'informations de tunnel, passerelle de sécurité (segw) et station de base domestique évoluée/station de base domestique

Country Status (2)

Country Link
CN (1) CN102833359A (fr)
WO (1) WO2012171430A1 (fr)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105516062B (zh) * 2014-09-25 2020-07-31 南京中兴软件有限责任公司 一种实现L2TP over IPsec接入的方法
CN109428852B (zh) * 2017-07-18 2023-09-15 中兴通讯股份有限公司 通信隧道端点地址分离方法、终端、ePDG及存储介质
US20190306116A1 (en) * 2018-03-27 2019-10-03 Microsoft Technology Licensing, Llc Multiplexing security tunnels
CN109152096B (zh) * 2018-09-27 2020-09-25 安科讯(福建)科技有限公司 Eps架构的报文传输方法及计算机可读存储介质
WO2020034378A1 (fr) * 2018-10-12 2020-02-20 Zte Corporation Signalement d'emplacement pour dispositifs mobiles

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101426030A (zh) * 2008-12-09 2009-05-06 华为技术有限公司 一种获取网络地址的方法和终端
CN101437223A (zh) * 2007-11-16 2009-05-20 华为技术有限公司 一种家庭基站接入的方法、系统和装置
CN101621433A (zh) * 2008-07-02 2010-01-06 上海华为技术有限公司 接入设备的配置方法、装置及系统
WO2011053040A2 (fr) * 2009-11-02 2011-05-05 Lg Electronics Inc. Traversée de traducteur d'adresse réseau (nat) pour accès ip local

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101729337B (zh) * 2008-10-31 2012-08-29 华为技术有限公司 建立传输承载的方法、设备、系统及下行数据传输方法
CN101754211A (zh) * 2008-12-15 2010-06-23 华为技术有限公司 认证协商方法及系统、安全网关、家庭无线接入点
CN102077523B (zh) * 2009-02-27 2013-02-27 华为技术有限公司 无线回程ip地址配置方法及装置
CN102457974B (zh) * 2010-11-01 2015-08-12 中兴通讯股份有限公司 一种业务接纳控制方法和系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101437223A (zh) * 2007-11-16 2009-05-20 华为技术有限公司 一种家庭基站接入的方法、系统和装置
CN101621433A (zh) * 2008-07-02 2010-01-06 上海华为技术有限公司 接入设备的配置方法、装置及系统
CN101426030A (zh) * 2008-12-09 2009-05-06 华为技术有限公司 一种获取网络地址的方法和终端
WO2011053040A2 (fr) * 2009-11-02 2011-05-05 Lg Electronics Inc. Traversée de traducteur d'adresse réseau (nat) pour accès ip local

Also Published As

Publication number Publication date
CN102833359A (zh) 2012-12-19

Similar Documents

Publication Publication Date Title
US9860934B2 (en) Correlation ID for local IP access
JP5972290B2 (ja) Epsにおけるモバイルルータ
JP3778129B2 (ja) 無線ネットワークおよび無線ネットワークにおける認証方法
WO2012130085A1 (fr) Procédé et dispositif destinés à établir une connexion avec un système de gestion de réseau, et système de communication
WO2012065499A1 (fr) Procédé et système d'établissement d'un contrôle de qualité de service
WO2012094919A1 (fr) Procédé et système de commande de politique
WO2012006909A1 (fr) Procédé et système de rapport d'informations d'accès à un réseau fixe
WO2012003764A1 (fr) Procédé pour fonction de règles et de politique et de facturation (pcrf) fournissant à une architecture fonctionnelle de déploiement centralisé (bpcf) des informations d'accès d'équipements utilisateurs
WO2011026392A1 (fr) Procédé et système d'acquisition de stratégies d’itinéraire
WO2012003760A1 (fr) Procédé et système de transmission d'informations
WO2012051897A1 (fr) Système et procédé pour intégrer un réseau fixe avec un réseau mobile
JP5972467B2 (ja) アクセスネットワークの位置情報を通知する方法及びシステム
WO2014000520A1 (fr) Procédé, appareil et système pour contrôle de politique
WO2012171430A1 (fr) Procédé d'obtention d'informations de tunnel, passerelle de sécurité (segw) et station de base domestique évoluée/station de base domestique
WO2013082987A1 (fr) Procédé et système permettant d'effectuer une commande de ressources sur des données allégées locales
WO2012174977A1 (fr) Procédé et dispositif pour le traitement de flux de données de service
WO2012022212A1 (fr) Procédé, appareil et système permettant un accès d'équipement utilisateur
WO2013075580A1 (fr) Procédé et système de commande de ressource de données de déchargement local
WO2012152198A1 (fr) Procédé et système de suppression de session de politique
WO2012059043A1 (fr) Procédé et système de contrôle d'admission à un service
WO2011131064A1 (fr) Procédé et système de contrôle d'accès à un nœud b domestique (hnb)
WO2012136088A1 (fr) Procédé et système de rapport d'informations de tunnel
WO2012079443A1 (fr) Procédé permettant de commuter un contrôle des ressources parmi des stations de base
WO2012130047A1 (fr) Procédé et système permettant d'obtenir l'adresse ip d'une passerelle locale
WO2012041128A1 (fr) Système, procédé et dispositif de réseau de télécommunication permettant de trouver un élément de réseau stratégique de nœud b de rattachement

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12800646

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12800646

Country of ref document: EP

Kind code of ref document: A1