WO2014047923A1

WO2014047923A1 - Method and device for accessing network

Info

Publication number: WO2014047923A1
Application number: PCT/CN2012/082441
Authority: WO
Inventors: 郭雅莉; 马德曼·弗兰克; 周卫华
Original assignee: 华为技术有限公司
Priority date: 2012-09-29
Filing date: 2012-09-29
Publication date: 2014-04-03
Also published as: CN103843445A; CN103843445B

Abstract

The present invention is applied to the field of communication, and especially involves a method and device for accessing network. Said method comprises: the terminal gateway establishes short distance wireless connection with the terminal; said terminal gateway sends an accessing request of the terminal to the mobility management equipment; said terminal gateway receives IP address transmitted by said mobility management equipment MME; said terminal gateway accesses said terminal into the network using said IP address. The embodiment of present invention breaks the limitation of accessing only one terminal into network by one PDN.

Description

Method and device for accessing network

The present invention belongs to the field of communications, and in particular, to a method and apparatus for accessing a network. Background technique

With the enhancement of the application of electronic devices by humans, the number of electronic devices is increasing, and the huge number of electronic devices poses a huge challenge to wireless communication networks.

In the prior art, the concept of a terminal gateway is introduced, so that an electronic device such as a television or a mobile phone first connects to the terminal gateway on the device side when accessing the network, and then the terminal gateway applies for an independent packet data for the terminal to the network side. The network (Packet Data Network (PDN) connection, the network side device can read the data of each terminal according to each independent PDN connection. However, the prior art also has the following disadvantages: For example, in a Machine Type Communications (MTC) scenario, at least one bearer is established in each PDN connection, and the number of bearers that can be established for each terminal gateway is limited, and it is currently considered Each terminal gateway can establish up to 11 bearers, that is, each terminal gateway can connect up to 11 electronic devices to the network. Considering the type and number of electronic devices, the prior art still cannot meet the needs of access.

Summary of the invention

It is an object of the present invention to provide a method and apparatus for accessing a network, which aims to solve the problem that the provision of the prior art PDN connection cannot satisfy a large number of terminal accesses.

In one aspect, a method for accessing a network is provided, where the method includes the following steps: a terminal gateway establishes a short-range wireless connection with a terminal;

The terminal gateway sends a terminal access network request to the mobility management device, where The terminal access network request includes terminal identification information of the terminal and PDN connection identification information of the established packet data network PDN connection;

Receiving, by the terminal gateway, an internet protocol sent by the mobility management device MME

An IP address, where the IP address is allocated by the packet data network gateway to the terminal in the established PDN connection corresponding to the PDN connection identifier information;

The terminal gateway uses the IP address to access the terminal to the network.

In another aspect, the present invention provides a method of accessing a network, the method comprising the steps of:

The packet data network gateway PGW receives the terminal access network request sent by the mobility management device, where the terminal access network request includes the terminal identification information of the terminal and the PDN connection identification information of the established packet data network PDN connection;

And the PGW allocates an internet protocol IP address to the terminal corresponding to the terminal identifier information in the established PDN connection corresponding to the PDN connection identifier information according to the terminal access network request;

The PGW sends the IP address to the mobility management device to enable the terminal to access the network using the IP address.

In a further aspect, a method for accessing a network is provided, the method comprising the following steps: The mobility management device receives a terminal access network request sent by a terminal gateway, where the terminal access network request includes a terminal of the terminal Identification information and PDN connection identification information of the PDN connection of the established packet data network;

Transmitting, by the mobility management device, the terminal access network request to a packet data network gateway;

Receiving, by the mobility management device, an internet protocol IP address sent by the packet data network gateway, where the IP address is the packet data network gateway in the established PDN connection indicated by the PDN connection identifier information The terminal identification information pair The terminal is allocated; and the terminal gateway uses the IP address to access the terminal to the network.

In another aspect, an access network terminal gateway is provided, where the terminal gateway includes: a connection unit, configured to establish a short-range wireless connection between the terminal gateway and the terminal; and an access network request sending unit, configured to move the terminal gateway to The terminal management network request sends the terminal access network request, where the terminal access network request includes the terminal identification information of the terminal and the PDN connection identification information of the established packet data network PDN connection;

An IP address receiving unit, configured to receive, by the terminal gateway, an internet protocol IP address sent by the mobility management device, where the IP address is the established PDN corresponding to the PDN connection identifier information of a packet data network gateway Assigned to the terminal in the connection;

And a network access unit, configured to: use, by the terminal gateway, an IP address received by the IP address receiving unit to access the network.

In still another aspect, an access network packet data network gateway is provided, the packet data network gateway comprising:

The terminal identifier information sending unit is configured to send the identifier information of the terminal to the mobility management device or the authentication server, so that the authentication server authenticates the terminal according to the identifier information;

An authentication result receiving unit, configured to receive a result of the authentication sent by the mobility management device or the authentication server;

And a determining unit, configured to determine, according to the authentication result received by the authentication result receiving unit, whether the terminal requests the network side to allocate an IP address.

In still another aspect, an access network mobility management device is provided, the mobility tube Equipment includes:

a receiving unit, configured to receive, by the mobility management device, a terminal access network request sent by the terminal gateway, where the terminal access network request includes terminal identification information of the terminal and PDN connection identification information of the established packet data network PDN connection;

a sending unit, configured to send, by the mobile new management device, a terminal access network request received by the receiving unit to a packet data network gateway;

An IP address receiving unit, configured to receive, by the mobility management device, an internet protocol IP address sent by the packet data network gateway, where the IP address is the indicated by the packet data network gateway in the PDN connection identifier information Establishing, in the PDN connection, the terminal corresponding to the terminal identifier information;

And an IP address sending unit, configured to send, by the mobility management device, the IP address received by the IP address receiving unit to the terminal gateway, so that the terminal gateway uses the IP address to access the terminal to the network.

In still another aspect, an access network terminal gateway is provided, where the terminal gateway includes a receiver, a processor, and a transmitter, and the receiver, the processor, and the transmitter are used to:

The processor establishes a short-range wireless connection with the terminal;

The transmitter sends a terminal access network request to the mobility management device, where the terminal access network request includes terminal identification information of the terminal and PDN connection identification information of the established packet data network PDN connection;

Receiving, by the receiver, an internet protocol IP address sent by the mobility management device, where the IP address is a packet data network gateway, and the terminal allocates the terminal in the established PDN connection corresponding to the PDN connection identifier information. of;

The processor uses the IP address to access the terminal to the network.

In another aspect, an access network packet data network gateway is provided,

The packet data network gateway includes a receiver, a processor, a transmitter, and the receiving , processor, transmitter:

Receiving, by the receiver, a terminal access network request sent by the mobility management device, where the terminal access network request includes terminal identification information of the terminal and PDN connection identifier information of the established packet data network PDN connection;

And the processor allocates an internet protocol IP address to the terminal corresponding to the terminal identifier information in the established PDN connection corresponding to the PDN connection identifier information according to the terminal access network request;

The transmitter transmits the IP address to the mobility management device to cause the terminal to access the network using the IP address.

In another aspect, an access network mobility management device is provided,

The mobility management device includes a receiver, a processor, and a transmitter, and the receiver, the processor, and the transmitter are configured to:

Receiving, by the receiver, a terminal access network request sent by the terminal gateway, where the terminal access network request includes terminal identification information of the terminal and PDN connection identification information of the established packet data network PDN connection;

Transmitting, by the transmitter, the terminal access network request to a packet data network gateway; the receiver receiving an internet protocol IP address sent by the packet data network gateway, where the IP address is the packet data network gateway Assigned to the terminal corresponding to the terminal identification information in the established PDN connection indicated by the PDN connection identifier information; and the sender sends the IP address to the terminal gateway, so that the terminal The gateway uses the IP address to access the terminal to the network.

After the network side device (such as the PGW) receives the identification information of the established PDN connection, the terminal allocates an IP address to the terminal in the established PDN connection indicated by the established PDN connection identifier information, so that PDN can allocate multiple IPs for different terminals to access the network, breaking through a PDN connection can only provide one The limitation of the terminal accessing the network overcomes the problem that the number of bearers that each terminal gateway can establish is limited.

DRAWINGS

1 is a flowchart of a method for accessing a network according to an embodiment of the present invention; FIG. 2 is a comparison diagram of roles of network elements in different communication systems according to an embodiment of the present invention;

FIG. 3 is a schematic diagram of a method for accessing a network according to an embodiment of the present invention; FIG. 4 is a schematic diagram of a method for accessing a network according to an embodiment of the present invention; FIG. 3 is a schematic diagram of a method 4 of accessing a network according to an embodiment of the present invention; and FIG. 7 is a schematic diagram of a method 5 of accessing a network according to an embodiment of the present invention; FIG. 9 is a flowchart of a method for accessing a network according to another embodiment of the present invention; FIG. 10 is a flowchart of a method for accessing a network according to another embodiment of the present invention; FIG. 11 is a structural diagram of an access network apparatus according to still another embodiment of the present invention; FIG. 12 is a structural diagram of an access network apparatus according to still another embodiment of the present invention; and FIG. 13 is still another embodiment of the present invention; A structural diagram of the provided access network device.

detailed description

In order to make the objects, technical solutions and advantages of the present invention more comprehensible, the present invention will be further described in detail below in conjunction with the accompanying drawings. It is understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. FIG. 1 is a flowchart of a method for accessing a network according to an embodiment of the present invention, where the method includes the following steps:

In step S101, the terminal gateway establishes a short-range wireless connection with the first terminal, and Obtaining identification information of the first terminal.

In the embodiment of the present invention, the terminal gateway establishes a wireless connection with the terminal through short-range communication technologies such as Near Field Communication (NFC), Zigbee, and Bluetooth, and obtains identification information of the terminal.

In step S102, the terminal gateway sends a terminal access network request to the mobility management device, where the terminal access network request includes the identifier information of the terminal and the identifier information of the established PDN connection.

It should be noted that, in all the embodiments of the present invention, the established PDN connection is a PDN connection, and the PDN connection may be established by the terminal gateway, or the terminal gateway may be the terminal. The second terminal connected by the gateway is established, and the PGW has allocated an Internet Protocol (IP) address to the terminal gateway and/or the second terminal on the established PDN connection. That is, the established PDN connection is a PDN connection in which the PGW has assigned at least one IP address in the established PDN connection.

The identifier information of the established PDN connection in the embodiment of the present invention may be the associated Link Bear Identifier (LBI) of the established PDN connection. Of course, other identifiers that can establish the PDN connection may be uniquely identified. Identification information.

Moreover, for different systems, the mobility management device can be a different device. For example, in the Long Term Evolution (LTE), the mobility management device may be a Mobility Management Entity (MME), a Universal Mobile Telecommunications System (UMTS), and a mobility management device. It can be a Serving GPRS Support Node (SGSN), etc.

The above description is equally applicable to other embodiments, and will not be described below. In the embodiment of the present invention, after establishing a connection with the terminal, the terminal gateway decides to use the established PDN connection to connect the terminal to the network. At this time, the terminal gateway sends a terminal access network request to the MME, where the terminal access network request includes the identifier information of the terminal and the identifier information of the established PDN connection, and the terminal access network request may pass a newly defined message. The implementation may also be implemented by extending the parameters of the message in the existing system, for example, by modifying the message extension terminal identification parameter in the request bearer resource in the existing LTE system. Optionally, the message type may be extended or an identifier may be added. Indicates that the message is used for terminal access network requests.

It should be noted that, since the device on the network side needs to control the terminal, it is necessary to assign a corresponding IP address to each terminal.

In step S103, the MME sends a terminal access network request to the PGW through forwarding of the Serving Gateway (SGW).

In step S104, the packet data network gateway allocates an IP address to the terminal in the established PDN connection according to the received terminal access network request.

In the embodiment of the present invention, the packet data network gateway receives the terminal access network request sent by the terminal gateway, and according to the established identification information of the PDN connection, the established PDN indicated by the established PDN connection identifier information. The terminal allocates an IP address to the terminal, so that the terminal accesses the network according to the IP address, so that multiple terminals can be assigned an IP address in a PDN connection, and a PDN connection is provided to provide access to the network for multiple terminals. method. At the same time, considering that the terminal gateway can process the data packet sent by all the terminals under the terminal gateway to form a new data packet, the new data packet can be a data packet of multiple terminals, thereby transmitting the new data packet to the network side. Since no terminal corresponds to an IP address, the network device can identify the data packet corresponding to each terminal in the new data packet. Downstream data can also be processed. Therefore, embodiments of the present invention can be used in one In step S105, the packet data network gateway sends the IP address to the MME via the SGW.

In step S106, the MME sends the IP address allocated from the PDN GW to the terminal to the terminal gateway.

In step S107, the terminal gateway sends the IP address to the terminal, so that the terminal accesses the network according to the IP address.

As an optional embodiment of the present invention, after step S101, before step S102, the method further includes the following steps:

The terminal sends a Dynamic Host Configuration Protocol (DHCP) request to the terminal gateway.

In the embodiment of the present invention, the DHCP request sent by the terminal is a request for allocating an IP, and it can be understood that the terminal actively requests an IP address for the terminal. The terminal gateway performs a step S102 to request the network side to assign an IP address to the terminal according to the DHCP request of the terminal.

As another optional embodiment of the present invention, after step S101, before step S102, the method further includes the following steps:

The terminal gateway sends the identification information of the terminal to the network side for authentication.

In the embodiment of the present invention, the terminal gateway may further send the identifier information of the terminal to the network side device, so that the network side device authenticates the terminal according to the identifier information.

The network side device receives the identification information, and authenticates the terminal according to the identification information.

In the embodiment of the present invention, the network side device receives the identification information of the terminal, and authenticates the terminal according to the identification information. The specific authentication method includes, but is not limited to, the following two types: authentication by the authentication server; or authentication by the MME. The authentication server may be an authentication authorization accounting server (Authentication Authorization) Accounting server, AAA server ).

The authentication by the authentication server is specifically as follows: The terminal gateway sends the identification information of the terminal to the authentication server, and the authentication server authenticates the terminal according to the identification information. The authentication to the authentication server can be further divided into: (1) the terminal gateway directly sends the identification information of the terminal to the authentication server, and the authentication server performs authentication according to the identification information; (2) the terminal gateway will be the terminal The identification information is sent to an authentication proxy (AAA proxy), and the identifier information is sent by the authentication proxy (AAA proxy) to the authentication server, and the authentication server is authenticated. The function of the authentication agent is implemented by a network element on the network side, including but not limited to: a packet data network gateway or a mobility management device (Mobility Management Entity, ΜΜΕ).

The authentication is performed by the ,, specifically: the terminal gateway sends the identification information of the terminal to the ΜΜΕ, and the terminal authenticates the terminal according to the identification information. The specific authentication process is the same as the authentication authentication technology in the existing System Architecture Evolution (SAE) system, and will not be described here. In the authentication process, the terminal gateway converts the format of the authentication message to make the transmitting parties more convenient to receive, and the specific conversion is: The terminal gateway receives the user authentication request message received from the MME by authentication and confidentiality. The Authentication and Key Agreement (AKA) format is converted into an Extensible Authentication Protocol (EAP) format and sent to the terminal. The terminal gateway converts the user authentication response message received from the terminal from EAP format to AKA. The format is sent to the MME.

The network side device sends the result of the authentication to the terminal gateway, so that the terminal gateway refers to the result of the authentication, and determines whether to initiate the step S102 to the network side to request the terminal to access the network.

As another optional embodiment of the present invention, after step S102, the method before step S103 further includes the following steps: The MME receives the terminal access network request sent by the terminal gateway, and performs authentication on the terminal according to the identifier information.

In the embodiment of the present invention, the MME receives the terminal access network request sent by the terminal gateway, and performs authentication on the terminal according to the identification information of the terminal. The authentication process of the MME is the same as the authentication and authentication technology in the existing SAE system, and details are not described herein. In the authentication process, the terminal gateway converts the format of the authentication message to make the transmitting parties more convenient to receive, and the specific conversion is: The terminal gateway converts the user authentication request message received from the MME by the AKA format. The EAP format is sent to the terminal; the terminal gateway converts the user authentication response message received from the terminal into an AKA format and sends it to the MME.

The MME uses the result of the authentication as a reference to determine whether the terminal sends a step S103 to the packet data network gateway to request an IP address.

It should be noted that the following methods are applicable not only to the SAE communication system but also to the WCDMA communication system, wherein the comparison of the roles of the network elements is as shown in FIG. 2 (the network elements in the dotted line have the same effect). The Gateway GPRS Support Node (GGSN) in the WCDMA communication system corresponds to the PGW of the SAE network, and the SGSN may correspond to (SGW+MME) in the SAE network. In addition, although the problem described in the background art is described by taking an MTC scenario as an example, the solution of all the embodiments of the present invention can be applied to other scenarios, and is not limited to the MTC scenario.

In the embodiment of the present invention, after receiving the identifier information of the established PDN connection, the network side device (such as the PGW) allocates an IP address to the terminal in the established PDN connection indicated by the identifier information of the established PDN connection, so that Under a PDN connection, multiple IPs can be allocated for different terminals to access the network, which breaks the limitation that one PDN connection can only be used for one terminal to access the network, thereby overcoming the limited number of bearers that each terminal gateway can establish. A problem.

for example: FIG. 3 is a schematic diagram of an access network method example 1. The method includes the following steps:

In step S301, the terminal gateway establishes a short-range wireless connection with the terminal, and obtains identification information of the terminal.

In the embodiment of the present invention, the terminal gateway establishes a wireless connection with the terminal through short-distance communication technologies such as NFC, Zigbee, and Bluetooth, and obtains identification information of the terminal.

In the step S302, the terminal access network request is sent to the MME, where the terminal access network request includes the identifier information of the terminal and the identifier information of the established PDN connection, and the established PDN connection is the terminal gateway and the network side device. Established PDN connection.

In the embodiment of the present invention, after establishing a connection with the terminal, the terminal gateway decides to use the established PDN connection to access the terminal to the network. At this time, the terminal gateway sends a terminal access network request to the MME, where the terminal access network request includes the identifier information of the terminal and the identifier information of the established PDN connection, and the terminal access network request may pass a newly defined message. The implementation may also be implemented by extending the parameters of the message in the existing system, for example, by modifying the message extension terminal identification parameter in the request bearer resource in the existing LTE system. Optionally, the message type may be extended or an identifier may be added. Indicates that the message is used for terminal access network requests.

S303: The MME sends a terminal access network request to the packet data network gateway (PDN GW), where the terminal access network request includes the terminal identifier received from the terminal gateway and the identifier information of the established PDN connection.

In step S304, the packet data network gateway allocates an IP address to the terminal in the established PDN connection according to the received terminal access network request.

In the embodiment of the present invention, the packet data network gateway receives the terminal access network request sent by the terminal gateway, and the identifier information of the established PDN connection sent by the terminal gateway is Assigning an IP address to the terminal in the established PDN connection indicated by the identifier information of the established PDN connection, so that the terminal accesses the network according to the IP address, so that multiple terminals can be assigned an IP address in one PDN connection. A method of implementing a PDN connection to provide access to a network for multiple terminals.

In step S305, the packet data network gateway sends the IP address to the MME via the Serving GW.

In step S306, the MME sends the IP address received from the PDN GW to the terminal to the terminal gateway.

In step S307, the terminal gateway sends the IP address to the terminal, so that the terminal accesses the network according to the IP address.

As shown in FIG. 4, FIG. 4 is a schematic diagram of a method for accessing the network. In the example 2, after step S301, step S302 is preceded by the step of: “the terminal sends a DHCP request to the terminal gateway”. The terminal gateway sends a DHCP request according to the receiving terminal to step S302 to request the network to assign an IP address to the terminal.

FIG. 5 is a schematic diagram of a third example of an access network method. In the example 3, the step of adding a “terminal gateway to obtain an authentication proxy address” is added before step S301. After step S301, step S302 is added. : "Steps for terminal gateway to authenticate the terminal to the authentication server". The steps added are as follows:

The terminal gateway requests an authentication proxy address from the mobility management device;

The mobility management device selects an authentication proxy, and sends an authentication proxy address corresponding to the authentication proxy to the terminal gateway;

The terminal gateway sends the identification information of the terminal to the authentication server;

In the embodiment of the present invention, the terminal gateway is configured with an address of the authentication server. After the terminal establishes a wireless link with the terminal, the terminal gateway sends the identifier information of the terminal to the authentication server according to the address of the authentication server. The authentication server authenticates the terminal according to the identifier information, and sends the result of the authentication to the terminal gateway.

The terminal gateway receives the authentication result sent by the authentication server, and uses the authentication result as a reference to determine whether the terminal requests the network side to allocate an IP address.

As shown in FIG. 6a and FIG. 6b, FIG. 6 is a schematic diagram of an access network method example 4, wherein FIG. 6a is an MME as an authentication proxy, and FIG. 6b is a packet data network gateway as an authentication proxy.

The steps in Figure 6a are as follows:

Step s6a01: The terminal gateway is attached to the carrier network as a UE. The network determines an MME with an AAA proxy function for the terminal gateway.

Step s6a02: The MTC terminal starts to establish a wireless link with the terminal gateway.

Step s6a03: After the terminal gateway establishes a wireless link with the MTC terminal, the terminal gateway sends a NAS message to the MME to perform authentication of the MTC terminal, and the EAP authentication message is transmitted as a PDU by using the NAS message, and after receiving the NAS message, the terminal gateway transmits the NAS message. The ΕΑΡ authentication PDU is sent to the AAA Proxy function through the internal interface. The AAA proxy will further proxy the MTC terminal to authenticate to the AAA server. If the authentication is successful, the MME saves the information that the MTC terminal has authenticated.

Step s6a04: After the authentication is passed, the MTC terminal initiates a DHCP request to the terminal gateway. This step has no necessary order relationship with the step s6a05-s6a09.

Step s6a05: The terminal gateway passes the MTC terminal authentication, or receives the DHCP request from the MTC terminal, and decides to use an established PDN connection to access the MTC terminal to the network, and the terminal gateway sends a device access request message to the MME, where the MTC terminal is carried. Identifies and identifies the identity of the established PDN connection. The message can be a newly defined message, or reuse a message in an existing system, such as an existing request bearer resource modification message, and an extended parameter implementation in an existing message.

Step s6a06: After receiving the device access request message, the MME first saves according to the The MTC terminal authentication result determines whether the MTC terminal is allowed to access the network. If the MME does not save the MTC terminal authentication result, or the saved authentication result is that the authentication fails, the MME rejects the device access request.

Step s6a07: If the MME determines that the MTC terminal has been authenticated, the MME sends a device access request message to the PDN GW according to the request of the terminal gateway, where the MTC terminal identifier and the identity information of the established PDN connection are used. The message can be a newly defined message, or reuse a message in an existing system, such as an existing request bearer resource modification message, and an extended parameter implementation in an existing message. The message is forwarded to the PGW through the SGW in the LTE system.

Step s6a08: The PGW allocates a new IP address to the MTC terminal in the PDN connection indicated by the LBI, and returns it to the MME.

Step s6a09 MME sends the returned IP address to the terminal gateway.

Step s6al0: The terminal gateway can directly feed the IP address as the step s6a02, or the response of step s6a04 to the MTC terminal, or the PGW has not received the step s6a04 at this time, the PGW saves the IP address, and after receiving the step s6a04, the IP is The address is fed back to the MTC terminal as a response to step s6a04.

According to the above steps, the terminal gateway accesses the new MTC terminal in an established PDN connection and requests IP address allocation for the MTC terminal, so that the number of MTC terminals that can be accessed under the terminal gateway is greatly increased. And the terminal gateway can request the authentication of the MTC terminal to the AAA server before requesting the IP address to access the network, and if the authentication fails, the access service is not provided for the MTC terminal. In this embodiment, the MME requests the PGW. Before the MTC terminal allocates an IP address, the authentication result of the MTC terminal can be further checked to ensure that the legal MTC terminal can access the carrier network.

The steps in Figure 6b are specifically as follows:

Step s6b01: The terminal gateway is attached to the carrier network as a UE. And to the network The network indicates the request AAA proxy address, and the indication may be in various forms, such as a terminal gateway indication, an AAA proxy requirement, and the like.

Step s6b02: The MME determines, according to the indication, a PGW with an AAA proxy function for the terminal gateway, and feeds back the AAA proxy address to the terminal gateway.

Step s6b03: The MTC terminal starts to establish a wireless link with the terminal gateway.

Step s6b04: After establishing a wireless link with an MTC terminal, the terminal gateway authenticates the MTC terminal to the obtained AAA proxy address, and the AAA Proxy further authenticates the MTC terminal to the AAA server, and obtains the authentication result. In this embodiment, the AAA proxy is integrated with the PGW or is considered to have an internal interface, so that the PGW can obtain the authentication result of the MTC terminal.

Optionally, in this step, the PGW directly allocates an IP address to the MTC terminal according to the authentication result, and sends the response to the terminal gateway in the response message of the authentication process. The terminal gateway does not need to initiate step S6b06-S6bl0.

Step s6b05: After the authentication is passed, the MTC terminal initiates a DHCP request to the terminal gateway. This step has no necessary order relationship with the step s6b06-s6bl0.

Step s6b06: The terminal gateway passes the MTC terminal authentication, or receives the DHCP request from the MTC terminal, determines to use an established PDN connection to access the MTC terminal, and the terminal gateway sends a device access request message to the MME, where the MTC terminal is carried. Identifies and identifies the identity of the established PDN connection. The message can be a newly defined message, or reuse a message in an existing system, such as an existing request bearer resource modification message, and an extended parameter implementation in an existing message.

Step s6b07: The MME sends a device access request message to the PDN GW according to the request of the terminal gateway, where the MTC terminal identifier and the identifier information of the established PDN connection are used. The message can be a newly defined message, or reuse a message in an existing system, such as an existing request bearer resource modification message, and an extended parameter in an existing message. Realized. The message is forwarded to the PGW through the SGW in the LTE system.

Step s6b08: After receiving the device access request message, the PGW first determines whether to allow the MTC terminal to access the network according to the saved MTC terminal authentication result, if the MTC terminal authentication result is not saved on the PGW, or the saved authentication result is a reference If the right does not pass, the PGW refuses to assign an IP address to the MTC terminal.

Step s6b09: If the PGW determines that the MTC terminal has been authenticated, the PGW allocates a new IP address to the MTC terminal in the PDN connection indicated by the LBI, and returns it to the MME.

Step s6bl0: The MME sends the returned IP address to the terminal gateway.

Step s6b1: The terminal gateway can directly feed the IP address as the step s6b03, or the response of step s6b05 to the MTC terminal, or the PGW has not received the step s6b05 at this time, and the PGW saves the IP address, after receiving the step s6b05, The IP address is fed back to the MTC terminal as a response to step s6b05.

According to the above steps, the terminal gateway accesses the new MTC terminal in an established PDN connection and requests IP address allocation for the MTC terminal, so that the number of MTC terminals that can be accessed under the terminal gateway is greatly increased. And the terminal gateway may request the MTC terminal to request the authentication from the AAA server before requesting the IP address to access the network. If the authentication fails, the access service is not provided for the MTC terminal. In this embodiment, the PGW is the MTC terminal. Before the IP address is assigned, the authentication result of the MTC terminal can be further checked to ensure that the legal MTC terminal can access the carrier network.

As shown in FIG. 7a and FIG. 7b, FIG. 7 is a schematic diagram of an access network method example 5, wherein FIG. 7a determines whether the IP address is requested by the MME according to the authentication result, and FIG. 7b is that the MME sends the authentication result to the MME. The terminal gateway determines, by the terminal gateway, whether to request an IP address from the packet data network gateway according to the authentication result.

The step of Figure 7a is specifically as follows: Step S701a: The terminal gateway is attached to the carrier network as one UE.

Step S702a: The MTC terminal initiates establishment of a wireless link with the terminal gateway.

Step S703a: After the terminal gateway establishes a wireless link with an MTC terminal, the terminal gateway determines to use an established PDN connection to access the MTC terminal to the network, and the terminal gateway sends a device access request message to the MME, where the MTC terminal identifier is carried and the used is established. Identification information of the PDN connection. The message can be a newly defined message, or reuse a message in an existing system, such as an existing request bearer resource modification message, and an extended parameter implementation in an existing message.

Step S704a: Step S707a: After receiving the device access request message, the MME uses the received MTC terminal identifier to perform an Evolved Packet System Authentication and Key Agreement (EPS AKA) process pair. The MTC terminal performs authentication. In step S706a: S707a, the terminal gateway transparently transmits the authentication message between the MTC terminal and the MME. Optionally, the received message protocol format may also be converted, for example, the AKA format message received from the MME in step S706a. The EAP format is sent to the MTC terminal, and the EAP format message received from the MTC terminal in step S707a is converted into an AKA format and sent to the MME.

Step S708a: If the MME determines that the MTC terminal is authenticated, the MME sends a device access request message to the PDN GW, where the MTC terminal identifier and the identity information of the established PDN connection are used. The message can be a newly defined message, or reuse a message in an existing system, such as an existing request bearer resource modification message, and an extended parameter implementation in an existing message. The message is forwarded to the PGW by the SGW in the LTE system. Step S709a: The PGW allocates a new IP address to the MTC terminal and returns it to the MME in the PDN connection indicated by the LBI.

Step S710a: The MME sends the returned IP address to the terminal gateway.

Step S711 a: The terminal gateway can feed back the IP address to the MTC terminal. According to the above steps, the terminal gateway accesses a new MTC terminal in an established PDN connection and requests an IP address allocation for the MTC terminal, so that the number of MTC terminals that can be accessed under the terminal gateway is greatly increased. The MME further performs a 3GPP EPS AKA authentication check on the MTC terminal before requesting the PGW to allocate an IP address to the MTC terminal, so as to ensure that the legal MTC terminal can access the carrier network.

The steps in Figure 7b are specifically as follows:

Step S701b: The terminal gateway is attached to the carrier network as a UE.

Step S702b: The MTC terminal initiates establishment of a wireless link with the terminal gateway.

Step S703b: After the terminal gateway establishes a wireless link with the MTC terminal, the terminal gateway requests network authentication for the MTC terminal, and the authentication request message carries the MTC terminal identifier. Step S704b-Step S707b, the MME receives the device access request message. After that, the received MTC terminal identifier is used to perform an EPS AKA process to authenticate the MTC terminal. In step S706b, the terminal gateway transparently transmits the authentication message between the MTC terminal and the MME in S707b. Optionally, the received message protocol format may also be converted, for example, the AKA format message received from the MME in step S706b. The EAP format is sent to the MTC terminal, and the EAP format message received from the MTC terminal in step S707b is converted into an AKA format and sent to the MME.

Step S708b: The MME feeds back an authentication response message to the terminal gateway.

Step S709b: If the authentication succeeds, the terminal gateway determines to use an established PDN connection to access the MTC terminal to the network, and the terminal gateway sends a device access request message to the MME, where the MTC terminal identifier and the identifier information of the established PDN connection are used. . The MTC terminal identifier may be the same as the terminal identifier of the step 3, or may be other identifiers, such as a temporary identifier allocated by the MME for the MTC terminal. The message may be a newly defined message, or reuse a message in an existing system, such as an existing request bearer resource modification message, and an extended parameter implementation in an existing message. Step S710b: The MME sends a device access request message to the PDN GW, where the MTC terminal identifier and the identity information of the established PDN connection are used. The message may be a newly defined message, or reuse a message in an existing system, such as an existing request bearer resource modification message, and an extended parameter implementation in an existing message. This message is forwarded to the PGW via the SGW in the LTE system.

Step S711b: The PGW allocates a new IP address to the MTC terminal in the PDN connection indicated by the LBI, and returns it to the MME.

-give

Step S713b: The terminal gateway can feed back the IP address to the MTC terminal.

According to the above steps, the terminal gateway accesses the new MTC terminal in an established PDN connection and requests IP address allocation for the MTC terminal, so that the number of MTC terminals that can be accessed under the terminal gateway is greatly increased. The terminal gateway further performs a 3GPP EPS AKA authentication check on the MTC terminal before requesting the PGW to allocate an IP address to the MTC terminal, so as to ensure that the legal MTC terminal can access the carrier network.

FIG. 8 is a flowchart of a method for accessing a network according to an embodiment of the present invention. The method is applied to a terminal gateway, and the method includes the following steps:

In step S801, the terminal gateway establishes a short-range wireless connection with the first terminal, and obtains identification information of the first terminal.

In the embodiment of the present invention, in the embodiment of the present invention, the terminal gateway establishes a wireless connection with the terminal through short-range communication technologies such as NFC (Near Field Communication), Zigbee, and Bluetooth, and obtains identification information of the terminal.

In step S802, the terminal gateway sends a terminal access network request to the mobility management device MME, where the terminal access network request includes terminal identification information of the terminal and PDN identification information of the established packet data network PDN connection.

It should be noted that all the established PDN connections in all embodiments of the present invention are required. The PDN connection between the terminal gateway and the PGW, the PDN connection may be established by the terminal gateway for itself, or the terminal gateway may be established by the second terminal connected to the terminal gateway, and the PGW An IP address has been assigned to the terminal gateway and/or the second terminal at the established PDN connection. That is, the established PDN connection is a PDN connection in which the PGW has allocated at least one IP address in the established PDN connection.

The identifier information of the established PDN connection in the embodiment of the present invention may be a link bear identifier (LBI) of the established PDN connection, and of course, other identifiers that can uniquely identify the established PDN connection may be used. Identification information.

Moreover, for different systems, the mobility management device can be a different device. For example, in the LTE system, the mobility management device may be a mobility management entity (MME), and a universal mobile telecommunications system (UMTS) system, where the mobility management device may be a serving GPRS support node ( Serving GPRS support node, SGSN), etc.

The above description is equally applicable to other embodiments, and will not be described below.

It should be noted that, since the device on the network side needs to control the terminal, Each terminal needs to be assigned a corresponding IP address.

In step S803, the terminal gateway receives the Internet Protocol IP address sent by the mobility management device MME, where the IP address is a packet data network gateway in the established PDN connection corresponding to the PDN connection identifier information. Assigned by the terminal.

In the embodiment of the present invention, the terminal gateway receives the IP address sent by the MME, where the IP address is allocated by the packet data network gateway to the terminal in the established PDN connection corresponding to the PDN connection identifier information, In this way, an IP address can be assigned to multiple terminals in one PDN connection, and a PDN connection is provided to provide access to the network for multiple terminals.

In step S804, the terminal gateway accesses the terminal to the network by using the IP address.

In the embodiment of the present invention, the terminal gateway may send the IP address to the terminal as a response to establish a wireless connection with the terminal in step S101, or may use the IP address as a step of subsequent "terminal sends a DHCP request to the terminal gateway". The response is sent to the terminal.

As an optional embodiment of the present invention, after step S801, before step S802, the method further includes the following steps:

Receive a DHCP request sent by the terminal.

As another optional embodiment of the present invention, after step S801, before step S802, the method further includes the following steps: Transmitting the terminal identification information to the mobility management device, so that the mobility management device authenticates the terminal according to the identifier information, and receives an authentication result sent by the mobility management device, if The result of the authentication is successful, and the step of the terminal gateway transmitting the terminal access network request to the mobility management device is performed; or

The terminal gateway sends the terminal identification information to the authentication server, so that the authentication server authenticates the terminal according to the terminal identification information; and receives an authentication result sent by the authentication server, If the authentication result is successful, the step of the terminal gateway transmitting the terminal access network request to the mobility management device is performed.

In the embodiment of the present invention, the terminal gateway may further send the terminal identifier information to the network side device, so that the network side device performs authentication for the terminal according to the identifier information. The specific authentication methods include, but are not limited to, the following two types: authentication by an authentication server (AAA server); or authentication by a mobility management device.

The authentication by the authentication server is specifically as follows: The terminal gateway sends the identification information of the terminal to the authentication server, and the authentication server authenticates the terminal according to the identification information. The authentication to the authentication server can be further divided into: (1) directly transmitting the identification information of the terminal to the authentication server, and the authentication server performs authentication according to the identification information; (2) transmitting the identification information of the terminal to An authentication proxy (AAA proxy) forwards the identification information to an authentication server by an AAA proxy. The function of the authentication proxy is implemented by a network element on the network side, including but not limited to: a packet data network gateway PGW or MME. The step of obtaining the packet data network gateway as the authentication agent is specifically: sending the authentication request information to the mobility management device, where the authentication request information is a terminal gateway type indication or an authentication proxy request indication;

Receiving, by the mobility management device, the authentication proxy address corresponding to the authentication proxy returned by the mobility management device;

Sending the identification information of the terminal to the packet data network gateway indicated by the address. The MME performs authentication, specifically: the terminal gateway sends the identifier information of the terminal to the MME, and the MME authenticates the terminal according to the identifier information. The MME specific authentication process is the same as the authentication authentication technology in the existing SAE system, and details are not described herein. In the authentication process, the terminal gateway converts the format of the authentication message to make the transmitting parties more convenient to receive, and the specific conversion is: The terminal gateway converts the user authentication request message received from the MME by the AKA format. The EAP format is sent to the terminal; the terminal gateway converts the user authentication response message received from the terminal into an AKA format and sends it to the MME.

Receiving the result of the authentication sent by the mobility management device or the authentication server, and referring to the result of the authentication, determining whether to initiate to the network side, step S802, the terminal accessing the network, requesting the terminal to access the network.

In the embodiment of the present invention, the authentication result is whether the terminal gateway is a reference factor for the terminal to request the network side to allocate an IP address, but is not a determining factor: that is, the terminal does not pass the authentication, and the terminal gateway requests the terminal to allocate the IP to the network side. Address; otherwise, even if the terminal passes the authentication, the terminal gateway may not request the terminal to allocate an IP address to the network side.

As another optional embodiment of the present invention, after step S802, the method before step S803 further includes the following steps:

Sending a terminal access network request to the MME, so that the MME authenticates the terminal according to the identifier information.

In the embodiment of the present invention, the MME receives the terminal access network request sent by the terminal gateway, and performs authentication on the terminal according to the identification information of the terminal. The MME specific authentication process is the same as the authentication authentication technology in the existing SAE system, and details are not described herein. In the authentication process, the terminal gateway converts the format of the authentication message to make the transmitting parties more convenient to receive, and the specific conversion is: The terminal gateway converts the user authentication request message received from the MME by the AKA format. Is sent to the terminal for the EAP format; the terminal gateway will receive the terminal The user authentication response message is converted from the EAP format to the AKA format and sent to the MME. In the embodiment of the present invention, after receiving the identifier information of the established PDN connection, the network side device (such as the PGW) allocates an IP address to the terminal in the established PDN connection indicated by the identifier information of the established PDN connection, so that Under a PDN connection, multiple IPs can be allocated for different terminals to access the network, which breaks through the limitation that one PDN connection can only be accessed by one terminal, thereby overcoming the limited number of bearers that can be established by each terminal gateway. A problem.

FIG. 9 is a flowchart of a method for accessing a network according to another embodiment of the present invention. The method is applied to a packet data network gateway, and the method includes the following steps:

In step S901, the packet data network gateway PGW receives the terminal access network request sent by the mobility management device MME, where the terminal access network request includes the terminal identification information of the terminal and the PDN connected to the established packet data network PDN. Connection identification information.

In the embodiment of the present invention, the packet data network gateway PGW receives the terminal access network request sent by the MME by using the forwarding of the serving gateway SGW, where the terminal access network request includes the terminal identification information of the terminal and the established packet data. The PDN connection identifier information of the network PDN connection, the terminal access network request may be implemented by a newly defined message, or may be implemented by extending a parameter in an existing system, for example, request bearer in an existing LTE system. The resource modification message is extended by the terminal identifier parameter. Optionally, the message type may be extended or an identifier may be added to indicate that the message is used for the terminal to access the network request.

In step S902, the PGW allocates an internet protocol IP address to the terminal corresponding to the terminal identification information in the established PDN connection corresponding to the PDN connection identifier information according to the terminal access network request.

In the embodiment of the present invention, the packet data network gateway is based on the terminal sent by the terminal gateway. The access network request, in the established PDN connection corresponding to the PDN connection identifier information, allocate an internet protocol IP address to the terminal corresponding to the terminal identifier information, so that the terminal accesses the network according to the IP address, In this way, an IP address can be assigned to multiple terminals in one PDN connection, and a PDN connection is provided to provide access to the network for multiple terminals.

In step S903, the PGW sends the IP address to the mobility management device, so that the terminal accesses the network by using the IP address.

As an optional embodiment of the present invention, before step S901, the method further includes the following steps:

Receiving an authentication request sent by the terminal gateway, where the authentication request includes the terminal identification information;

Sending, by the authentication server, the terminal identification information included in the authentication request to the authentication server, so that the authentication server authenticates the terminal according to the terminal identification information;

Receiving and recording the authentication result of the authentication sent by the authentication server, and sending the authentication result to the terminal gateway.

In the embodiment of the present invention, the packet data network gateway receives the identifier information of the terminal sent by the terminal gateway, and sends the identifier information of the terminal to the authentication server as an authentication proxy, so that the authentication server is configured to the terminal according to the identifier information. Perform authentication.

As another optional embodiment of the present invention, before the step of assigning an internet protocol IP address to the terminal corresponding to the terminal identifier information in the established PDN connection corresponding to the PDN connection identifier information, the method It also includes the following steps:

Determining, by the PGW, the authentication result according to the terminal identification information, if the authentication result is successful, performing, in the established PDN connection corresponding to the PDN connection identifier information, the terminal identifier information The step of the terminal assigning an IP address. In the embodiment of the present invention, after receiving the identifier information of the established PDN connection, the network side device (such as the PGW) allocates an IP address to the terminal in the established PDN connection indicated by the identifier information of the established PDN connection, so that Under a PDN connection, multiple IPs can be allocated for different terminals to access the network, which breaks the limitation that one PDN connection can only be used for one terminal to access the network, thereby overcoming the limited number of bearers that each terminal gateway can establish. A problem.

FIG. 10 is a flowchart of a method for accessing a network according to another embodiment of the present invention. The method is applied to a mobility management device, and the method includes the following steps:

In step S1001, the mobility management device MME receives the terminal access network request sent by the terminal gateway, where the terminal access network request includes the terminal identification information of the terminal and the PDN connection identification information of the established packet data network PDN connection. .

In step S1002, the mobility management device sends the terminal access network request to the packet data network gateway PGW.

In step S1003, the mobility management device receives an internet protocol IP address sent by the packet data network gateway, where the IP address is the indicated by the packet data network gateway in the PDN connection identifier information. The PDN connection is established for the terminal corresponding to the terminal identification information.

An IP address, such that the terminal gateway accesses the terminal to the network using the IP address.

As an optional embodiment of the present invention, before step S1001, the method further includes the following steps:

Receiving, by the mobility management device, an authentication request sent by the terminal gateway, where the authentication request includes the terminal identification information;

Transmitting, by the mobility management device, the terminal identification information included in the authentication request to an authentication server; The mobility management device receives the authentication result sent by the authentication server, and sends the authentication result to the terminal gateway.

In the embodiment of the present invention, the MME receives the authentication request sent by the terminal gateway, and the MME sends the terminal identifier information included in the authentication request to the authentication server, so that the authentication server is configured according to the terminal identifier information. The terminal performs authentication, and the MME receives the authentication result sent by the authentication server, and sends the authentication result to the terminal gateway.

As another optional embodiment of the present invention, after the step of the mobility management device receiving the authentication result sent by the authentication server, the method further includes:

The mobility management device records a result of the authentication;

The method further includes: before the step of the terminal, the method for the terminal, the network, the network, the network, the network, the

Determining, by the mobility management device, the authentication result according to the terminal identification information included in the terminal access network request, and if the authentication result is successful, performing the sending the terminal connection to a packet data network gateway The steps to enter the network request.

In the embodiment of the present invention, after receiving the authentication result sent by the authentication server, the MME records the authentication result. And after the step of the mobility management device receiving the terminal access network request sent by the terminal gateway, before the step of transmitting the terminal access network request to the packet data network gateway, according to the terminal access network request The terminal identification information determines the authentication result, and if the authentication result is successful, performing the step of sending the terminal access network request to the packet data network gateway.

As another optional embodiment of the present invention, after step S1001, before step S1002, the method further includes the following steps:

The mobility management device accesses the terminal included in the terminal access network request The identification information is sent to the authentication server, so that the authentication server authenticates the terminal according to the terminal identification information;

The mobility management device receives an authentication result sent by the authentication server, and sends the authentication result to the terminal gateway.

In the embodiment of the present invention, after receiving the terminal identifier information, the MME directly sends the terminal identifier information to the authentication server for authentication, and does not need to perform the authentication request after the terminal gateway sends the authentication request, which is equivalent to the MME. Actively authenticate the terminal.

FIG. 11 is a structural diagram of an access network apparatus according to an embodiment of the present invention. For ease of description, only parts related to the embodiment of the present invention are shown, including:

The connecting unit 111 is configured to establish a short-range wireless connection between the terminal gateway and the terminal.

The access network request sending unit 112 is configured to send, by the terminal gateway, a terminal access network request to the mobility management device, where the terminal access network request includes the terminal identifier information of the terminal and the established packet data network. PDN connection identification information of the PDN connection.

It should be noted that the established PDN connection in all the embodiments of the present invention refers to the PDN connection established by the terminal gateway and the PGW. The PDN connection may be established by the terminal gateway for itself or may be The terminal gateway is established by the second terminal connected to the terminal gateway, and the PGW has allocated an IP address to the terminal gateway and/or the second terminal on the established PDN connection. That is, the established PDN connection is a PDN connection in which the PGW has allocated at least one IP address in the established PDN connection.

The identifier information of the established PDN connection in the embodiment of the present invention may be The associated bearer identifier (LBI) of the PDN connection is established. Of course, other identifier information that can uniquely identify the established PDN connection may be used.

It should be noted that since the devices on the network side need to control the terminal, it is necessary to assign a corresponding IP address to each terminal.

The IP address receiving unit 113 is configured to receive, by the terminal gateway, an internet protocol IP address that is sent by the mobility management device, where the IP address is that the packet data network gateway is configured to correspond to the PDN connection identifier information. Assigned to the terminal in the PDN connection.

In the embodiment of the present invention, the terminal gateway receives the IP address sent by the MME, where the IP address is a location corresponding to the PDN connection identifier information of the packet data network gateway. The PDN connection is allocated for the terminal, so that an IP address can be allocated to multiple terminals in one PDN connection, and a PDN connection is provided to provide access to the network for multiple terminals.

The network access unit 114 is configured to use, by the terminal gateway, an IP address received by the IP address receiving unit to access the network.

As an optional embodiment of the present invention, the device further includes:

The DHCP request receiving unit is configured to receive a DHCP request sent by the terminal.

As another optional embodiment of the present invention, the device further includes:

In the embodiment of the present invention, the terminal gateway may further send the terminal identifier information to the network side device, so that the network side device performs authentication for the terminal according to the identifier information. specific The authentication method includes but is not limited to the following two types: authentication by an authentication server (AAA server); or authentication by a mobility management device.

The authentication by the authentication server is specifically as follows: The terminal gateway sends the identification information of the terminal to the authentication server, and the authentication server authenticates the terminal according to the identification information. The authentication to the authentication server can also be divided into: (1) directly transmitting the sub-unit, directly transmitting the identification information of the terminal to the authentication server, and the authentication server performs authentication according to the identification information; (2) indirectly transmitting a subunit, configured to send, by the authentication proxy, the terminal identifier information to the authentication server by using an authentication proxy. The function of the authentication proxy is implemented by a network element on the network side, including but not limited to: a packet data network gateway PGW or MME. The step of obtaining the packet data network gateway as the authentication agent is specifically: sending the authentication request information to the mobility management device, where the authentication request information is a terminal gateway type indication or an authentication proxy request indication;

Sending the identification information of the terminal to the packet data network gateway indicated by the address. The MME performs authentication, specifically: the terminal gateway sends the identifier information of the terminal to the MME, and the MME authenticates the terminal according to the identifier information. The authentication process of the MME is the same as the authentication and authentication technology in the existing SAE system, and details are not described herein. In the authentication process, the terminal gateway converts the format of the authentication message to make the transmitting parties more convenient to receive, and the specific conversion is: The terminal gateway converts the user authentication request message received from the MME by the AKA format. The EAP format is sent to the terminal; the terminal gateway converts the user authentication response message received from the terminal into an AKA format and sends it to the MME.

Receiving the result of the authentication sent by the mobility management device or the authentication server, and using the result of the authentication as a reference, determining whether to initiate the step S802 to the network side. The incoming network requests the terminal to access the network.

FIG. 12 is a structural diagram of an access network apparatus according to another embodiment of the present invention. For convenience of description, only parts related to the embodiment of the present invention are shown, where the apparatus includes: The receiving unit 121 is configured to receive, by the packet data network gateway, the terminal access network request sent by the mobility management device, where the terminal access network request includes the terminal identifier information of the terminal and the PDN of the established packet data network PDN connection. Connection identification information.

The IP address allocating unit 122 is configured to: according to the terminal access network request received by the receiving unit 121, the corresponding location information of the terminal in the established PDN connection corresponding to the PDN connection identifier information. The terminal allocates the Internet Protocol IP address.

In the embodiment of the present invention, the packet data network gateway allocates the terminal corresponding to the terminal identification information in the established PDN connection corresponding to the PDN connection identifier information according to the terminal access network request sent by the terminal gateway. The Internet Protocol IP address is used to enable the terminal to access the network according to the IP address, so that an IP address can be allocated to multiple terminals in one PDN connection, and a PDN connection is provided to provide access to the network for multiple terminals.

The IP address sending unit 123 is configured to send, by the PGW, the IP address allocated by the IP address allocating unit 122 to the mobility management device, so that the terminal accesses the network by using the IP address. As an optional embodiment of the present invention, the device further includes: an authentication request receiving unit, configured to receive an authentication request sent by the terminal gateway, where the authentication request includes the terminal identification information;

a terminal identifier information sending unit, configured to send the terminal identifier information included in the authentication request received by the authentication request receiving unit to an authentication server, so that the authentication server compares the terminal identifier information according to the terminal identifier information Said terminal for authentication;

The authentication result receiving unit is configured to receive and record an authentication result of the authentication sent by the authentication server, and send the authentication result to the terminal gateway.

An execution unit, configured to determine, by the PGW, the authentication result according to the terminal identification information, if the authentication result is successful, performing, in the established PDN connection corresponding to the PDN connection identifier information, The step of assigning an IP address to the terminal corresponding to the terminal identification information.

FIG. 13 shows a structure of an access network device according to another embodiment of the present invention. For the convenience of description, only parts related to the embodiment of the present invention are shown, and the device includes:

The receiving unit 131 is configured to receive, by the mobility management device, a terminal access network request sent by the terminal gateway, where the terminal access network request includes the terminal identifier information of the terminal and the PDN connection identifier information of the established packet data network PDN connection. .

The sending unit 132 is configured to send, by the mobile new management device, a terminal access network request received by the receiving unit 131 to the packet data network gateway.

The IP address receiving unit 133 is configured to receive, by the mobility management device, an internet protocol IP address sent by the packet data network gateway, where the IP address is the identifier indicated by the packet data network gateway in the PDN connection identifier information. The PDN connection is allocated for the terminal corresponding to the terminal identification information.

The IP address sending unit 134 is configured to send, by the mobility management device, the IP address received by the IP address receiving unit 133 to the terminal gateway, so that the terminal gateway uses the IP address to access the terminal to the network. .

An authentication request receiving unit, configured to receive an authentication request sent by the terminal gateway, where the authentication request includes the terminal identification information;

An authentication unit, configured to authenticate the terminal according to the identifier information of the terminal received by the authentication request receiving unit;

The authentication result sending unit is configured to send the result of the authentication unit authentication to the terminal gateway.

In the embodiment of the present invention, the MME receives the authentication request sent by the terminal gateway, and the MME sends the terminal identifier information included in the authentication request to the authentication server, so that the authentication server is configured according to the terminal identifier information. The terminal performs authentication, and the MME receives the authentication result sent by the authentication server, and sends the authentication result to the end. End gateway.

a recording unit, configured to record a result of the authentication.

An execution unit, configured to determine, by the mobility management device, the authentication result according to the terminal identifier information included in the terminal access network request, and if the authentication result is successful, performing the packet data network gateway The step of transmitting the terminal access network request.

a sending unit, configured to send, by the mobility management device, the terminal identifier information included in the terminal access network request to an authentication server, so that the authentication server compares the terminal according to the terminal identifier information Right

An authentication result receiving unit, configured to receive, by the mobility management device, an authentication result sent by the authentication server;

The authentication result sending unit is configured to send, by the mobility management device, an authentication result received by the authentication result receiving unit to the terminal gateway.

The above is only the preferred embodiment of the present invention and is not intended to limit the present invention. Any modifications, equivalent substitutions and improvements made within the spirit and scope of the invention are intended to be included within the scope of the invention.

It should be noted that, in the foregoing user equipment and base station embodiments, each unit included is only divided according to functional logic, but is not limited to the foregoing division, as long as the corresponding function can be implemented; The specific names are also for convenience of distinguishing from each other and are not intended to limit the scope of the present invention.

In addition, those skilled in the art can understand that all or part of the steps in implementing the foregoing method embodiments can be completed by a program to instruct related hardware, and the corresponding program can be stored in a computer readable storage medium. The storage medium mentioned may be a read only memory, a magnetic disk or an optical disk or the like.

The above is only a preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of it within the technical scope disclosed by the embodiments of the present invention. Variations or substitutions are intended to be covered by the scope of the invention. Therefore, the scope of protection of the present invention should be protected by the scope of the claims.

Claims

Rights request

A method for accessing a network, characterized in that the method is applied to a terminal gateway, and the method comprises the following steps:

The terminal gateway establishes a short-range wireless connection with the terminal;

The terminal gateway receives the Internet Protocol IP address sent by the mobility management device MME, where the IP address is a packet data network gateway, and the terminal is the terminal in the established PDN connection corresponding to the PDN connection identifier information. distributed;

The terminal gateway uses the IP address to access the terminal to the network.

2. The method according to claim 1, wherein before the step of the terminal gateway transmitting a terminal access network request to the mobility management device, the method further includes:

The terminal gateway sends the terminal identification information to the mobility management device, so that the mobility management device authenticates the terminal according to the terminal identification information; and receives the mobility management device to send The result of the authentication, if the step of authenticating the result; or

3. The method according to claim 2, wherein the terminal gateway learns from the terminal The step of the right server sending the terminal identification information includes:

The terminal gateway sends the terminal identification information to the authentication server by using an authentication proxy.

4. The method of claim 3, wherein

The authentication proxy is a packet data network gateway PGW;

The step of the terminal gateway sending the terminal identification information to the authentication server by using an authentication proxy, including: the terminal gateway, by using the authentication agent corresponding to the authentication proxy address obtained in advance, to the The right server sends the terminal identification information, its.

The method according to claim 4, wherein the terminal gateway obtains the authentication proxy address in advance by:

The terminal gateway sends terminal authentication request information to the mobility management device; the terminal gateway receives and stores the authentication proxy address corresponding to the authentication proxy returned by the mobility management device.

6. The method of claim 5, wherein

The terminal authentication request information is a terminal gateway type indication or an authentication agent request indication.

A method for accessing a network, the method comprising: a packet data network gateway (PGW) receiving a terminal access network request sent by a mobility management device, where the terminal access network request includes a terminal The terminal identification information and the PDN connection identification information of the established packet data network PDN connection;

The PGW allocates an Internet Protocol IP address to the terminal corresponding to the terminal identification information in the established PDN connection corresponding to the PDN connection identifier information according to the terminal access network request; The PGW sends the IP address to the mobility management device to enable the terminal to access the network using the IP address.

The method of claim 7, wherein the method further includes: before the step of the PGW receiving the terminal access network request sent by the mobility management device, the method further includes:

The method according to claim 7, wherein before the step of assigning an IP address to the terminal corresponding to the terminal identification information in the established PDN connection corresponding to the PDN connection identifier information, The method also includes:

Determining, by the PGW, the authentication result according to the terminal identification information, if the authentication result is successful, performing, in the established PDN connection corresponding to the PDN connection identifier information, the terminal identifier information The step of the terminal assigning an IP address.

A method for accessing a network, the method comprising: the mobility management device receiving a terminal access network request sent by a terminal gateway, where the terminal access network request includes terminal identification information of the terminal PDN connection identification information that is connected to the PDN of the packet data network that has been established;

Receiving, by the mobility management device, the internet protocol sent by the packet data network gateway An IP address, where the IP address is allocated by the packet data network gateway to the terminal corresponding to the terminal identification information in the established PDN connection indicated by the PDN connection identifier information; The gateway uses the IP address to access the terminal to the network.

The method of claim 10, wherein before the step of the mobility management device receiving the terminal access network request sent by the terminal gateway, the method further includes:

Transmitting, by the mobility management device, the terminal identification information included in the authentication request to an authentication server;

The method according to claim 11, wherein after the step of the mobility management device receiving the authentication result sent by the authentication server, the method further includes:

Record the result of the authentication.

13. The method of claim 10, wherein the mobility management Before the step of the device receiving the terminal access network request sent by the terminal gateway, before the step of transmitting the terminal access network request to the packet data network gateway, the method further includes: the mobility management device accessing the terminal Sending, by the network request, the terminal identification information to the authentication server, so that the authentication server authenticates the terminal according to the terminal identification information;

A terminal gateway, wherein the terminal gateway comprises: a connection unit, configured to establish a short-range wireless connection between the terminal gateway and the terminal; and an access network request sending unit, configured to use the terminal gateway to the mobility management device Transmitting a terminal access network request, where the terminal access network request includes terminal identification information of the terminal and PDN connection identification information of the established packet data network PDN connection;

The terminal gateway according to claim 14, wherein the terminal gateway further comprises:

An authentication result receiving unit, configured to receive the mobility management device or the authentication server The result of the authentication sent;

The terminal gateway according to claim 15, wherein the identity information sending unit comprises:

And an indirect sending subunit, configured to send, by the authentication proxy, the terminal identifier information to the authentication server by using an authentication proxy.

17. The terminal gateway of claim 16 wherein:

The authentication proxy is a PDN gateway;

The terminal gateway according to claim 17, wherein the terminal gateway obtains the authentication proxy address in advance by:

The terminal gateway sends terminal authentication request information to the mobility management device; the terminal gateway receives and stores the authentication proxy address corresponding to the authentication proxy returned by the mobility management network element.

19. The terminal gateway of claim 18, wherein

20. A packet data network gateway, wherein the packet data network gateway comprises:

a receiving unit, configured for the packet data network gateway PGW to receive the mobility management device Sending a terminal access network request, where the terminal access network request includes terminal identification information of the terminal and PDN connection identification information of the established packet data network PDN connection;

An IP address allocation unit, configured to: according to the terminal access network request received by the receiving unit, the terminal corresponding to the terminal identification information in the established PDN connection corresponding to the PDN connection identifier information Assign an internet protocol IP address;

And an IP address sending unit, configured to send, by the PGW, an IP address allocated by the IP address allocation unit to the mobility management device, so that the terminal accesses the network by using the IP address.

The packet data network gateway according to claim 20, wherein the packet data network gateway further comprises:

The authentication request receiving unit is configured to receive an authentication request sent by the terminal gateway, where the authentication request includes the terminal identification information;

23. A mobility management device, the mobility management device comprising: a receiving unit, configured to receive, by the mobility management device, a terminal access network request sent by the terminal gateway, where the terminal access network request includes terminal identification information of the terminal and PDN connection identification information of the established packet data network PDN connection;

The mobility management device according to claim 23, wherein the mobility management device further comprises:

The mobility management device according to claim 24, wherein the mobility management device further comprises:

a recording unit, configured to record a result of the authentication.

An execution unit, configured to determine, by the mobility management device, the authentication result according to the terminal identifier information included in the terminal access network request, if the authentication result is The step of transmitting the terminal access network request to the packet data network gateway is performed.

The device according to claim 23, wherein the device further comprises: a sending unit, configured to send, by the mobility management device, the terminal identification information included in the terminal access network request to the And the right server, so that the authentication server authenticates the terminal according to the terminal identification information;