System and method for integrating mobile networking with security-based VPNs
First Claim
Patent Images
1. A method for providing a secure network path between network nodes, the method comprising:
- receiving a first registration request from a mobile node, said registration request including a permanent network address for the mobile node;
sending a second registration request to a home agent specifying the permanent network address and a proxy care-of address;
processing network data received from the mobile node as a surrogate home agent; and
processing network data received from the home agent as a surrogate mobile node.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods provide a secure network path through an inner and outer firewall pair between a mobile node on a foreign network and a corresponding node on a home network. One aspect of the systems and methods includes providing a mobile IP proxy between the mobile node and a VPN gateway inside the firewalls. The mobile IP proxy acts as a surrogate home agent to the mobile node, and acts as a surrogate mobile node to a home agent residing on the home network.
63 Citations
30 Claims
-
1. A method for providing a secure network path between network nodes, the method comprising:
-
receiving a first registration request from a mobile node, said registration request including a permanent network address for the mobile node;
sending a second registration request to a home agent specifying the permanent network address and a proxy care-of address;
processing network data received from the mobile node as a surrogate home agent; and
processing network data received from the home agent as a surrogate mobile node. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for securely communicating between nodes in a network, the method comprising:
-
creating a network data tunnel between a mobile node and a mobile IP proxy;
creating a first security association between the mobile node and a VPN gateway using a permanent network address associated with the mobile node;
creating a second security association between a home agent and the VPN gateway; and
utilizing, by a home agent, a mobile IP proxy IP address as the care-of address for the VPN gateway. - View Dependent Claims (7, 8)
-
-
9. A method for a home agent to securely route data between nodes in a network, the method comprising:
-
receiving a registration request from a MIP proxy specifying a permanent network address associated with a mobile node and a care-of address associated with the MIP proxy;
establishing a security association between the home agent and a VPN gateway; and
establishing a binding specifying the care-of address associated with the MIP proxy as a care-of address for the VPN gateway. - View Dependent Claims (10, 11)
-
-
12. A computerized system comprising:
-
a first home agent; and
a MIP proxy operable to perform the tasks of;
emulating a second home agent to a mobile node, emulating the mobile node to the first home agent. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A machine-readable medium having machine executable instructions to perform a method for providing a secure network path between nodes in a network, the method comprising:
-
receiving a first registration request from a mobile node, said registration request including a permanent network address for the mobile node;
sending a second registration request to a home agent specifying the permanent network address and a proxy care-of address;
processing network data received from the mobile node as a surrogate home agent; and
processing network data received from the home agent as a surrogate mobile node. - View Dependent Claims (21, 22, 23, 24)
-
-
25. A machine-readable medium have machine executable instructions for performing a method for securely communicating between nodes in a network, the method comprising:
-
creating a network data tunnel between a mobile node and a mobile IP proxy;
creating a first security association between the mobile node and a VPN gateway using a permanent network address associated with the mobile node;
creating a second security association between a home agent and the VPN gateway; and
utilizing by a home agent a mobile IP proxy IP address as the care-of address for the VPN gateway. - View Dependent Claims (26, 27)
-
-
28. A machine-readable medium having machine executable instructions for performing a method for a home agent to securely route data from a corresponding node to a mobile node, the method comprising:
-
receiving a registration request from a MIP proxy specifying a permanent network address associated with the mobile node and a care-of address associated with the MIP proxy;
establishing a security association between the home agent and a VPN gateway; and
establishing a binding specifying the care-of address associated with the MIP proxy as a care-of address for the VPN gateway. - View Dependent Claims (29, 30)
-
Specification