IP mobility in mobile telecommunications system

US 20050195780A1
Filed: 02/25/2005
Published: 09/08/2005
Est. Priority Date: 03/08/2004
Status: Abandoned Application

First Claim

Patent Images

1. A method for arranging data transmission for a mobile node in a telecommunications system comprising a secure network and an insecure network, wherein access between the insecure network and the secure network is arranged via a VPN node and wherein a home agent is established for the mobile node in the secure network, the method comprising:

arranging at least data transmission from a correspondent host to the mobile node in the secure network by the home agent in response to the mobile node accessing the secure network directly or via a third network other than the insecure network, or arranging data transmission between the mobile node and a correspondent host in the secure network by the VPN node in response to the mobile node accessing the secure network via the insecure network, wherein the VPN node and the home agent are configured to arrange use of the same IP address as an internal address and as a home address for the mobile node for communication with the correspondent host.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to arranging data transmission for a mobile node in a telecommunications system comprising a secure network and an insecure network. A connection to a secure network for a mobile node may be arranged by a home agent if the mobile node is accessing the secure network directly or via a third network other than the insecure network, or a connection to the secure network may be arranged by a VPN node if the mobile node is accessing the secure network via the insecure network. According to a first aspect of the invention, the VPN node and the home agent are configured to allocate the same IP address as an internal IP address and as a home address.

90 Citations

View as Search Results

24 Claims

1. A method for arranging data transmission for a mobile node in a telecommunications system comprising a secure network and an insecure network, wherein access between the insecure network and the secure network is arranged via a VPN node and wherein a home agent is established for the mobile node in the secure network, the method comprising:
- arranging at least data transmission from a correspondent host to the mobile node in the secure network by the home agent in response to the mobile node accessing the secure network directly or via a third network other than the insecure network, or arranging data transmission between the mobile node and a correspondent host in the secure network by the VPN node in response to the mobile node accessing the secure network via the insecure network, wherein the VPN node and the home agent are configured to arrange use of the same IP address as an internal address and as a home address for the mobile node for communication with the correspondent host.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method according to claim 1, the method comprising:
    - checking whether an IP address has already been allocated for the mobile node by the home agent or the VPN node, and arranging the same IP address for the connection via the VPN node or the home agent in response to an IP address already being allocated.
  - 3. A method according to claim 1, wherein the VPN node and the home agent are co-located in the same device.
  - 4. A method according to claim 1, the method comprising:
    - sending, from the VPN node and the home agent, a request for an IP address to a same DHCP server, and selecting the address received from the DHCP server as the internal address and the home address.
  - 5. A method according to claim 1, the method comprising:
    - determining in the mobile node whether it is accessing the secure network directly or via a third network, and arranging the data transmission at least from the correspondent host to the mobile node via the home agent if the mobile node is accessing the secure network directly or via a third network.
  - 6. A method according to claim 5, wherein said determining step comprises:
    - transmitting a registration request to the home agent in the secure network, and determining that the mobile node is accessing the secure network directly or via a third network if a registration reply is received from the home agent.
  - 7. A method according to claim 6, wherein an application layer connection has been arranged for the mobile node via the VPN node before said determining step is performed, and at least data reception is changed in the mobile node to be carried by a Mobile IP layer without a VPN protocol layer, whereby the same IP address as was used as the VPN internal address is used as the home address.
  - 8. A method according to claim 5, wherein an application layer connection has been arranged for the mobile node via the VPN node before said determining step is performed, and at least data reception is changed in the mobile node to be carried by a Mobile IP layer without a VPN protocol layer, whereby the same IP address as was used as the VPN internal address is used as the home address.

9. A telecommunications system comprising a secure network, an insecure network, a VPN node for arranging access between the insecure network and the secure network, and a home agent for mobile nodes in the secure network, wherein the system is configured to arrange at least data transmission from a correspondent host to the mobile node in the secure network by a home agent in response to the mobile node accessing the secure network directly or via a third network other than the insecure network, the system is configured to arrange data transmission between the mobile node and a correspondent host in the secure network by the VPN node in response to the mobile node accessing the secure network via the insecure network, and the VPN node and the home agent are configured to arrange use of the same IP address as an internal address and as a home address for the mobile node for communication with the correspondent host.
- View Dependent Claims (10)
- - 10. A system according to claim 9, wherein the VPN node and the home agent are configured to send a request for an IP address to a same DHCP server.

11. A network element in a telecommunications system, the network element being configured to function as a home agent, wherein, as a response to a need to establish data transmission between a mobile node and a correspondent host by the network element, the network element is configured to arrange as a home address of the mobile node the same IP address as has been arranged by a VPN node as an internal address for communication between the mobile node and the correspondent host.
- View Dependent Claims (12, 13, 14)
- - 12. A network element according to claim 11, wherein the network element is configured to check whether an IP address has already been allocated for the mobile node by the VPN node, and the network element is configured to arrange the same IP address as the home address in response to an IP address already being allocated by the VPN node.
  - 13. A network element according to claim 12, wherein the network element is co-located with the VPN node.
  - 14. A network element according to claim 11, wherein the network element is co-located with the VPN node.

15. A network element in a telecommunications system, the network element being configured to function as a VPN node, wherein, as a response to a need to establish data transmission between a mobile node and a correspondent host by the network element, the network element is configured to arrange as an internal address of the mobile node for communication with the correspondent host the same IP address as what has been arranged by a home agent as a home address of the mobile node.
- View Dependent Claims (16, 17, 18)
- - 16. A network element according to claim 15, wherein the network element is configured to check whether an IP address has already been allocated for the mobile node by the home agent, and the network element is configured to arrange the same IP address as the internal address in response to an IP address already being allocated by the home agent as the home address for the mobile node.
  - 17. A network element according to claim 16, wherein the network element is co-located with the home agent.
  - 18. A network element according to claim 15, wherein the network element is co-located with the home agent.

19. A mobile terminal configured to implement VPN protocol layer and Mobile IP protocol layer functions, wherein the terminal is configured to establish an association with a first node for at least receiving data from a correspondent host in a secure network, the terminal is configured to determine whether or not it is possible to establish an association with a second node for at least receiving data from a correspondent host in a secure network, wherein one of the first and the second node is a VPN node and the other is a home agent, and in response to such an association with the second node being arrangeable, the terminal is configured to adapt an upper layer connection to use the protocol layer functions for communicating with the second node instead of the protocol layer functions for communicating with the first node, and to use the same IP address as was used for communicating with the correspondent host with the first node.
- View Dependent Claims (20, 21, 22, 23)
- - 20. A terminal according to claim 19, wherein the terminal is configured to determine whether it is accessing the secure network directly or via a third network, and the terminal is configured to arrange data transmission at least from the correspondent host via the home agent if the mobile node is accessing the secure network directly or via a third network.
  - 21. A terminal according to claim 20, wherein the terminal is configured to transmit a registration request to the home agent in the secure network, and the terminal is configured to determine that the terminal is accessing the secure network directly or via a third network if a registration reply is received from the home agent.
  - 22. A terminal according to claim 19, wherein the first node is a VPN node providing a secure tunnel for the terminal over an insecure network to the secure network and the second node is a home agent, whereby the terminal is configured to change at least data reception to be carried by a Mobile IP layer without a VPN protocol layer, whereby the same IP address as was used as a VPN internal address is arranged to be used as a home address.
  - 23. A terminal according to claim 19, wherein the first node is a home agent and the second node is a VPN node providing a secure tunnel for the terminal over an insecure network to the secure network, whereby the terminal is configured to change at least data reception to be carried by the VPN protocol layer without the Mobile IP layer, whereby the same IP address as was used as the home address is arranged to be used as the VPN internal address.

24. A computer program product for controlling a mobile terminal, wherein the terminal is configured to establish an association with a first node for at least receiving data from a correspondent host in a secure network, the computer program product comprising:
- a program code portion causing the mobile terminal to determine whether or not it is possible to establish an association with a second node for at least receiving data from a correspondent host in a secure network, wherein one of the first and the second node is a VPN node and the other is a home agent, and a program code portion causing the mobile terminal, in response to such an association being arrangeable with the second node, to adapt an upper layer connection to use protocol layer functions for communicating with the second node instead of protocol layer functions for communicating with the first node, and to use same IP address as was used for communicating with the correspondent host with the first node.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Corporation
Original Assignee
Nokia Corporation
Inventors
Haverinen, Henry, Eronen, Pasi, Riittinen, Heikki

Application Number

US11/066,175
Publication Number

US 20050195780A1
Time in Patent Office

Days
Field of Search
US Class Current

370/338
CPC Class Codes

H04L 63/0272   Virtual private networks

H04L 63/164   at the network layer

H04W 8/26   Network addressing or numbe...

H04W 80/04   Network layer protocols, e....

IP mobility in mobile telecommunications system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

90 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

IP mobility in mobile telecommunications system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

90 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links