Apparatus and method for firewall traversal
First Claim
1. A method for traversing a firewall device to maintain a registration between a first device and a second device separated by the firewall device, the method comprising:
- intercepting a registration message from the first device to the second device;
determining whether it is time to renew the first device'"'"'s registration, wherein the determination is based on a first timeout period defined by the second device;
forwarding the registration message to the second device if it is time to renew the first device'"'"'s registration;
intercepting a response message from the second device to the first device, wherein the response message includes the first timeout period; and
replacing the first timeout period in the response message with a second timeout period based on a binding lifetime of the firewall device before forwarding the response message to the first device.
3 Assignments
0 Petitions
Accused Products
Abstract
An apparatus and method for traversing a network address translation/firewall device to maintain a registration between first and second devices separated by the firewall device are provided. In one example, the method includes intercepting a registration message from the first device to the second device. A determination is made based on a first timeout period defined by the second device as to whether it is time to renew the first device'"'"'s registration. If it is time to renew the first device'"'"'s registration, the registration message is forwarded to the second device. A response message that includes the first timeout period is intercepted, and the first timeout period is replaced with a second timeout period based on a binding lifetime of the firewall device before forwarding the response message to the first device.
53 Citations
25 Claims
-
1. A method for traversing a firewall device to maintain a registration between a first device and a second device separated by the firewall device, the method comprising:
-
intercepting a registration message from the first device to the second device;
determining whether it is time to renew the first device'"'"'s registration, wherein the determination is based on a first timeout period defined by the second device;
forwarding the registration message to the second device if it is time to renew the first device'"'"'s registration;
intercepting a response message from the second device to the first device, wherein the response message includes the first timeout period; and
replacing the first timeout period in the response message with a second timeout period based on a binding lifetime of the firewall device before forwarding the response message to the first device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system providing for firewall traversal, the system comprising:
-
a first device positioned in a private network;
a firewall device accessible to the private network and a public network;
a second device in the public network configured to register the first device; and
a session controller positioned in the public network between the firewall device and the second device, the session controller comprising a plurality of software executable instructions including;
instructions for intercepting a registration response message from the second device to the first device, wherein the response message includes the first timeout period; and
instructions for replacing the first timeout period in the response message with a second timeout period before forwarding the response message to the first device. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. An apparatus for enabling a network edge device to maintain a registration between a first device and a second device separated by the edge device, the apparatus comprising:
-
an interface accessible to the edge device and the second device; and
means for intercepting a registration message from the first device to the second device;
means for determining whether it is time to renew the first device'"'"'s registration, wherein the determination is based on a first timeout period defined by the second device;
means for forwarding the registration message to the second device if it is time to renew the first device'"'"'s registration;
means for intercepting a response message from the second device to the first device, wherein the response message includes the first timeout period; and
means for replacing the first timeout period in the response message with a second timeout period based on a binding lifetime of the edge device before forwarding the response message to the first device. - View Dependent Claims (20)
-
-
21. A method for traversing a firewall device to maintain a registration between a first device and a second device separated by the firewall device, wherein the first device is protected by the firewall device and the second device is outside the firewall device'"'"'s protection, the method comprising:
-
establishing a signaling channel between the first device and the second device;
sending a request to the first device from the second device via the signaling channel, wherein the request is sent at a time that is less than a binding lifetime of the firewall device; and
receiving a response from the first device at the second device via the signaling channel, wherein the response indicates to the firewall device that the signaling channel is active. - View Dependent Claims (22, 23, 24, 25)
-
Specification