Methods for Associating an IP Address to a User Via an Appliance
First Claim
1. A method for assigning, by an appliance, one of a plurality of multiple intranet internet protocol addresses of a network to a user when the user accesses the network via a secure socket layer virtual private network connection (SSL VPN), the method comprising the steps of:
- (a) designating, via an appliance, a plurality of intranet internet protocol addresses of a first network to a user accessing the first network via a SSL VPN connection, the appliance providing SSL VPN connectivity between the first network and a client on a second network;
(b) receiving, by the appliance, a request from the client operated by the user to establish a SSL VPN connection with the first network; and
(c) assigning, by the appliance, to the client as an internet protocol address on the first network a first intranet internet protocol address of the first user from the plurality of intranet internet protocol addresses, the first intranet internet protocol address previously assigned to the first user.
8 Assignments
0 Petitions
Accused Products
Abstract
The intranet IP address management solution of the appliance and/or client described herein provides an environment for efficiently assigning, managing and querying virtual private network addresses, referred to as intranet IP (IIP) addresses of virtual private network users, such as a multitude of SSL VPN users on an enterprise network. The appliance provides techniques and policies for assigning previously assigned virtual private network addresses of a user to subsequent sessions of the user as the user logs in multiple times or roams between access points. This technique is referred to IIP stickiness as the appliance attempts to provide the same IIP address to a roaming VPN user. The appliance also provides a configurable user domain naming policy so that one can ping or query the virtual private network address of a user by an easily referenceable host name identifying the user. The appliance and/or client agent also provide techniques to allow applications to seamlessly and transparently communicate on the virtual private network using the virtual private network address of the user or client on the private network.
-
Citations
28 Claims
-
1. A method for assigning, by an appliance, one of a plurality of multiple intranet internet protocol addresses of a network to a user when the user accesses the network via a secure socket layer virtual private network connection (SSL VPN), the method comprising the steps of:
-
(a) designating, via an appliance, a plurality of intranet internet protocol addresses of a first network to a user accessing the first network via a SSL VPN connection, the appliance providing SSL VPN connectivity between the first network and a client on a second network; (b) receiving, by the appliance, a request from the client operated by the user to establish a SSL VPN connection with the first network; and (c) assigning, by the appliance, to the client as an internet protocol address on the first network a first intranet internet protocol address of the first user from the plurality of intranet internet protocol addresses, the first intranet internet protocol address previously assigned to the first user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system for assigning one of a plurality of multiple intranet internet protocol addresses of a network to a user when the user accesses the network via a secure socket layer virtual private network connection (SSL VPN), the system comprising:
-
means for designating, via an appliance, a plurality of intranet internet protocol addresses of a first network to a user accessing the first network via a SSL VPN connection, the appliance providing SSL VPN connectivity between the first network and a client on a second network; means for receiving, by the appliance, a request from the client operated by the user to establish a SSL VPN connection with the first network; and means for assigning, by the appliance, to the client as an internet protocol address on the first network a first intranet internet protocol address of the first user from the plurality of intranet internet protocol addresses, the first intranet internet protocol address previously assigned to the first user. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
Specification