Systems and Methods for Pinging A User's Intranet IP Address

US 20080043761A1
Filed: 08/21/2006
Published: 02/21/2008
Est. Priority Date: 08/21/2006
Status: Active Grant

First Claim

Patent Images

1. A method for determining an intranet internet protocol address assigned to a user logged into a network via a secure socket layer virtual private network connection (SSL VPN), the method comprising the steps of:

(a) assigning, by an appliance, an intranet internet protocol address of a network to a first user establishing an SSL VPN connection to the network;

(b) storing, by the appliance, in a domain name service an association of the intranet internet protocol address assigned to the first user with a user domain name comprising a domain name suffix appended to an identifier of the first user;

(c) receiving, by the appliance, a request for the intranet internet protocol address of the user domain name;

(d) determining, by the appliance, from the domain name service the intranet internet protocol address associated with the user domain name; and

(e) providing, by the appliance, in response to the request, the intranet internet protocol address assigned to the first user.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The intranet IP address management solution of the appliance and/or client described herein provides an environment for efficiently assigning, managing and querying virtual private network addresses, referred to as intranet IP (IIP) addresses of virtual private network users, such as a multitude of SSL VPN users on an enterprise network. The appliance provides techniques and policies for assigning previously assigned virtual private network addresses of a user to subsequent sessions of the user as the user logs in multiple times or roams between access points. This technique is referred to IIP stickiness as the appliance attempts to provide the same IIP address to a roaming VPN user. The appliance also provides a configurable user domain naming policy so that one can ping or query the virtual private network address of a user by an easily referenceable host name identifying the user. The appliance and/or client agent also provide techniques to allow applications to seamlessly and transparently communicate on the virtual private network using the virtual private network address of the user or client on the private network.

Citations

22 Claims

1. A method for determining an intranet internet protocol address assigned to a user logged into a network via a secure socket layer virtual private network connection (SSL VPN), the method comprising the steps of:
- (a) assigning, by an appliance, an intranet internet protocol address of a network to a first user establishing an SSL VPN connection to the network;
  
  (b) storing, by the appliance, in a domain name service an association of the intranet internet protocol address assigned to the first user with a user domain name comprising a domain name suffix appended to an identifier of the first user;
  
  (c) receiving, by the appliance, a request for the intranet internet protocol address of the user domain name;
  
  (d) determining, by the appliance, from the domain name service the intranet internet protocol address associated with the user domain name; and
  
  (e) providing, by the appliance, in response to the request, the intranet internet protocol address assigned to the first user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, comprising identifying, by the appliance, a policy specifying the domain name suffix to append to an identifier of a user
  - 3. The method of claim 1, comprising configuring, by a user via the appliance, the domain name suffix of the policy.
  - 4. The method of claim 1, wherein the domain name suffix comprises a domain name of the network.
  - 5. The method of claim 1, comprising pinging, by a second user, the intranet internet protocol address of the first user using the user domain name.
  - 6. The method of claim 5, wherein the second user is connected to the network via a SSL VPN connection.
  - 7. The method of claim 1, comprising querying, by an application, the domain name service, the intranet internet protocol address of the first user using the user domain name.
  - 8. The method of claim 1, comprising assigning, by the appliance, to the first user a first intranet internet protocol address from a plurality of intranet internet protocol addresses associated with the first user.
  - 9. The method of claim 8, comprising assigning, by the appliance, a most recently used intranet internet protocol address of the first user as the first intranet internet protocol address.
  - 10. The method of claim 1, comprising storing, by the appliance, the user domain name associated with the intranet internet protocol address of the first user on a domain name service cache of the appliance.
  - 11. The method of claim 1, wherein the appliance includes the domain name service.

12. A system for determining an intranet internet protocol address assigned to a user logged into a network via a secure socket layer virtual private network connection (SSL VPN), the system comprising:
- means for assigning, by an appliance, an intranet internet protocol address of a network to a first user establishing an SSL VPN connection to the network;
  
  means for storing, by the appliance, in a domain name service an association of the intranet internet protocol address assigned to the first user with a user domain name comprising a domain name suffix appended to an identifier of the first user;
  
  means for receiving, by the appliance, a request for the intranet internet protocol address of the user domain name;
  
  means for determining, by the appliance, from the domain name service the intranet internet protocol address associated with the user domain name; and
  
  means for providing, by the appliance, in response to the request, the intranet internet protocol address assigned to the first user.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The system of claim 12, comprising means for identifying, by the appliance, a policy specifying the domain name suffix to append to an identifier of a user
  - 14. The system of claim 12, comprising means for configuring, by a user via the appliance, the domain name suffix of the policy.
  - 15. The system of claim 12, wherein the domain name suffix comprises a domain name of the network.
  - 16. The system of claim 12, comprising means for pinging, by a second user, the intranet internet protocol address of the first user using the user domain name.
  - 17. The system of claim 16, wherein the second user is connected to the network via a SSL VPN connection.
  - 18. The system of claim 12, comprising means for querying, by an application, the domain name service, the intranet internet protocol address of the first user using the user domain name.
  - 19. The system of claim 12, comprising means for assigning, by the appliance, to the first user a first intranet internet protocol address from a plurality of intranet internet protocol addresses associated with the first user.
  - 20. The system of claim 19, comprising means for assigning, by the appliance, a most recently used intranet internet protocol address of the first user as the first intranet internet protocol address.
  - 21. The system of claim 12, comprising means for storing, by the appliance, the user domain name associated with the intranet internet protocol address of the first user on a domain name service cache of the appliance.
  - 22. The system of claim 12, wherein the appliance includes the domain name service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Citrix Systems, Inc. (Cloud Software Group)
Inventors
Harris, James, Kumar, Arkesh

Granted Patent

US 8,451,806 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/401
CPC Class Codes

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 61/4511   using domain name system [DNS]

H04L 61/5061   Pools of addresses

H04L 61/5084   Providing for device mobili...

Systems and Methods for Pinging A User's Intranet IP Address

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and Methods for Pinging A User's Intranet IP Address

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links