NETWORK GATEWAY APPARATUS
First Claim
1. A network gateway apparatus, comprising:
- a first network interface card connected to a first network and configured to communicate with devices connected to the first network;
a second network interface card connected to a second network and configured to communicate with devices connected to the second network;
a processor includingan initialization unit configured to initialize the first and second network interface cards to an unprotected state, anda TCP/IP protocol stack configured to perform communication processing between the first and second network interface cards,wherein when a packet is received via the first network interface card, the processorreplaces an origin MAC address of the packet with a first temporary MAC address, an origin IP address with a first temporary IP address, a destination MAC address with a MAC address of the second network interface card, and a destination IP address with an IP address of the second network interface card,then transmits the packet to the TCP/IP protocol stack, andthe TCP/IP protocol stack transmits the packet to the second network interface card based on the destination MAC address and the destination IP address of the packet after rewriting by the processor.
2 Assignments
0 Petitions
Accused Products
Abstract
A network gateway apparatus which adds encryption to easily implement secure communication without affecting network environment settings includes two network interface cards to communicate on two networks. The processor of the network gateway apparatus initializes communications through the network interface cards and uses a TCP/IP protocol stack to communicate through the network interface cards. When a packet is received by one of the network interface cards, the processor replaces the origin MAC and IP addresses and the destination MAC and IP addresses with temporary values. Then the processor encrypts the payload. The packet is sent to the TCP/IP protocol stack, which sends the packet to one of the two network interface cards according to the temporary values. The MAC an IP addresses of the final destination of the packet are rewritten to the packet and the packet is transmitted.
-
Citations
13 Claims
-
1. A network gateway apparatus, comprising:
-
a first network interface card connected to a first network and configured to communicate with devices connected to the first network; a second network interface card connected to a second network and configured to communicate with devices connected to the second network; a processor including an initialization unit configured to initialize the first and second network interface cards to an unprotected state, and a TCP/IP protocol stack configured to perform communication processing between the first and second network interface cards, wherein when a packet is received via the first network interface card, the processor replaces an origin MAC address of the packet with a first temporary MAC address, an origin IP address with a first temporary IP address, a destination MAC address with a MAC address of the second network interface card, and a destination IP address with an IP address of the second network interface card, then transmits the packet to the TCP/IP protocol stack, and the TCP/IP protocol stack transmits the packet to the second network interface card based on the destination MAC address and the destination IP address of the packet after rewriting by the processor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of providing secure communication in a network environment, comprising:
-
connecting a first network interface card to a first network; connecting a second interface card to a second network; initializing the first and second network interface cards to an unprotected state; receiving a packet via the first network interface card; replacing, in the packet, an origin MAC address with a first temporary MAC address, an origin IP address with a first temporary IP address, a destination MAC address with a MAC address of the second network interface card and a destination IP address with an IP address of the second interface card; transmitting the packet to a TCP/IP protocol stack; and transmitting the packet from the TCP/IP protocol stack to the second network interface card based on the destination MAC address and the destination IP address of the packet after the replacing step.
-
-
13. A non-transitory computer-readable medium encoded with computer-readable instructions thereon that when executed by a computer cause the computer to perform a method comprising:
-
connecting a first network interface card to a first network; connecting a second interface card to a second network; initializing the first and second network interface cards to an unprotected state; receiving a packet via the first network interface card; replacing, in the packet, an origin MAC address with a first temporary MAC address, an origin IP address with a first temporary IP address, a destination MAC address with a MAC address of the second network interface card and a destination IP address with an IP address of the second interface card; transmitting the packet to a TCP/IP protocol stack; and transmitting the packet from the TCP/IP protocol stack to the second network interface card based on the destination MAC address and the destination IP address of the packet after the replacing step.
-
Specification