SYSTEM AND METHOD FOR EASING COMMUNICATIONS BETWEEN DEVICES CONNECTED RESPECTIVELY TO PUBLIC NETWORKS SUCH AS THE INTERNET AND TO PRIVATE NETWORKS BY FACILITATING RESOLUTION OF HUMAN-READABLE ADDRESSES
First Claim
1. A system comprising a virtual private network and an external device interconnected by a digital network,the virtual private network having a firewall, at least one internal device and a nameserver each having a virtual private network address, wherein the external device has been provided only the virtual private network address of the firewall prior to the establishment of a secure tunnel connection therebetween, the internal device also having a secondary address, the nameserver being configured to provide an association between the secondary address and the virtual private network address, the firewall is configured to, in response to a request from the external device to establish a secure tunnel connection therebetween, provide the external device with the virtual private network address of the nameserver, and the external device is configured to, in response to a request requesting access to the internal device including the internal device'"'"'s secondary address, generate a network address request message for transmission over the secure tunnel connection to the firewall requesting resolution of the virtual private network address associated with the secondary address, the firewall being configured to provide the address resolution request to the nameserver, the nameserver being configured to provide the virtual private network address associated with the secondary address, the firewall in turn being further configured to provide the virtual private network address in a network address message for transmission over the secure tunnel connection to the external device.
2 Assignments
0 Petitions
Accused Products
Abstract
“A system [comprises] includes a virtual private network and an external device interconnected by a digital network. The virtual private network has a firewall, at least one internal device and a nameserver each having a network address. The internal device also has a secondary address, and the nameserver is configured to provide an association between the secondary address and the network address. The firewall, in response to a request from the external device to establish a connection therebetween, provides the external device with the network address of the nameserver. The external device, in response to a request from an operator or the like, including the internal device'"'"'s secondary address, requesting access to the internal device, generates a network address request message for transmission over the connection to the firewall requesting resolution of the network address associated with the secondary address. The firewall provides the address resolution request to the nameserver, and the nameserver provides the network address associated with the secondary address to the firewall. The firewall, in turn, provides the network address in a network address response message for transmission over the connection to the external device. The external device can thereafter use the network address so provided in subsequent communications with the firewall intended for the internal device.”
181 Citations
18 Claims
-
1. A system comprising a virtual private network and an external device interconnected by a digital network,
the virtual private network having a firewall, at least one internal device and a nameserver each having a virtual private network address, wherein the external device has been provided only the virtual private network address of the firewall prior to the establishment of a secure tunnel connection therebetween, the internal device also having a secondary address, the nameserver being configured to provide an association between the secondary address and the virtual private network address, the firewall is configured to, in response to a request from the external device to establish a secure tunnel connection therebetween, provide the external device with the virtual private network address of the nameserver, and the external device is configured to, in response to a request requesting access to the internal device including the internal device'"'"'s secondary address, generate a network address request message for transmission over the secure tunnel connection to the firewall requesting resolution of the virtual private network address associated with the secondary address, the firewall being configured to provide the address resolution request to the nameserver, the nameserver being configured to provide the virtual private network address associated with the secondary address, the firewall in turn being further configured to provide the virtual private network address in a network address message for transmission over the secure tunnel connection to the external device.
-
7. A method of operating a system comprising a virtual private network and an external device interconnected by a digital network, the virtual private network having a firewall, at least one internal device and a nameserver each having a virtual private network address, wherein the external device has been provided only the virtual private network address of the firewall prior to the establishment of a secure tunnel connection therebetween, the internal device also having a secondary address, the nameserver being configured to provide an association between the secondary address and the virtual private network address, the method comprising the steps of:
-
A. enabling the firewall, in response to a request from the external device to establish a secure tunnel connection therebetween, provide the external device with the virtual private network address of the nameserver; and
B. enabling (i) the external device, in response to a request requesting access to the internal device including the internal device'"'"'s secondary address, to generate a network address request message for transmission over the secure tunnel connection to the firewall requesting resolution of the virtual private network address associated with the secondary address, (ii) the firewall to provide the address resolution request to the nameserver, (iii) The nameserver to provide the virtual private network address associated with the secondary address, and (iv) the firewall to provide the virtual private network address in a network address response message for transmission over the secure tunnel connection to the external device. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer program product for use in connection with a virtual private network and an external device interconnected by a digital network, the virtual private network having a firewall, at least one internal device and a nameserver each having a virtual private network address, wherein the external device has been provided only the virtual private network address of the firewall prior to the establishment of a secure tunnel connection therebetween, the internal device also having a secondary address, the nameserver being configured to provide an association between the secondary address and the virtual private network address, the computer program product comprising a machine readable medium having encoded thereon:
-
A. a nameserver identification code module configured to enable the firewall, in response to a request from the external device to establish a secure tunnel connection therebetween, to provide the external device with the virtual private network address of the nameserver, B. a network address request message generating code module for enabling the external device, in response to a request requesting access to the internal device including the internal device'"'"'s secondary address, to generate a network address request message for transmission over the secure tunnel connection to the firewall requesting resolution of the virtual private network address associated with the secondary address, C. an address resolution request forwarding module for enabling the firewall to provide the address resolution request to the nameserver, D. a nameserver control module for enabling the nameserver to provide the virtual private network address associated with the secondary address, and E. a network address response message forwarding module for enabling the firewall to provide the virtual private network address in a network address response message for transmission over the connection to the external device. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification