×

System and method for network address translation integration with IP security

  • US 6,615,357 B1
  • Filed: 01/29/1999
  • Issued: 09/02/2003
  • Est. Priority Date: 01/29/1999
  • Status: Expired due to Term
First Claim
Patent Images

1. A method of operating one or more tunnels of nested protocols that integrate network address translation (NAT) at an Internet Protocol (IP) layer, comprising the steps of:

  • configuring a tunnel NAT IP address pool;

    independently configuring one or more tunnels in a virtual private network to utilize tunnel NAT at one or both of a local and a remote tunnel endpoint;

    upon starting an instantiation of a tunnel, selectively automatically generating a specific tunnel NAT rule or using a configured tunnel NAT rule as an instantiation-specific tunnel NAT rule for said instantiation;

    applying said instantiation-specific NAT rule to a local or remote IP address to generate a NAT address from said NAT IP address pool;

    using said NAT address, negotiating tunnel configuration and operational parameters between tunnel endpoints;

    loading said operational parameters into an operating system kernel, said operational parameters including said instantiation-specific tunnel NAT rule; and

    processing packet traffic as it enters and exits said local tunnel endpoint by applying said instantiation-specific tunnel NAT rule to each packet.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×