Method and apparatus for establishing dynamic tunnel access sessions in a communication network
First Claim
1. A method for dynamically creating a tunnel in a communications network to provide subscribers host access to a network service, comprising:
- storing a subscriber profile in a network database, wherein the subscriber profile includes subscriber-specific network service tunneling requirements for a plurality of network services that are available to the subscriber, the network service tunneling requirements including information for identifying tunnel requirements for each of those services;
receiving at a network device a first subscriber data packet associated with a first network service;
accessing the subscriber profile to determine if the first network service has a subscriber-specific tunneling requirement; and
creating a first tunnel if a determination is made that the subscriber profile requires a first network service tunnel, wherein the first tunnel has a first end point at the network device and a second end point at the first network service; and
providing simultaneous access to a tunnel access session to more than one subscriber accessing the communications network,wherein the subscriber profile defines tunneling requirements for the plurality of network services that the subscriber has been authorized to access.
8 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for implementing dynamic tunnel access sessions at a network device within a communications network. The tunnel access sessions are created between a network device, typically a gateway device and a network service, such as the Internet or a corporate intranet. The dynamic tunnel access sessions provide for subscriber-transparent tunneling. The present invention does not require special client-side software to be loaded on the remote host of the subscriber, and does not require any manual configuration of the remote host. A subscriber is capable of establishing more than one tunnel access session to more than one network service during a network session. Additionally, more than one subscriber who accesses the communication network via the network device is able to establish a communication link with a pre-existing tunnel.
-
Citations
18 Claims
-
1. A method for dynamically creating a tunnel in a communications network to provide subscribers host access to a network service, comprising:
-
storing a subscriber profile in a network database, wherein the subscriber profile includes subscriber-specific network service tunneling requirements for a plurality of network services that are available to the subscriber, the network service tunneling requirements including information for identifying tunnel requirements for each of those services; receiving at a network device a first subscriber data packet associated with a first network service; accessing the subscriber profile to determine if the first network service has a subscriber-specific tunneling requirement; and creating a first tunnel if a determination is made that the subscriber profile requires a first network service tunnel, wherein the first tunnel has a first end point at the network device and a second end point at the first network service; and providing simultaneous access to a tunnel access session to more than one subscriber accessing the communications network, wherein the subscriber profile defines tunneling requirements for the plurality of network services that the subscriber has been authorized to access. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for dynamically creating a tunnel in a communications network to provide a subscriber host access to a destination network, comprising:
-
a storage device that stores a subscriber profile, wherein the subscriber profile includes subscriber-specific network service tunneling requirements for a plurality of network services that are available to the subscriber, the network service tunneling requirements including information for identifying tunnel requirements for each of those services; means for receiving at a network device a first data packet associated with a first network service; means for accessing the subscriber profile to determine if the first network service has a subscriber-specific tunneling requirement; and means for creating a first tunnel if a determination is made that the subscriber profile requires a first network service tunnel, wherein the first tunnel has a first end point at the first end point at the network device and a second end point at the first network service, wherein the means for creating a first tunnel is capable of providing simultaneous access to a tunnel access session to more than one subscriber accessing the communications network, and wherein the subscriber profile defines tunneling requirements for more than one network services that the subscriber has been authorized to access. - View Dependent Claims (10, 11)
-
-
12. A network device that dynamically creates a tunnel in a communications network to provide a subscriber host access to a destination network, comprising:
-
a processor that receives from a subscriber a data packet associated with a network service; a database accessed by the processor that stores a subscriber profile that defines subscriber-specific network service tunnel requirements for a plurality of network services, the subscriber-specific network service tunnel requirements including information for identifying requirements for establishing a tunnel for each of those services; and a tunnel management module implemented by the processor that communicates with the database to determine if the subscriber requires a tunnel for access to the network service and, if a determination is made that the tunnel is required, the tunnel management module creates a tunnel access session between the network device and the network service, wherein the tunnel management module is capable of providing simultaneous access to the tunnel access session to more than one subscriber accessing the communications network through the network device, and wherein the subscriber profile defines tunneling requirements for the more than one network services that the subscriber has been authorized to access. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
Specification