Method and apparatus for assigning network addresses to network devices
First Claim
1. A method for assigning network addresses to network devices, the method comprising the computer-implemented steps of:
- receiving an address allocation request from a client network device that does not have an assigned network address;
generating a network device authentication request that requests authentication of identification data that uniquely identifies the network device;
sending the authentication request to an authentication mechanism;
wherein the authentication mechanism comprises an authentication, authorization and accounting (AAA) server;
receiving an authentication response from the authentication mechanism;
if the authentication response indicates that the network device is authorized to access a first network, then assigning to the network device, a trusted network address on the first network, andif the authentication response indicates that the network device is not authorized to access a first network, then assigning to the network device, an untrusted network address on a second network;
wherein the trusted and untrusted network addresses are assigned to the network device without respect to port assignment;
wherein the generating, the sending and the receiving the authentication response all are performed in response to receiving the address allocation request.
1 Assignment
0 Petitions
Accused Products
Abstract
According to an approach for assigning network addresses to network devices, an authentication request that requests authentication of identification data that uniquely identifies a network device is generated and sent to an authentication mechanism. An authentication response is received from the authentication mechanism that indicates whether the network device is authorized to access a first network. If the authentication response indicates that the network device is authorized to access the first network, then a first network address on a first network is assigned to the network device. If the authentication response indicates that the network device is not authorized to access the first network, then a second network address on a second network to the network device is assigned. If no authentication response is received from the authentication mechanism, then the second network address on the second network is assigned to the network device.
52 Citations
47 Claims
-
1. A method for assigning network addresses to network devices, the method comprising the computer-implemented steps of:
-
receiving an address allocation request from a client network device that does not have an assigned network address; generating a network device authentication request that requests authentication of identification data that uniquely identifies the network device; sending the authentication request to an authentication mechanism; wherein the authentication mechanism comprises an authentication, authorization and accounting (AAA) server; receiving an authentication response from the authentication mechanism; if the authentication response indicates that the network device is authorized to access a first network, then assigning to the network device, a trusted network address on the first network, and if the authentication response indicates that the network device is not authorized to access a first network, then assigning to the network device, an untrusted network address on a second network; wherein the trusted and untrusted network addresses are assigned to the network device without respect to port assignment; wherein the generating, the sending and the receiving the authentication response all are performed in response to receiving the address allocation request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 46)
-
-
11. A method for assigning network addresses to network devices, the method comprising the computer-implemented steps of:
-
receiving an address allocation request from a client network device that does not have an assigned network address; generating a network device authentication request that requests authentication of identification data that uniquely identifies the network device; sending the authentication request to an authentication mechanism; wherein the authentication mechanism comprises an authentication, authorization and accounting (AAA) server; determining whether an authentication response is received from the authentication mechanism; if the authentication response is received from the authentication mechanism, then determining whether the authentication response indicates the network device is authorized to access a first network; if the authentication response indicates that the network device is authorized to access the first network, then assigning, to the network device, a trusted network address on the first network; if the authentication response indicates that the network device is not authorized to access the first network, then assigning, to the network device, an untrusted network address on a second network; and if the authentication response is not received from the authentication mechanism, then assigning, to the network device, an untrusted network address on the second network; wherein the trusted and untrusted network addresses are assigned to the network device without respect to port assignment; wherein the generating, the sending and the determining all are performed in response to receiving the address allocation request.
-
-
12. A computer-readable storage medium carrying one or more sequences of instructions for assigning addresses to network devices, which instructions, when executed by one or more processors, cause the one or more processors to carry out the steps of:
-
receiving an address allocation request from a client network device that does not have an assigned network address; generating a network device authentication request that requests authentication of identification data that uniquely identifies the network device; sending the authentication request to an authentication mechanism; wherein the authentication mechanism comprises an authentication, authorization and accounting (AAA) server; receiving an authentication response from the authentication mechanism; if the authentication response indicates that the network device is authorized to access a first network, then assigning, to the network device, a trusted network address on the first network, and if the authentication response indicates that the network device is not authorized to access the first network, then assigning, to the network device, an untrusted network address on the second network; wherein the trusted and untrusted network addresses are assigned to the network device without respect to port assignment; wherein the generating, the sending and the receiving the authentication response all are performed in response to receiving the address allocation request. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A computer-readable storage medium carrying one or more sequences of instructions for assigning network addresses to devices, which instructions, when executed by one or more processors, cause the one or more processors to carry out the steps of:
-
receiving an address allocation request from a client network device that does not have an assigned network address; generating a network device authentication request that requests authentication of identification data that uniquely identifies the network device; sending the authentication request to an authentication mechanism; wherein the authentication mechanism comprises an authentication, authorization and accounting (AAA) server; determining whether an authentication response is received from the authentication mechanism; if the authentication response is received from the authentication mechanism, then determining whether the authentication response indicates the network device is authorized to access a first network; if the authentication response indicates that the network device is authorized to access the first network, then assigning, to the network device, a trusted network address on the first network; if the authentication response indicates that the network device is not authorized to access the first network, then assigning, to the network device, an untrusted network address on a second network; and if the authentication response is not received from the authentication mechanism, then assigning, to the network device, a an untrusted network address on the second network; wherein the trusted and untrusted network addresses are assigned to the network device without respect to port assignment; wherein the generating, the sending and the determining all are performed in response to receiving the address allocation request.
-
-
23. An apparatus for assigning network addresses to network devices, comprising:
-
means for receiving an address allocation request from a client network device that does not have an assigned network address; means for generating a network device authentication request that requests authentication of identification data that uniquely identifies the network device; means for sending the authentication request to an authentication mechanism; means for determining whether an authentication response is received from the authentication mechanism; wherein the authentication mechanism comprises an authentication, authorization and accounting (AAA) server;
means for determining if the authentication response is received from the authentication mechanism and for determining whether the authentication response indicates the network device is authorized to access a first network;means for assigning, to the network device, a trusted network address on the first network if the authentication response indicates that the network device is authorized to access a first network; means for assigning, to the network device, an untrusted network address on a second network if the authentication response indicates that the network device is not authorized to access a first network; means for assigning, to the network device, an untrusted network address on the second network if the authentication response is not received from the authentication mechanism; wherein the means for assigning the trusted and untrusted network addresses to the network device is performed without respect to port assignment; wherein the means for generating, sending and determining all are performed in response to receiving the address allocation request.
-
-
24. An apparatus for assigning network addresses to network devices comprising
a memory having one or more stored sequences of instructions which, when executed by one or more processors, cause the one or more processors to: -
receive an address allocation request from a client network device that does not have an assigned network address; generate a network device authentication request that requests authentication of identification data that uniquely identifies the network device; send the authentication request to an authentication mechanism; wherein the authentication mechanism comprises an authentication, authorization and accounting (AAA) server; determine whether an authentication response is received from the authentication mechanism; if the authentication response is received from the authentication mechanism, then determine whether the authentication response indicates the network device is authorized to access a first network; if the authentication response indicates that the network device is authorized to access the first network, then assign, to the network device, a trusted network address on the first network; if the authentication response indicates that the network device is not authorized to access the first network, then assign, to the network device, an untrusted network address on a second network; if the authentication response is not received from the authentication mechanism, then assign, to the network device, an untrusted network address on the second network; wherein the trusted and untrusted network addresses are assigned to the network device without respect to port assignment; wherein the instructions to generate, send and receive an authentication response all are responsive to the instructions to receive the address allocation request.
-
-
25. An apparatus for assigning network addresses to network devices, comprising:
-
means for receiving an address allocation request from a client network device that does not have an assigned network address; means for generating a network device authentication request that requests authentication of identification data that uniquely identifies a network device; means for sending the authentication request to an authentication mechanism; means for receiving an authentication response from the authentication mechanism; means for assigning, to the network device, a trusted network address on the first network if the authentication response indicates that the network device is authorized to access the first network, and means for assigning, to the network device, an untrusted network address on a second network if the authentication response indicates that the network device is not authorized to access the first network; wherein the means for assigning the trusted and untrusted network addresses to the network device by is performed by a network address allocator; wherein the means for generating, sending and receiving the authentication response all are responsive to the means for receiving the address allocation request. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. An apparatus for assigning network addresses to network devices comprising:
-
a memory having one or more stored sequences of instructions which, when executed by one or more processors, cause the one or more processors to; receive an address allocation request from a client network device that does not have an assigned network address; generate a network device authentication request that requests authentication of identification data that uniquely identifies the network device; send the authentication request to an authentication mechanism; wherein the authentication mechanism comprises an authentication, authorization and accounting (AAA) server; receive an authentication response from the authentication mechanism; if the authentication response indicates that the network device is authorized to access a first network, then assign, to the network device, a trusted network address on the first network, and if the authentication response indicates that the network device is not authorized to access the first network, then assign, to the network device, an untrusted network address on the second network; wherein the trusted and untrusted network addresses are assigned to the network device without respect to port assignment; wherein the instructions to generate, send and receive an authentication response all are performed in response to the instructions to receive the address allocation request. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 47)
-
Specification