Connecting VPN users in a public network

US 7,568,220 B2
Filed: 04/19/2005
Issued: 07/28/2009
Est. Priority Date: 04/19/2005
Status: Active Grant

First Claim

Patent Images

1. A method for connecting a user computer to a virtual private network (VPN) on a first computer network via a second computer network, the method comprising:

providing in the user computer a limited-functionality authorization client;

automatically transmitting a connection request to the VPN by the user computer, via the second computer network;

responsively to a success of said connection request, automatically sending a predefined response message by the VPN to the user computer;

responsively to receiving said predefined response message by the user computer, automatically establishing a connection between the user computer and the VPN via the second computer network;

responsively to a failure of said connection request, automatically terminating said automatically transmitting a connection request to the VPN;

responsively to a failure of said receiving said predefined response message by the user computer, automatically terminating said automatically transmitting a connection request to the VPN;

responsively to said automatically terminating, automatically soliciting the second computer network to authorize the user computer via said limited-functionality authorization client; and

upon authorization by the second computer network, establishing a connection between the user computer and the VPN via the second computer network, wherein automatically soliciting the second computer network comprises, upon failure of said connection request, invoking said authorization client for authorizing the user computer in the second computer network.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for connecting a user computer to a first computer network includes transmitting a connection request by the user computer, via a second computer network, requesting a connection to the first computer network. The second computer network is automatically solicited to authorize the user computer, responsively to a failure of the connection request. Upon authorization by the second computer network, a connection is established between the user computer and the first computer network via the second computer network.

Citations

19 Claims

1. A method for connecting a user computer to a virtual private network (VPN) on a first computer network via a second computer network, the method comprising:
- providing in the user computer a limited-functionality authorization client;
  
  automatically transmitting a connection request to the VPN by the user computer, via the second computer network;
  
  responsively to a success of said connection request, automatically sending a predefined response message by the VPN to the user computer;
  
  responsively to receiving said predefined response message by the user computer, automatically establishing a connection between the user computer and the VPN via the second computer network;
  
  responsively to a failure of said connection request, automatically terminating said automatically transmitting a connection request to the VPN;
  
  responsively to a failure of said receiving said predefined response message by the user computer, automatically terminating said automatically transmitting a connection request to the VPN;
  
  responsively to said automatically terminating, automatically soliciting the second computer network to authorize the user computer via said limited-functionality authorization client; and
  
  upon authorization by the second computer network, establishing a connection between the user computer and the VPN via the second computer network, wherein automatically soliciting the second computer network comprises, upon failure of said connection request, invoking said authorization client for authorizing the user computer in the second computer network.

2. The method according to claim 1, wherein establishing said connection comprises establishing a tunnel through the second computer network to the VPN.

3. The method according to claim 2, wherein the second computer network comprises a public network.

4. The method according to claim 1, wherein transmitting the connection request via the second computer network comprises requesting Internet access via a wireless connection in a hotspot.

5. The method according to claim 1, wherein transmitting the connection request comprises transmitting the request periodically, until completion of the authorization by the second computer network.

6. The method according of claim 1, wherein the authorization client is configured to communicate with the second computer network using a Hypertext Transfer Protocol (HTTP).

7. The method according of claim 1, wherein the authorization client is configured to permit a user to perform only authorization-related actions until the authorization of the user computer by the second computer network is completed.

8. The method according to claim 1, wherein establishing the connection between the user computer and the virtual private network (VPN) comprises receiving at the user computer predefined XML content from the VPN responsively to the connection request, and parsing the XML content according to a predefined XML schema so as to validate the XML content.

9. The method according to claim 1, wherein soliciting the second computer network comprises causing the second computer network to request and receive billing information from the user computer.

10. Apparatus for connecting a user computer to a virtual private network (VPN) on a first computer network via a second computer network, the apparatus comprising:
- a network interface, which is arranged to communicate with the second computer network; and
  
  a limited-functionality authorization client in the user computer, which is coupled to the network interface so as to transmit a connection request, via the second computer network, requesting a connection to the VPN, and which is arranged, responsively to a failure of the connection request, to automatically solicit the second computer network to authorize the user computer, and upon authorization by the second computer network, to establish a connection between the user computer and the VPN via the second computer network, wherein the user computer is configured to invoke said authorization client upon failure of the connection request, wherein said authorization client is arranged to authorize the user computer in the second computer network.

11. The apparatus according to claim 10, wherein the user computer is arranged to establish a tunnel through the second computer network to the virtual private network.

12. The apparatus according to claim 11, wherein the second computer network comprises a public network.

13. The apparatus according to claim 10, wherein the network interface comprises a wireless interface, and wherein the user computer is arranged to request Internet access via a wireless connection in a hotspot.

14. The apparatus according to claim 10, wherein the user computer is arranged to transmit the connection request periodically, until completion of the authorization by the second computer network.

15. The apparatus according of claim 10, wherein said authorization client is arranged to communicate with the second computer network using a Hypertext Transfer Protocol (HTTP).

16. The apparatus according of claim 10, wherein said authorization client is arranged to permit a user of the computer to perform only authorization-related actions until the authorization of the user terminal by the second computer network is completed.

17. The apparatus according to claim 10, wherein the user computer is arranged to receive predefined XML content from the virtual private network (VPN) responsively to the connection request, and to parse the XML content according to a predefined XML schema so as to validate the XML content.

18. The apparatus according to claim 10, wherein the user computer is arranged to cause the second computer network to request and receive billing information from the user computer.

19. The apparatus of claim 10, further comprising:
- a network interface, which is arranged to communicate with the virtual private network (VPN); and
  
  a communication processor, which is coupled to the network interface so as to receive a connection request sent from the user computer via a second computer network, requesting a connection to the VPN, and to transmit predefined XML content to the user computer so as to establish a connection between the user computer and the VPN via the second computer network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Burshan, Chen Yehezkel
Primary Examiner(s)
JUNG, DAVID YIUK

Application Number

US11/110,188
Publication Number

US 20060236378A1
Time in Patent Office

1,561 Days
Field of Search

726/4
US Class Current

726/4
CPC Class Codes

H04L 63/0272   Virtual private networks

H04W 74/00   Wireless channel access

H04W 76/10   Connection setup

H04W 88/06   adapted for operation in mu...

H04W 92/02   Inter-networking arrangements

Connecting VPN users in a public network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Connecting VPN users in a public network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links