Methods and systems for connecting mobile nodes to private networks
First Claim
Patent Images
1. A method, comprising:
- connecting a mobile node to an access point outside a private network;
forming an internet protocol security tunnel between the mobile node and a home agent on the private network for a transfer of packets;
roaming the mobile node into a region of the private network and connecting the mobile node to the private network using a private network access point, while maintaining the internet protocol security tunnel between the mobile node and the home agent,wherein when the mobile node is outside the private network forming the internet protocol security tunnel between the mobile node and the home agent further comprises forming an internet protocol security tunnel between the mobile node and a private network gateway and forming an internet protocol security tunnel between the private network gateway and the home agent, wherein when the mobile nodes roams into the region of the private network, the internet protocol security tunnel is maintained between the mobile node and the home agent without traversing the private network gateway, andwherein roaming the mobile node into the private network comprises sending, by the mobile node, an update message to the home agent, and receiving an acknowledgement message from the home agent, wherein the acknowledgment message indicates that the home agent has updated the security association and an internet protocol address for the mobile node.
4 Assignments
0 Petitions
Accused Products
Abstract
When mobile node is connected to an access point outside the private network, a tunnel is formed between the mobile node and a home agent on the private network for the transfer of packets. When, the mobile node roams into a region accessible to the private network, the mobile node is connected to the private network using a private network access point while maintaining the tunnel between the mobile node and the home agent.
-
Citations
22 Claims
-
1. A method, comprising:
-
connecting a mobile node to an access point outside a private network; forming an internet protocol security tunnel between the mobile node and a home agent on the private network for a transfer of packets; roaming the mobile node into a region of the private network and connecting the mobile node to the private network using a private network access point, while maintaining the internet protocol security tunnel between the mobile node and the home agent, wherein when the mobile node is outside the private network forming the internet protocol security tunnel between the mobile node and the home agent further comprises forming an internet protocol security tunnel between the mobile node and a private network gateway and forming an internet protocol security tunnel between the private network gateway and the home agent, wherein when the mobile nodes roams into the region of the private network, the internet protocol security tunnel is maintained between the mobile node and the home agent without traversing the private network gateway, and wherein roaming the mobile node into the private network comprises sending, by the mobile node, an update message to the home agent, and receiving an acknowledgement message from the home agent, wherein the acknowledgment message indicates that the home agent has updated the security association and an internet protocol address for the mobile node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method, comprising:
-
connecting a mobile node to an internet access point; setting up a security association between the mobile node and a home agent on a private network through a firewall using the internet access point, wherein the firewall is configured to allow passage of a security association message from the mobile node and directed to the home agent; and when the security association is set up, forming an internet protocol security tunnel between the mobile node and the home agent for a transfer of packets, wherein forming the internet protocol security tunnel between the mobile node and the home agent comprises forming a internet protocol security tunnel between the mobile node and a private network gateway and forming a internet protocol security tunnel between the private network gateway and the home agent, and wherein setting up the security association between the mobile node and the home agent comprises sending, by the mobile node, an update message to the home agent when the mobile node roams into the private network, and receiving an acknowledgement message from the home agent, wherein the acknowledgment message indicates that the home agent has updated the security association and an internet protocol address for the mobile node, wherein the internet protocol security tunnel is maintained, when the mobile roams into the private network, directly between the mobile node and the home agent without traversing the private network gateway.
-
-
10. A system, comprising:
-
a private network comprising a home agent and a gateway; and a mobile node, wherein the mobile node and the private network are configured to allow the mobile node to connect to the private network through an access point outside the private network to form an internet protocol security tunnel between the mobile node and the home agent, and to maintain the internet protocol security tunnel directly between the home agent and the mobile node without traversing the gateway, when the mobile node roams into the private network and connects to the private network through an access point of the private network, wherein, when the mobile node roams outside the private network, the internet protocol security tunnel between the mobile node and the home agent comprises a tunnel between the mobile node and the gateway and a tunnel between the gateway and the home agent, and wherein, when the mobile node roams into the private network, the mobile node is configured to send an update message to the home agent, and the home agent is configured to send an acknowledgement message to the mobile node in response to the updated message and further configured to update a security association and an internet protocol address for the mobile node. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. An apparatus, comprising:
-
at least one processor; and at least one memory including computer program code, wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus at least to connect to a private network through an access point outside the private network to form an internet protocol security tunnel between the apparatus and a home agent in the private network and to maintain the tunnel directly between the home agent and the apparatus when the apparatus roams into the private network and connects to the private network through an access point of the private network, form an internet protocol security tunnel between the apparatus and a private network gateway and to form an internet protocol security tunnel between the private network gateway and the home agent send, when the apparatus roams into the private network, an update message to the home agent, and receive an acknowledgement message from the home agent indicating that a security association and an internet protocol address are updated for the apparatus, wherein the tunnel is maintained, when the apparatus roams into the private network, directly between the apparatus and the home agent without traversing a private network gateway.
-
-
19. A system, comprising:
-
a home agent; and at least one access point; wherein the system is configured to connect a mobile node through an access point outside the system to form an internet protocol security tunnel between the mobile node and the home agent and to maintain the internet protocol security tunnel directly between the home agent and the mobile node when the mobile node roams into the system and connects to the system through an access point of the system, wherein the system is a virtual private network and comprises a virtual private network gateway, and the tunnel between the mobile node and the home agent comprises a first internet protocol security tunnel between the virtual private network gateway and the mobile node and a second internet protocol security tunnel between the virtual private network gateway and the home agent, wherein the home agent is configured to receive an update message from the mobile node when it roams into the system, and further configured to send an acknowledgment message to the mobile node, indicating that a security association and an internet protocol address are updated for the mobile node, wherein the tunnel is maintained, when the mobile node roams into the private network, directly between the mobile node and the home agent without traversing the virtual private network gateway.
-
-
20. A system, comprising:
-
network means for providing a shared communication space, the network means comprising a home agent; and communication means for communicating via the shared communication space, wherein the communication means and the network means for allowing the communication means to connect to the network means through an access point outside the network means to form an internet protocol security tunnel between the communication means and the home agent, and to maintain the internet protocol security tunnel directly, without traversing a network means gateway, between the home agent and the communication means when the communication means roams into the network means and connects to the network means through an access point of the connection means, wherein the internet protocol security tunnel between the home agent and the communication means comprises an internet protocol security tunnel between the home agent and network means gateway and an internet protocol security tunnel between the network means gateway and the communications means, and wherein, when the communication means roams into the network means, the communication means is further for sending an update message to the home agent, and the home agent is configured to send an acknowledgement message to the communication means in response to the updated message and further configured to update a security association and an internet protocol address for the communication means.
-
-
21. An apparatus, comprising:
-
transmitting means for communicating with a home agent of a private network; receiving means for receiving a transmission from the home agent; and processing means for connecting the apparatus to the private network though an access point outside the private network to form an internet protocol security tunnel directly between the apparatus and the home agent in the private network, and to maintain the internet protocol security tunnel directly, without traversing a private network gateway, between the home agent and the apparatus when the apparatus roams into the private network and connects to the private network through the access point of the private network, wherein the internet protocol security tunnel between the home agent and the apparatus comprises an internet protocol security tunnel between the apparatus and the private network gateway and an internet protocol security tunnel between the private network gateway and the home agent, wherein the transmitting means is further for sending, when the apparatus roams into the private network, an update message to the home agent, and wherein the receiving means is further for receiving an acknowledgement message from the home agent indicating that a security association and an internet protocol address are updated for the apparatus.
-
-
22. A system, comprising:
-
routing means for connecting a mobile node to the system; and at least one accessing means for providing a connection to the system, wherein the system is configured to connect the mobile node through an accessing means outside the system to form an internet protocol security tunnel directly between the mobile node and the routing means and to maintain the internet protocol security tunnel directly between the routing means and the mobile node when the mobile node roams into the system and connects to the system through the accessing means of the system, wherein the internet protocol security tunnel between the mobile node and the router means comprises an internet protocol security tunnel between the mobile node and a private network gateway and an internet protocol security tunnel between the private network gateway and the routing means, wherein the routing means is further for receiving an update message from the mobile node when it roams into the system, and further for sending an acknowledgment message to the mobile node, indicating that a security association and an internet protocol address are updated for the mobile node, wherein the tunnel is maintained, when the mobile node roams into the private network, directly between the mobile node and the home agent without traversing the private network gateway.
-
Specification