System for automated connection to virtual private networks related applications
First Claim
1. A network interface unit for communicating data packets over one or more non-secure networks between one or more client devices associated with one or more local area networks (LAN) and a secure virtual private network (VPN) node, comprising:
- means for authenticating the one or more client devices for access to the secure VPN node,a graphical user interface server for presenting an authentication menu to the one or more client devices, wherein, when a first one of the client devices is incompatible with the authentication menu, the authentication means is to authenticate the first client device in response to an authentication of a second one of the client devices via the authentication menu, the second client device being compatible with the authentication menu;
means for receiving a menu selection from the second client device, the selection corresponding to a connection profile associated with a first type of connection;
means for accessing the one or more non-secure networks using information associated with the selection; and
a security server for establishing a secure communication over the non-secure network between the LAN and the secure VPN node.
3 Assignments
0 Petitions
Accused Products
Abstract
A network interface unit is provided for use intermediate a LAN and a public or private network, or a combination of both, for establishing secure links to a VPN gateway. Login by a LAN client with the network interface unit, addressing, authentication, and other configuration operations achieved using a web page-based GUI are applied in establishing tunnels from LAN clients to desired VPN destinations. Illustrative network interface units include a DHCP server and provide encryption-decryption and encapsulation-decapsulation of data packets for communication with VPN nodes. Configuration and connection of a client are further enhanced by a built-in DNS server and other functional servers to provide a high degree of autonomy in establishing connections to a desired VPN gateway via an ISP or other public and/or private network links to. The interface unit then performs required authentication exchanges, and required encryption key exchanges.
-
Citations
19 Claims
-
1. A network interface unit for communicating data packets over one or more non-secure networks between one or more client devices associated with one or more local area networks (LAN) and a secure virtual private network (VPN) node, comprising:
-
means for authenticating the one or more client devices for access to the secure VPN node, a graphical user interface server for presenting an authentication menu to the one or more client devices, wherein, when a first one of the client devices is incompatible with the authentication menu, the authentication means is to authenticate the first client device in response to an authentication of a second one of the client devices via the authentication menu, the second client device being compatible with the authentication menu; means for receiving a menu selection from the second client device, the selection corresponding to a connection profile associated with a first type of connection; means for accessing the one or more non-secure networks using information associated with the selection; and a security server for establishing a secure communication over the non-secure network between the LAN and the secure VPN node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for communicating data packets over a non-secure network between client devices a secure virtual private network (VPN) node, comprising:
-
receiving a request from a first client device associated with a first local area network (LAN) to access the secure VPN node; presenting an authentication menu via a graphical user interface on the first client device; in response to receiving valid authentication information from the first client device, authenticating the first client device for access to the secure VPN node; when a second client device associated with the first LAN is incompatible with the authentication menu, authenticating the second client device associated with the first LAN in response to the authentication of the first client device associated with the first LAN, the first client device being compatible with the authentication menu; receiving a menu selection from the first client device corresponding to a connection profile associated with a first type of connection; accessing the non-secure network using information associated with the selection; and establishing a secure communication over the non-secure network between the first LAN and the secure VPN node. - View Dependent Claims (17)
-
-
18. A non-transitory memory storing instructions that, when executed, cause a machine to:
-
receive a request from a first client device associated with a first local area network (LAN) to access a secure VPN node; present an authentication menu via a graphical user interface to the first client device; in response to receiving valid authentication information from the first client device, authenticate the first client device for access to the secure VPN node; when a second client device associated with the first LAN is incompatible with the menu, authenticate the second client device of the first LAN in response to the authentication of the first client device of the first LAN; receive a menu selection from the first client device corresponding to a connection profile associated with a first type of connection; access a non-secure network using information associated with the selection; and establish a secure connection over the non-secure network between the first LAN and the secure VPN. - View Dependent Claims (19)
-
Specification