×

Dynamic system and method for virtual private network (VPN) packet level routing using dual-NAT method

  • US 7,840,701 B2
  • Filed: 02/21/2007
  • Issued: 11/23/2010
  • Est. Priority Date: 02/21/2007
  • Status: Active Grant
First Claim
Patent Images

1. A method for virtual private network packet level routing using a dual-NAT (network address translation) mechanism comprising:

  • hosting a list of available resources on a resource virtual private network, and wherein each of the available resources has a local (actual) resource IP address;

    dynamically assigning each of the available resources on the resource virtual private network a resource dynamic virtual private network (DVPN) address using a Dynamic Host Configuration Protocol (DHCP);

    publishing the list of available resources to at least one client virtual private network gateway using the resource DVPN address for each of the available resources;

    translating the resource DVPN address for each of the available resources into a local (virtual) resource IP address on the at least one client virtual private network;

    providing the local (virtual) resource IP address for the list of available resources to at least one client on the at least one client virtual private network;

    initiating a request by the at least one client for the at least one resource from the list of available resources hosted on the resource virtual private network as though the at least one resource is local to the at least one client without exposing the local (actual) resource IP addresses of the list of available resources on the resource virtual private network, each of the at least one clients having a local (actual) client IP address, and wherein the client DVPN gateway associated with the client virtual private network dynamically assigns the local (actual) client IP address into a client DVPN address using a Dynamic Host Configuration Protocol (DHCP) and translates the local (virtual) resource IP address into the resource DVPN address;

    routing the request packet with the client DVPN address and the resource DVPN address through a secure connection to a resource dynamic virtual private network (DVPN) gateway associated with the resource virtual private network;

    translating the client DVPN address and the resource DVPN address into a local (virtual) client IP address and the local (actual) resource IP address on the resource virtual private network, and wherein the translation is performed by the resource DVPN gateway;

    responding to the request by the at least one resource on the resource virtual private network as though the request is initiated locally on the resource virtual private network without exposing the actual IP address of the at least one client on the client virtual private network;

    routing the response packet from the at least one resource on the resource virtual private network back to the at least one client on the client virtual private network through the secure connection, wherein the resource DVPN gateway translates the local (actual) resource IP address and the local (virtual) client IP address on the resource virtual private network to the resource DVPN address and the client DVPN address for routing through the secure tunnel to the client DVPN gateway; and

    forwarding the response packet to the at least one client, wherein the client DVPN gateway translates the resource DVPN address and the client DVPN address into the local (virtual) resource IP address and the local (actual) client IP address on the client virtual private network.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×