Remote configuration of devices using a secure connection
First Claim
1. A method of configuring a remote device, said method comprising:
- transmitting a device configuration request from said remote device to a remote server during a Mode-Config exchange between the remote device and the remote server,wherein the configuration request expands the Mode-Config exchange and is sent between phase 1 and phase 2 of the Mode-Config exchange during negotiation of a secure connection to the remote server comprising an Internet Key Exchange (IKE) to establish a Virtual Private Network (VPN) Tunnel,said configuration request comprising a request for two attributes comprising a location pointer independent of configuration commands and a configuration version identifier, wherein the location pointer points to a latest version of a device configuration file;
the configuration version identifier identifies the version of the device configuration file to which the location pointer is pointing;
wherein the configuration request is transparent to other remote server devices that do not recognize the configuration request;
in response to the device configuration request receiving a response at said remote device, in a Mode-Config reply, said configuration response comprising the location pointer independent of configuration commands wherein the configuration response is received using Mode-Config protocol in the Mode-Config reply;
retrieving said device configuration file from said location;
applying said device configuration file to said remote device to configure the remote device; and
responding to instructions from the remote server during the Mode-Config exchange to transmit additional present state data by sending a status update to the remote server including a version number of a device configuration currently running on a local operating system, resource availability and connected devices.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for configuring a remote device are described. In one embodiment, a method of configuring a remote device while negotiating a secure connection between the remote device and a central server is described. The method involves transmitting a configuration request from the remote device to the central server, including a request for a location to retrieve the latest configuration file from. The method also entails receiving a configuration response from the central server, with a pointer to such a location. The configuration file is retrieved from the indicated location, and applied to the remote device. The remote device sends general information about its configuration and status to the central server, using the secure connection.
37 Citations
14 Claims
-
1. A method of configuring a remote device, said method comprising:
-
transmitting a device configuration request from said remote device to a remote server during a Mode-Config exchange between the remote device and the remote server, wherein the configuration request expands the Mode-Config exchange and is sent between phase 1 and phase 2 of the Mode-Config exchange during negotiation of a secure connection to the remote server comprising an Internet Key Exchange (IKE) to establish a Virtual Private Network (VPN) Tunnel, said configuration request comprising a request for two attributes comprising a location pointer independent of configuration commands and a configuration version identifier, wherein the location pointer points to a latest version of a device configuration file; the configuration version identifier identifies the version of the device configuration file to which the location pointer is pointing; wherein the configuration request is transparent to other remote server devices that do not recognize the configuration request; in response to the device configuration request receiving a response at said remote device, in a Mode-Config reply, said configuration response comprising the location pointer independent of configuration commands wherein the configuration response is received using Mode-Config protocol in the Mode-Config reply; retrieving said device configuration file from said location; applying said device configuration file to said remote device to configure the remote device; and responding to instructions from the remote server during the Mode-Config exchange to transmit additional present state data by sending a status update to the remote server including a version number of a device configuration currently running on a local operating system, resource availability and connected devices. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system, comprising:
-
a bus, for transmitting information; a processor coupled to said bus, for performing operations; an operating system running on said processor, for controlling said system; an external network connection coupled to said bus, for communicating with a remote server; a networking module, for negotiating a secure connection to the remote server during a Mode-Config negotiation, said operating system configured to; transmit a configuration request using Mode-Config protocol for a current device configuration file to said remote server to configure a local device, wherein the configuration request expands the Mode-Config negotiation and is sent between phase 1 and phase 2 of a Mode-Config exchange during the Mode-Config negotiation of the secure connection to the remote server comprising an Internet Key Exchange (IKE) to establish a Virtual Private Network (VPN) Tunnel, the configuration request comprising; a request for a location pointer independent of configuration commands that points to a latest version of a device configuration file; and a request for a configuration version identifier, the configuration version identifier for identifying the version of the device configuration file to which the location pointer is pointing; and said external network connection is configured to receive a pointer to said current device configuration file in response to the configuration request using the Mode-Config protocol during the Mode-Config exchange in a Mode-Config reply wherein the location pointer is independent of the configuration commands; said operating system is further configured to access a location indicated by said pointer, and respond to instructions from the remote server during the Mode-Config negotiation to transmit additional present state data by sending a status update to the remote server including a version number of a current device configuration, resource availability and connected devices; said external network connection is configured to receive said current device configuration file; and said processor is configured to perform one or more device configuration operations indicated by said current device configuration file; wherein the configuration request is transparent to other remote server devices that do not recognize the configuration request. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A network hub for configuring a spoke device of a hub-spoke network, said network hub comprising:
-
a receiver for receiving a discrete configuration request from the spoke device during a Mode-Config exchange to negotiate a secure connection between the spoke device and the network hub, the discrete request comprising a request for two attributes comprising a device configuration pointer and a description of a version of a device configuration corresponding to the pointer; wherein the discrete configuration request expands the Mode-Config exchange and is sent between phase 1 and phase 2 of the Mode-Config exchange during negotiation of the secure connection to the spoke device comprising an Internet Key Exchange (IKE) to establish a Virtual Private Network (VPN) Tunnel; a transmitter for transmitting the configuration pointer and the description of the version of the configuration from said network hub; wherein the secure connection is established independent of transmitting configuration commands as part of the negotiation of the secure connection; wherein the hub is further configured to send a request to the spoke device during the Mode-Config exchange for a status update including a version number of a device configuration currently running on a hub operating system, resource availability or connected devices, or combinations thereof; wherein the receiver is further configured for receiving a state report from said spoke device; wherein the state report includes a version number of a configuration currently running on the spoke device; and wherein the configuration request is transparent to other remote server devices that do not recognize the configuration request. - View Dependent Claims (14)
-
Specification