Systems and methods for managing a plurality of user sessions in a virtual private network environment
First Claim
1. A method for establishing a virtual private network session on behalf of a user of a client where the user has a currently existing virtual private network session previously established on behalf of the user, the method comprising:
- (a-a) receiving, by an appliance, a first request from a first client operated by a user to establish a virtual private network session;
(a-b) establishing, by the appliance in response to the first request, a first virtual private network session with the first client;
(b-a) receiving, by the appliance, a second request from a second client operated by the user to establish a virtual private network session;
(b-b) creating, by the appliance in response to the second request, a second virtual private network session with the second client, the second virtual private network session identified by the appliance as temporary and prevented from receiving data from the second client;
(c-a) identifying, by the appliance in response to the creation of the second virtual private network session, the first virtual private network session of the user as a currently existing virtual private network session previously established on behalf of the user;
(c-b) communicating, by the appliance to the second client, properties identified from the currently existing virtual private network session, the second client determining, on behalf of the user, to terminate the first virtual private network session based on the identified properties;
(d-a) receiving, by the appliance from the second client, a third request to terminate the first virtual private network session based on the determination;
(d-b) terminating, by the appliance responsive to the third request, the first virtual private network session; and
(e) establishing a third virtual private network session with the client using the second virtual private network session, the third virtual private network session enabled for receiving data from the client.
8 Assignments
0 Petitions
Accused Products
Abstract
Methods for establishing an SSL/VPN session on behalf of a user of a client where the user has a previously existing session are described. Methods include receiving, by an appliance, a request from a first client operated by a user to establish a virtual private network session; creating, by the appliance, a temporary virtual private network session with the client; identifying, by the appliance, an existing virtual private network session previously established on behalf of the user; terminating the previous session; and creating a new virtual private network session with the client using the temporary session. Other methods may further include transmitting a request to a user corresponding to whether to terminate one or more previous sessions, and transferring session data from a previously existing session to a current session. Corresponding systems are also described.
-
Citations
29 Claims
-
1. A method for establishing a virtual private network session on behalf of a user of a client where the user has a currently existing virtual private network session previously established on behalf of the user, the method comprising:
-
(a-a) receiving, by an appliance, a first request from a first client operated by a user to establish a virtual private network session; (a-b) establishing, by the appliance in response to the first request, a first virtual private network session with the first client; (b-a) receiving, by the appliance, a second request from a second client operated by the user to establish a virtual private network session; (b-b) creating, by the appliance in response to the second request, a second virtual private network session with the second client, the second virtual private network session identified by the appliance as temporary and prevented from receiving data from the second client; (c-a) identifying, by the appliance in response to the creation of the second virtual private network session, the first virtual private network session of the user as a currently existing virtual private network session previously established on behalf of the user; (c-b) communicating, by the appliance to the second client, properties identified from the currently existing virtual private network session, the second client determining, on behalf of the user, to terminate the first virtual private network session based on the identified properties; (d-a) receiving, by the appliance from the second client, a third request to terminate the first virtual private network session based on the determination; (d-b) terminating, by the appliance responsive to the third request, the first virtual private network session; and (e) establishing a third virtual private network session with the client using the second virtual private network session, the third virtual private network session enabled for receiving data from the client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 26, 27, 28)
-
-
13. A system for establishing a virtual private network session on behalf of a user of a client where the user has a currently existing virtual private network session previously established on behalf of the user, the system comprising:
an appliance connected to a network and having a hardware processor, which receives a first request from a first client operated by a user to establish a virtual private network session;
establishes, in response to the first request, a first virtual private network session with the first client;
receives a second request from a second client operated by the user to establish a virtual private network session;
creates, by the appliance in response to the second request, a second virtual private network session with the second client , the second virtual private network session identified by the appliance as temporary and prevented from receiving data from the second client;
identifies, in response to the creation of the second virtual private network session, the first virtual private network session of the user as a currently existing virtual private network session previously established on behalf of the user;
communicates to the second client properties identified from the currently existing virtual private network session, the second client determining, on behalf of the user, to terminate the first virtual private network session based on the identified properties;
receives, from the second client, a third request to terminate the first virtual private network session based on the determination;
terminates the second virtual private network session responsive to the third request; and
establishes a third virtual private network session with the second client using the second virtual private network session, the third virtual private network session enabled for receiving data from the second client.- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
25. A method for establishing a virtual private network session on behalf of a user of a client where the user has a currently existing virtual private network session previously established on behalf of the user, the method comprising:
-
(a) receiving, by an appliance, a first request from a first client operated by a user to establish a virtual private network session; (b) establishing, by the appliance in response to the first request, a first virtual private network session with the first client; (c) receiving, by the appliance, a second request from a second client operated by the user to establish a virtual private network session; (d) creating, by the appliance in response to the second request, a second virtual private network session with the second client, the second virtual private network session identified by the appliance as temporary and prevented from receiving data from the second client; (e) identifying, by the appliance in response to the creation of the second virtual private network session, the first virtual private network session as a currently existing virtual private network session previously established on behalf of the user; (f) identifying, by the appliance, properties from the currently existing virtual private network session; (g) requesting, by the appliance to the second client, whether to terminate the identified first virtual private network session based on the identified properties; (h) receiving by the appliance from the second client responsive to the request to the second client, an indication to terminate the first virtual private network session; and (i) establishing, responsive to the termination, a third virtual private network session with the client using the second virtual private network session, the third virtual private network session enabled for receiving data from the client.
-
-
29. A method for establishing a virtual private network session on behalf of a user of a client where the user has a currently existing virtual private network session previously established on behalf of the user, the method comprising:
-
(a) receiving, by an appliance, a first request from a first client operated by a user to establish a virtual private network session; (b) establishing, by the appliance in response to the first request, a first virtual private network session with the first client; (c) receiving, by the appliance, a second request from a second client operated by the user to establish a virtual private network session; (d) creating, by the appliance in response to the second request, a second virtual private network session with the second client, the second virtual private network session identified by the appliance as temporary and prevented from receiving data from the second client; (e) identifying, by the appliance in response to the creation of the second virtual private network session, the first virtual private network session as a currently existing virtual private network session previously established on behalf of the user; (f) identifying, by the appliance, properties from the currently existing virtual private network session; (g) determining, by the appliance, to terminate the identified first virtual private network session based on the identified properties; and (h) establishing, responsive to the termination, a third virtual private network session with the client using the second virtual private network session, the third virtual private network session enabled for receiving data from the client. wherein the appliance determines to terminate the identified first virtual private network session if (i) the first virtual private network session is not fully established or (ii) a given period of time has passed since the last transmission via the first virtual private network session.
-
Specification