Providing telephony services to terminals behind a firewall and/or a network address translator

US 8,244,876 B2
Filed: 11/17/2006
Issued: 08/14/2012
Est. Priority Date: 06/14/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method for use in communications involving a first terminal that is coupled to a first side of a firewall and network address translator, the method comprising:

sending, by the first terminal, a first message identifying the first terminal to a node on a second side of the firewall and network address translator, the first message identifying the first terminal as available for a call session;

receiving, by the first terminal, a second message from the node, wherein the first and second messages between the first terminal and the node cause creation of a signaling connection through the firewall and network address translator and creation of a mapping between a first address of the first terminal and a second address of the first terminal, where the first address is an address assigned to the first terminal on the first side of the firewall and network address translator, and where the second address is an address assigned to the first terminal on the second side of the firewall and network address translator;

repeatedly sending keep-alive messages to maintain the existing signaling connection through the firewall and network address translator and to thereby maintain the mapping at the firewall and network address translator, wherein failure to repeatedly send the keep-alive messages will result in the existing signaling connection being closed and the mapping being removed;

communicating messages, by the first terminal, with the node over the existing signaling connection maintained through the firewall and network address translator to establish a first call session with a second terminal using a first call session connection, the first call session connection being different from the existing signaling connection; and

exchanging media packets with the second terminal via the first call session connection.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus is provided to allow telephony or other types of media communications and services to be provided for a device (24) having a private network address that resides behind a firewall and network address and port translation (NAPT) module (which is not aware of the underlying protocol for the communications and services). Examples of the underlying protocol includes the Session Initiation Protocol (SIP) and Real-Time Protocol (RTP). A path through the firewall and NAPT module is defined by use of keep-alive messages communicated through the firewall and NAPT module. Addresses that are allocated by the firewall and NAPT module are associated with the device (24) for both signaling and media communications. A feature of the firewall that enables the provision of telephony and media communications through the firewall that is protocol-unaware is that the firewall allows responses to messages initiated by the device back through the firewall.

93 Citations

View as Search Results

18 Claims

1. A method for use in communications involving a first terminal that is coupled to a first side of a firewall and network address translator, the method comprising:
- sending, by the first terminal, a first message identifying the first terminal to a node on a second side of the firewall and network address translator, the first message identifying the first terminal as available for a call session;
  
  receiving, by the first terminal, a second message from the node, wherein the first and second messages between the first terminal and the node cause creation of a signaling connection through the firewall and network address translator and creation of a mapping between a first address of the first terminal and a second address of the first terminal, where the first address is an address assigned to the first terminal on the first side of the firewall and network address translator, and where the second address is an address assigned to the first terminal on the second side of the firewall and network address translator;
  
  repeatedly sending keep-alive messages to maintain the existing signaling connection through the firewall and network address translator and to thereby maintain the mapping at the firewall and network address translator, wherein failure to repeatedly send the keep-alive messages will result in the existing signaling connection being closed and the mapping being removed;
  
  communicating messages, by the first terminal, with the node over the existing signaling connection maintained through the firewall and network address translator to establish a first call session with a second terminal using a first call session connection, the first call session connection being different from the existing signaling connection; and
  
  exchanging media packets with the second terminal via the first call session connection.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising receiving a call request, by the first terminal, from the node over the existing signaling connection maintained through the firewall and network address translator.
  - 3. The method of claim 1, wherein repeatedly sending the keep-alive messages is based on a timer in the first terminal.
  - 4. The method of claim 1, wherein sending the first message comprises sending a registration message to register the first terminal with the node.
  - 5. The method of claim 4, wherein sending the registration message comprises sending a Session Initiation Protocol REGISTER message, and wherein communicating the messages comprises communicating a Session Initiation Protocol Invite message to establish the first call session with the second terminal.
  - 6. The method of claim 5, wherein sending the registration message comprises sending the registration message to a Session Initiation Protocol proxy, the node comprising the Session Initiation Protocol proxy.
  - 7. The method of claim 1, wherein sending the first message and receiving the second message are used to perform registration of the first terminal, andwherein repeatedly sending the keep-alive messages to maintain the existing signaling connection through the firewall and network address translator and to thereby maintain the mapping is performed for a duration of the registration of the first terminal.
  - 8. The method of claim 1, wherein the mapping includes a mapping between an internal address of the first terminal and an external address of the first terminal.
  - 9. The method of claim 8, wherein repeatedly sending the keep-alive messages is controlled by a timer, and wherein repeatedly sending the keep-alive messages is performed at a periodic interval sufficient to prevent removal of the mapping caused by time-out in the firewall and network address translator.
  - 10. The method of claim 1, wherein communicating the messages to establish the first call session comprises communicating the messages to establish a telephony session.
  - 11. The method of claim 1, further comprising:
    - terminating the first call session connection;
      
      communicating additional messages, by the first terminal, with the node over the existing signaling connection maintained through the firewall and network address translator to establish a second call session with a third terminal using a second call session connection, the second call session connection being different from the signaling connection and the first call session connection; and
      
      exchanging media packets with the third terminal via the second call session connection.

12. A method for use in communications involving a first terminal that is coupled to a first side of a firewall and network address translator, the method comprising:
- sending, by the first terminal, a first message identifying the first terminal to a node on a second side of the firewall and network address translator, the first message identifying the first terminal as available for a call session;
  
  receiving, by the first terminal, a second message from the node, wherein the first and second messages between the first terminal and the node cause creation of a signaling connection through the firewall and network address translator and creation of a mapping between a first address of the first terminal and a second address of the first terminal, where the first address is an address assigned to the first terminal on the first side of the firewall and network address translator, and where the second address is an address assigned to the first terminal on the second side of the firewall and network address translator;
  
  repeatedly sending keep-alive messages to maintain the existing signaling connection through the firewall and network address translator and to thereby maintain the mapping at the firewall and network address translator, wherein failure to repeatedly send the keep-alive messages will result in the existing signaling connection being closed and the mapping being removed;
  
  wherein maintaining the existing signaling connection comprises maintaining an existing Session Initiation Protocol (SIP) signaling connection between the first terminal and the node through the firewall and network address translator;
  
  communicating messages, by the first terminal, with the node over the existing SIP signaling connection maintained through the firewall and network address translator to establish a first call session with a second terminal using a first call session connection, the first call session connection being different from the existing SIP signaling connection; and
  
  exchanging media packets with the second terminal via the first call session connection.
- View Dependent Claims (13)
- - 13. The method of claim 12, wherein maintaining the existing SIP signaling connection comprises maintaining the existing SIP signaling connection to communicate messages between the first terminal and the node for controlling the first call session.

14. A device for use in communications through a firewall and network address translator, wherein the device is for provision on a first side of the firewall and network address translator, the device comprising:
- an interface configured to communicate messages with a node on a second side of the firewall and network address translator, the communication of the messages with the node to create a signaling connection through the firewall and network address translator and to create a mapping between a first address of the device and a second address of the device, where the first address is an address assigned to the device on the first side of the firewall and network address translator, and where the second address is an address assigned to the device on the second side of the firewall and network address translator, the messages identifying the device as available for a call session; and
  
  a controller configured to;
  
  repeatedly send keep-alive messages to maintain the existing signaling connection through the firewall and network address translator and to thereby maintain the mapping at the firewall and network address translator, wherein failure to repeatedly send the keep-alive messages will result in the existing signaling connection being closed and the mapping being removed, wherein the existing signaling connection comprises an existing Session Initiation Protocol (SIP) signaling connection;
  
  communicate messages with the node over the existing signaling connection maintained through the firewall and network address translator to establish a first call session with the node using a first call session connection, the first call session connection being different from the existing signaling connection; and
  
  exchange media packets with the node via the first call session connection.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The device of claim 14, further comprising a timer to determine timing of the keep-alive messages.
  - 16. The device of claim 14, wherein the interface is configured to communicate the messages with the node to perforin registration of the device;
    - andthe controller being configured to repeatedly send the keep-alive messages to maintain the existing signaling connection through the firewall and network address translator for a duration of the registration of the device.
  - 17. The device of claim 14, wherein the mapping includes a mapping between an internal address of the device and an external address of the device.
  - 18. The device of claim 17, further comprising a timer to determine timing of the keep-alive messages, wherein the timer causes the keep-alive messages to be sent at a periodic interval sufficient to prevent removal of the mapping caused by a time-out in the firewall and network address translator.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RPX Clearinghouse LLC (RPX Corporation)
Original Assignee
Rockstar Bidco LP (Rockstar Consortium Inc.)
Inventors
Sollee, Patrick N.
Primary Examiner(s)
Dalencourt, Yves

Application Number

US11/601,394
Publication Number

US 20070094412A1
Time in Patent Office

2,097 Days
Field of Search

709/245, 709/227, 370/401
US Class Current

709/227
CPC Class Codes

H04L 61/00   Network arrangements, proto...

H04L 61/2517   using port numbers

H04L 61/2539   Hiding addresses; Keeping a...

H04L 61/255   Maintenance or indexing of ...

H04L 61/2553   Binding renewal aspects, e....

H04L 61/2564   for a higher-layer protocol...

H04L 61/2578   without involvement of the ...

H04L 63/0227   Filtering policies mail mes...

H04L 63/0236   Filtering by address, proto...

H04L 63/0254   Stateful filtering

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/1458   Denial of Service

H04L 65/1043   Gateway controllers, e.g. m...

H04L 65/1069   Session establishment or de...

H04L 65/1101   Session protocols

H04L 65/1104   Session initiation protocol...

H04L 65/65   Network streaming protocols...

H04L 9/40   Network security protocols

H04M 7/006   Networks other than PSTN/IS...

H04M 7/0078   Security; Fraud detection; ...

Providing telephony services to terminals behind a firewall and/or a network address translator

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

93 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Providing telephony services to terminals behind a firewall and/or a network address translator

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

93 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links