UPnP VPN gateway configuration service

US 8,261,341 B2
Filed: 01/27/2005
Issued: 09/04/2012
Est. Priority Date: 01/27/2005
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

configuring an apparatus that includes an Internet gateway device control point, using a virtual private network configuration service of the Internet gateway device control point, to permit communication between the apparatus and other apparatuses within a first local area network through a first Internet gateway device collocated with a first virtual private network gateway;

connecting the apparatus to a second Internet gateway device of a second local area network, the second Internet gateway device being collocated with a second virtual private network gateway, and the second local area network including a second local area network apparatus that is different than the apparatus; and

transmitting virtual private network configuration parameters from the apparatus to the second Internet gateway device, the transmitting being performed to configure the second Internet gateway device so as to create a virtual private network tunnel that provides the second local area network apparatus with access to one or more of the other apparatuses within the first local area network, the virtual private network tunnel being between the first virtual private network gateway and the second virtual private network gateway.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for creating a virtual private network through a VPN gateway configuration service. The VPN gateway configuration service inherits UPnP zero-configuration characteristics and also provides an interface for configuring the VPN gateway that enables the configuration of any VPN gateway device, regardless of manufacturer. Additionally, the device control protocol defined by the VPN gateway configuration service can provide client provisioning, as well as enabling the configuration of gateway-to-gateway virtual private networks.

102 Citations

View as Search Results

20 Claims

1. A method comprising:
- configuring an apparatus that includes an Internet gateway device control point, using a virtual private network configuration service of the Internet gateway device control point, to permit communication between the apparatus and other apparatuses within a first local area network through a first Internet gateway device collocated with a first virtual private network gateway;
  
  connecting the apparatus to a second Internet gateway device of a second local area network, the second Internet gateway device being collocated with a second virtual private network gateway, and the second local area network including a second local area network apparatus that is different than the apparatus; and
  
  transmitting virtual private network configuration parameters from the apparatus to the second Internet gateway device, the transmitting being performed to configure the second Internet gateway device so as to create a virtual private network tunnel that provides the second local area network apparatus with access to one or more of the other apparatuses within the first local area network, the virtual private network tunnel being between the first virtual private network gateway and the second virtual private network gateway.
- View Dependent Claims (2, 3, 4, 5, 6, 12, 20)
- - 2. The method of claim 1, wherein configuring the apparatus includes adjusting required security protocols within the apparatus.
  - 3. The method of claim 1, wherein configuring the apparatus includes adjusting authentication and privacy parameters for security protocols within the apparatus.
  - 4. The method of claim 1, wherein configuring the apparatus using the virtual private network configuration service includes adjusting session timeouts for the apparatus using the virtual private network configuration service.
  - 5. The method of claim 1, wherein configuring the apparatus includes obtaining at least one IP address of the first Internet gateway device.
  - 6. The method of claim 1, wherein the apparatus comprises a portable telecommunications device.
  - 12. The method of claim 1, wherein the virtual private network tunnel is temporary.
  - 20. The method of claim 1, wherein the apparatus is a mobile telephone and the virtual private network configuration parameters include an internet protocol address of the first Internet gateway device, one or more security protocol parameters for establishing the virtual private network tunnel, one or more authentication parameters specific to a security protocol, and one or more privacy parameters specific to the security protocol.

7. A non-transitory computer-readable medium storing computer-executable instructions configured to, when executed, cause an apparatus to at least:
- configure an apparatus that includes an Internet gateway device control point using a virtual private network configuration service of the Internet gateway device control point, to permit communication between the apparatus and other apparatuses within a first local area network through a first Internet gateway device in the first local area network while the apparatus is outside of the first local area network;
  
  establish a connection between the apparatus and a second Internet gateway device of a second local area network, the second local area network including a second local area network apparatus that is different than the apparatus; and
  
  transmit virtual private network configuration parameters from the apparatus to the second Internet gateway device, the transmitting being performed to configure the second Internet gateway device so as to create a virtual private network tunnel that provides the second local area network apparatus with access to one or more of the other apparatuses within the first local area network, the virtual private network tunnel being between a first virtual private network gateway collocated with the first Internet gateway device and a second virtual private network gateway collocated with the second Internet gateway device.
- View Dependent Claims (8)
- - 8. The non-transitory computer-readable medium of claim 7, wherein the configuring the apparatus includes obtaining at least one IP address of the first Internet gateway device.

9. An apparatus comprising:
- a processor; and
  
  a memory storing computer executable instructions configured to, with the processor, cause the apparatus to at least;
  
  configure the apparatus for communication with a first Internet gateway device of a first local area network using a virtual private network configuration service of the apparatus;
  
  establish a connection with a second Internet gateway device of a second local area network, the second local area network including a second local area network apparatus that is different than the apparatus; and
  
  transmit virtual private network configuration parameters from the apparatus to the second Internet gateway device, the transmitting being performed to configure the second Internet gateway device so as to create a virtual private network tunnel that provides the second local area network apparatus with access to one or more other apparatuses within the first local area network, the virtual private network tunnel being between a first virtual private network gateway collocated with the first Internet gateway device and a second virtual private network gateway collocated with the second Internet gateway device.
- View Dependent Claims (13)
- - 13. The apparatus of claim 9, wherein the memory further stores computer executable instructions configured to, with the processor, cause the apparatus to obtain at least one IP address of the first Internet gateway device.

10. A system comprising:
- a first local area network including a first Internet gateway device collocated with a first virtual private network gateway and the first local area network including one or more first local area network apparatuses; and
  
  an apparatus, comprisinga processor; and
  
  a memory storing computer executable instructions configured to, with the processor, cause the apparatus to at least;
  
  configure the apparatus to be capable of communication with the first Internet gateway device using a virtual private network configuration service of the apparatus;
  
  establish a connection between the apparatus and a second Internet gateway device of a second local area network, the second local area network including a second local area network apparatus that is different than the apparatus; and
  
  transmit virtual private network configuration parameters from the apparatus to the second Internet gateway device, the transmitting being performed to configure the second Internet gateway device so as to create a virtual private network tunnel that provides the second local area network apparatus with access to the one or more first local area network apparatuses within the first local area network, the virtual private network tunnel having a first end at the first virtual private network gateway and a second end at a second virtual private network gateway collocated with the second Internet gateway device.
- View Dependent Claims (14)
- - 14. The system of claim 10, wherein a memory of the apparatus further stores computer executable instructions configured to, with the processor of the apparatus, cause the apparatus to obtain at least one IP address of the first Internet gateway device.

11. A system comprising:
- a first Internet gateway device positioned within a first network; and
  
  a second Internet gateway device positioned within a second network, the second network including a second local area network apparatus,wherein each of the first Internet gateway device and the second Internet gateway device is configured to provide virtual private network service via a virtual private network tunnel having a first end at a first virtual private network gateway collocated with the first Internet gateway device and a second end at a second virtual private network gateway collocated with the second Internet gateway device;
  
  wherein the second Internet gateway device is further configured to modify its own settings based on information received from an apparatus associated with the first network so as to create the virtual private network tunnel that provides the second local area network apparatus with access to one or more apparatuses within the first network using the virtual private network tunnel, the apparatus associated with the first network being different than the second local area network apparatus and the apparatus associated with the first network being within the second network when the second Internet gateway device receives the information from the apparatus associated with the first network.
- View Dependent Claims (15)
- - 15. The system of claim 11, wherein the information includes at least one IP address of the first Internet gateway device.

16. A method comprising:
- providing a virtual private network service via a virtual private network tunnel that provides a local area network apparatus within a local area network with access to one or more other apparatuses within a home local area network, the virtual private network tunnel being between a first virtual private network gateway collocated with a first Internet gateway device in the home local area network and a second virtual private network gateway collocated with a second Internet gateway device in the local area network,wherein the home local area network is associated with an apparatus and the home local area network is remote from the local area network,wherein providing the virtual private network service includes creating the virtual private network tunnel in response to virtual private network configuration parameters being transmitted from the apparatus to the second Internet gateway device, andwherein the local area network includes the local area network apparatus, the local area network apparatus is different than the apparatus, and the apparatus is located within the local area network when the virtual private network tunnel is created.
- View Dependent Claims (17)
- - 17. The method of claim 16, wherein the virtual private network tunnel is temporary.

18. An apparatus comprising:
- a processor;
  
  a memory storing computer-executable instructions configured to, with the processor, cause the apparatus to at least;
  
  provide a virtual private network service via a virtual private network tunnel that provides a local area network apparatus within a local area network with access to one or more other apparatuses within a home local area network, the virtual private network tunnel being between a first virtual private network gateway collocated with a first Internet gateway device in the home local area network and a second virtual private network gateway collocated with a second Internet gateway device in the local area network,wherein the home local area network is associated with the apparatus and the home local area network is remote from the local area network,wherein creation of the virtual private network tunnel is initiated based upon virtual private network configuration parameters transmitted from the apparatus to the second Internet gateway device, andwherein the local area network includes the local area network apparatus, the local area network apparatus is different than the apparatus, and the apparatus is located within the local area network when the virtual private network tunnel is created.
- View Dependent Claims (19)
- - 19. The apparatus of claim 18, wherein the virtual private network tunnel is temporary.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Stirbu, Vlad
Primary Examiner(s)
Shiferaw, Eleni
Assistant Examiner(s)
WILLIAMS, JEFFERY L

Application Number

US11/045,198
Publication Number

US 20060168656A1
Time in Patent Office

2,777 Days
Field of Search

726/15, 370/221, 370/901, 370/351
US Class Current

726/15
CPC Class Codes

H04L 12/2834   Switching of information be...

H04L 2012/2849   Audio/video appliances

H04L 63/0272   Virtual private networks

H04L 63/0281   Proxies

H04W 12/033   of the user plane, e.g. use...

UPnP VPN gateway configuration service

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

102 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

UPnP VPN gateway configuration service

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

102 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links