Systems and methods for pinging a user's intranet IP address
First Claim
1. A method for determining an intranet internet protocol address assigned to a user logged into a network via a secure socket layer virtual private network connection (SSL VPN), the method comprising the steps of:
- (a) assigning, by an appliance providing access to a network, a unique intranet internet protocol address on the network to each SSL VPN session of each user of a plurality of users, the unique intranet internet protocol address from a plurality of internet protocol addresses designated to the respective user for accessing the network via the appliance, each user establishing a respective SSL VPN session via the appliance to the network, each unique intranet internet protocol address hosted by the appliance and different from an internet protocol address of a device operated by the respective user of the plurality of users, the appliance assigning the unique intranet internet protocol address to subsequent SSL VPN sessions of the respective user while the user roams from the device to another device of the respective user for connecting to the network;
(b) storing, by the appliance, in a domain name service an association of an intranet internet protocol address assigned to an SSL VPN session of a first user of the plurality of users with a user domain name unique to the SSL VPN session of the first user, the user domain name comprising a domain name suffix appended to an identifier of the first user;
(c) receiving, by the appliance, a request for the intranet internet protocol address of the user domain name;
(d) determining, by the appliance, from the domain name service the intranet internet protocol address associated with the user domain name; and
(e) providing, by the appliance, in response to the request, the intranet internet protocol address assigned to the SSL VPN session of the first user.
7 Assignments
0 Petitions
Accused Products
Abstract
The intranet IP address management solution of the appliance and/or client described herein provides an environment for efficiently assigning, managing and querying virtual private network addresses, referred to as intranet IP (IIP) addresses of virtual private network users, such as a multitude of SSL VPN users on an enterprise network. The appliance provides techniques and policies for assigning previously assigned virtual private network addresses of a user to subsequent sessions of the user as the user logs in multiple times or roams between access points. This technique is referred to IIP stickiness as the appliance attempts to provide the same IIP address to a roaming VPN user. The appliance also provides a configurable user domain naming policy so that one can ping or query the virtual private network address of a user by an easily referenceable host name identifying the user. The appliance and/or client agent also provide techniques to allow applications to seamlessly and transparently communicate on the virtual private network using the virtual private network address of the user or client on the private network.
40 Citations
26 Claims
-
1. A method for determining an intranet internet protocol address assigned to a user logged into a network via a secure socket layer virtual private network connection (SSL VPN), the method comprising the steps of:
-
(a) assigning, by an appliance providing access to a network, a unique intranet internet protocol address on the network to each SSL VPN session of each user of a plurality of users, the unique intranet internet protocol address from a plurality of internet protocol addresses designated to the respective user for accessing the network via the appliance, each user establishing a respective SSL VPN session via the appliance to the network, each unique intranet internet protocol address hosted by the appliance and different from an internet protocol address of a device operated by the respective user of the plurality of users, the appliance assigning the unique intranet internet protocol address to subsequent SSL VPN sessions of the respective user while the user roams from the device to another device of the respective user for connecting to the network; (b) storing, by the appliance, in a domain name service an association of an intranet internet protocol address assigned to an SSL VPN session of a first user of the plurality of users with a user domain name unique to the SSL VPN session of the first user, the user domain name comprising a domain name suffix appended to an identifier of the first user; (c) receiving, by the appliance, a request for the intranet internet protocol address of the user domain name; (d) determining, by the appliance, from the domain name service the intranet internet protocol address associated with the user domain name; and (e) providing, by the appliance, in response to the request, the intranet internet protocol address assigned to the SSL VPN session of the first user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 24, 25, 26)
-
-
12. A system for determining an intranet internet protocol address assigned to a user logged into a network via a secure socket layer virtual private network connection (SSL VPN), the system comprising:
-
means for assigning, by an appliance providing access to a network, a unique intranet internet protocol address on the network to each SSL VPN session of each user of a plurality of users, the unique intranet internet protocol address from a plurality of internet protocol addresses designated to the respective user for accessing the network via the appliance, each user establishing a respective SSL VPN session via the appliance to the network, each unique intranet internet protocol address is hosted by the appliance and different from an internet protocol address of a device operated by the respective user of the plurality of users, the appliance assigning the unique intranet internet protocol address to subsequent SSL VPN sessions of the respective user while the user roams from the device to another device of the respective user for connecting to the network; means for storing, by the appliance, in a domain name service an association of the intranet internet protocol address assigned to an SSL VPN session of a first user of the plurality of users with a user domain name unique to the SSL VPN session of the first user, the user domain name comprising a domain name suffix appended to an identifier of the first user; means for receiving, by the appliance, a request for the intranet internet protocol address of the user domain name; means for determining, by the appliance, from the domain name service the intranet internet protocol address associated with the user domain name; and means for providing, by the appliance, in response to the request, the intranet internet protocol address assigned to the SSL VPN session of the first user. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method for determining an intranet internet protocol address assigned to a user logged into a network via a secure socket layer virtual private network connection (SSL VPN), the method comprising the steps of:
-
(a) assigning, by an appliance providing access to a network, a unique intranet internet protocol address on the network to each user of a plurality of users, the unique intranet internet protocol address from a plurality of internet protocol addresses designated to the respective user for accessing the network via the appliance, each user establishing a respective SSL VPN session via the appliance to the network, each unique intranet internet protocol address is hosted by the appliance and different from an internet protocol address of a device operated by the respective user of the plurality of users, the appliance assigning the unique intranet internet protocol address to subsequent SSL VPN sessions of the respective user while the user roams from the device to another device of the respective user for connecting to the network; (b) storing, by the appliance, in a domain name service an association of the intranet internet protocol address assigned to an SSL VPN session of a first user of the plurality of user with a user domain name unique to the SSL VPN session of the first user, the user domain name comprising a domain name suffix appended to an identifier of the first user; (c) maintaining, by the appliance, the same intranet internet protocol address for the first user while the first user roams between devices or access points for connecting to the network; (d) receiving, by the appliance, a request for the intranet internet protocol address of the user domain name; (e) determining, by the appliance, from the domain name service the intranet internet protocol address associated with the user domain name; and (f) providing, by the appliance, in response to the request, the intranet internet protocol address assigned to the SSL VPN session of the first user.
-
Specification