Establishing secure remote access to private computer networks
First Claim
1. A computer-implemented method comprising:
- providing, by one or more computing systems that are part of a network service, a first computer network for a first client of the network service based on information specified by the first client, wherein the providing of the first computer network for the first client includes;
selecting multiple computing nodes from a plurality of computing nodes provided by the network service for use by remote clients;
provisioning the multiple computing nodes for use in the first computer network for the client; and
configuring one or more hardware devices of the network service that provide one or more of the multiple computing nodes to route communications for the first computer network according to a network topology specified for the first computer network by the first client;
receiving, by the one or more computing systems and via an interface of the network service for use by the remote clients to configure remote access to computer networks provided by the network service for the remote clients, a request to configure a secure connection between a first remote location and the first computer network provided by the network service for the first client; and
responding, by the one or more computing systems, to the received request by providing configuration information that causes one or more devices of the first client at the first remote location to participate in the secure connection for the first computer network.
0 Assignments
0 Petitions
Accused Products
Abstract
Techniques are described for providing users with access to computer networks, such as to enable users to interact with a remote configurable network service to create and configure computer networks that are provided by the configurable network service for use by the users. Secure private access between a computer network provided for a user by the configurable network service and one or more other remote computing systems of the user (e.g., a remote private network) may be enabled in various ways. For example, a user may programmatically invoke an API provided by the configurable network service to obtain assistance in establishing remote access from a remote location to a provided computer network of the configurable network service, such as to establish a VPN connection from the remote location to the provided computer network using hardware and/or software supplied to the remote location in response to the API invocation.
109 Citations
20 Claims
-
1. A computer-implemented method comprising:
-
providing, by one or more computing systems that are part of a network service, a first computer network for a first client of the network service based on information specified by the first client, wherein the providing of the first computer network for the first client includes; selecting multiple computing nodes from a plurality of computing nodes provided by the network service for use by remote clients; provisioning the multiple computing nodes for use in the first computer network for the client; and configuring one or more hardware devices of the network service that provide one or more of the multiple computing nodes to route communications for the first computer network according to a network topology specified for the first computer network by the first client; receiving, by the one or more computing systems and via an interface of the network service for use by the remote clients to configure remote access to computer networks provided by the network service for the remote clients, a request to configure a secure connection between a first remote location and the first computer network provided by the network service for the first client; and responding, by the one or more computing systems, to the received request by providing configuration information that causes one or more devices of the first client at the first remote location to participate in the secure connection for the first computer network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable medium having stored contents that cause one or more computing systems of a network service to:
-
provide, by the one or more computing systems, a first computer network for a first client of the network service based on information specified by the first client, wherein the providing of the first computer network for the first client includes; selecting multiple computing nodes from a plurality of computing nodes provided by the network service for use by remote clients; provisioning the multiple computing nodes for use in the first computer network for the client; and configuring one or more hardware devices of the network service that provide one or more of the multiple computing nodes to emulate functionality of a virtual router device of the first computer network that is indicated in the information specified by the first client and to route communications between the multiple computing nodes according to a network topology specified for the first computer network by the first client; receive, by the one or more computing systems and via an interface of the network service for use by remote clients to manage computer networks provided by the network service for the remote clients, a request to configure remote access from a first remote location to the first computer network provided by the network service for the first client; and respond, by the one or more computing systems, to the received request by providing configuration information that enables one or more devices at the first remote location to participate in the remote access to the first computer network from the first remote location. - View Dependent Claims (15, 16, 17)
-
-
18. A system comprising:
-
one or more hardware processors of one or more computing systems; and one or more memories with stored instructions that, when executed by at least one of the one or more hardware processors, cause the one or more computing systems to implement functionality for a network service that provides computer networks to remote clients, the implementing of the functionality including; providing a first computer network for a first client of the network service based on information specified by the first client, wherein the providing of the first computer network for the first client includes; selecting multiple computing nodes from a plurality of computing nodes provided by the network service for use by remote clients; provisioning the multiple computing nodes for use in the first computer network for the client; and configuring one or more hardware devices of the network service that provide one or more of the multiple computing nodes to route communications according to a network topology of the first computer network that is indicated in the information specified by the first client; receiving, from the first client via an interface of the network service, a request for a secure connection between a first remote location and the first computer network provided by the network service for the first client; and responding to the received request by providing configuration information that enables one or more devices at the first remote location to participate in the secure connection. - View Dependent Claims (19, 20)
-
Specification