Device and method for virtual private network connection establishment
First Claim
1. A method for use in virtual private network (VPN) communications, the method comprising:
- at a client device;
receiving, from an application executed on the client device, a request to connect to a destination identified by a hostname;
performing a domain name system (DNS) lookup functionality on the hostname, the DNS lookup functionality returning an address, wherein performing the DNS lookup functionality includes,transmitting a DNS lookup to one or more trusted servers only, andsetting a DNS lookup timeout period based at least in part on one or more measured network parameters;
determining whether the returned address is a redirected address based on whether the returned address matches an entry in a stored list of redirected addresses;
determining whether a hypertext transmission protocol secure (HTTPS) probe configured for the hostname fails, wherein the HTTPS probe failing is indicative of a second destination being unavailable in a public network, wherein the HTTPS probe succeeding is indicative of the second destination being publicly available on the public network;
determining whether the returned address matches a cached route in which a transmission control protocol (TCP) connection establishment is unsuccessful, wherein the TCP connection establishment being unsuccessful is indicative of the destination being unavailable in the public network, wherein the TCP connection establishment succeeding is indicative of a connection being established with the destination on the public network; and
connecting to a VPN when;
the returned address is a redirected address;
the HTTPS probe fails;
orthe returned address matches the cached route and the TCP connection establishment is unsuccessful.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, client device and non-transitory computer readable storage medium for connecting to a virtual private network (VPN). A request to connect to a destination identified by a hostname is received from an application executed on the client device and a domain name system (DNS) lookup functionality is performed on the hostname, the DNS lookup functionality returning an address. It is then determined whether the returned address is a redirected address, whether a hypertext transmission protocol secure (HTTPS) probe configured for the hostname fails, or whether the returned address matches a cached route in which a transmission control protocol (TCP) connection establishment is unsuccessful. If any of the returned address is a redirected address, the HTTPS probe fails or the returned address matches the cached route and the TCP connection establishment is unsuccessful, the client device is connected to the VPN.
-
Citations
20 Claims
-
1. A method for use in virtual private network (VPN) communications, the method comprising:
at a client device; receiving, from an application executed on the client device, a request to connect to a destination identified by a hostname; performing a domain name system (DNS) lookup functionality on the hostname, the DNS lookup functionality returning an address, wherein performing the DNS lookup functionality includes, transmitting a DNS lookup to one or more trusted servers only, and setting a DNS lookup timeout period based at least in part on one or more measured network parameters; determining whether the returned address is a redirected address based on whether the returned address matches an entry in a stored list of redirected addresses; determining whether a hypertext transmission protocol secure (HTTPS) probe configured for the hostname fails, wherein the HTTPS probe failing is indicative of a second destination being unavailable in a public network, wherein the HTTPS probe succeeding is indicative of the second destination being publicly available on the public network; determining whether the returned address matches a cached route in which a transmission control protocol (TCP) connection establishment is unsuccessful, wherein the TCP connection establishment being unsuccessful is indicative of the destination being unavailable in the public network, wherein the TCP connection establishment succeeding is indicative of a connection being established with the destination on the public network; and connecting to a VPN when; the returned address is a redirected address; the HTTPS probe fails;
orthe returned address matches the cached route and the TCP connection establishment is unsuccessful. - View Dependent Claims (2, 3, 4, 5, 6, 7, 18, 19, 20)
-
8. A client device, comprising:
-
communications circuitry; and a processor, wherein the processor and communications circuitry are configured to establish a connection to a virtual private network (VPN) by; receiving, from an application executed on the client device, a request to connect to a destination identified by a hostname; performing a domain name system (DNS) lookup functionality on the hostname, the DNS lookup functionality returning an address, wherein performing the DNS lookup functionality includes, transmitting a DNS lookup to one or more trusted servers only, and setting a DNS lookup timeout period that is based on one or more measured network parameters; determining whether the returned address is a redirected address based on whether the returned address matches an entry in a stored list of redirected addresses; determining whether a hypertext transmission protocol secure (HTTPS) probe configured for the hostname fails, wherein the HTTPS probe failing is indicative of a second destination being unavailable in a public network, wherein the HTTPS probe succeeding is indicative of the second destination being publicly available on the public network; determining whether the returned address matches a cached route in which a transmission control protocol (TCP) connection establishment is unsuccessful, wherein the TCP connection establishment being unsuccessful is indicative of the destination being unavailable in the public network, wherein the TCP connection establishment succeeding is indicative of a connection being established with the destination on the public network; and connecting to the VPN when; the returned address is a redirected address; the HTTPS probe fails;
orthe returned address matches the cached route and the TCP connection establishment is unsuccessful. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer readable storage medium with an executable program stored thereon, wherein the program instructs a microprocessor to perform operations comprising:
-
receiving, at a client device, from an application executed on the client device, a request to connect to a destination identified by a hostname; performing, at the client device, a domain name system (DNS) lookup functionality on the hostname, the DNS lookup functionality returning an address, wherein performing the DNS lookup functionality includes, transmitting a DNS lookup to one or more trusted servers only, and setting a DNS lookup timeout period that is based on one or more measured network parameters; determining, at the client device, whether the returned address is a redirected address based on whether the returned address matches an entry in a stored list of redirected addresses; determining, at the client device, whether a hypertext transmission protocol secure (HTTPS) probe configured for the hostname fails, wherein the HTTPS probe failing is indicative of a second destination being unavailable in a public network, wherein the HTTPS probe succeeding is indicative of the second destination being publicly available on the public network; determining, at the client device, whether the returned address matches a cached route in which a transmission control protocol (TCP) connection establishment is unsuccessful, wherein the TCP connection establishment being unsuccessful is indicative of the destination being unavailable in the public network, wherein the TCP connection establishment succeeding is indicative of a connection being established with the destination on the public network; and connecting to a virtual private network (VPN) when; the returned address is a redirected address; the HTTPS probe fails;
orthe returned address matches the cached route and the TCP connection establishment is unsuccessful.
-
Specification