Virtual dial-up protocol for network communication
First Claim
1. A method for establishing a network session, comprising:
- establishing a point-to-point session with a remote client; and
projecting the point-to-point session to a local network using a data link layer projection scheme for creating a virtual point-to-point session between the remote client and the local network.
0 Assignments
0 Petitions
Accused Products
Abstract
A layer two forwarding protocol (L2F) provides virtual direct dial-up service into private networks through public internet service providers. An authorized remote client appears as a direct dial-up client to the home gateway, even through the client is accessing the home gateway remotely through the ISP. The new forwarding protocol allows the remote client to conduct point-to-point link protocols, such as point-to-point protocol (PPP) and serial line interface protocol (SLIP) directly with the local network home gateway. The network access server changes from a routing mode where a communication protocol is conducted with the client to a switching mode where the POP simply sends data from one port to a tunnel. The tunnel then transmits the data to another port, regardless of the header information on transmitted data packets. The remote client can then be managed through databases controlled by the local network and gain access to resources not typically accessible through the internet. The layer two forwarding protocol conducts an independent authorization session to prevent unauthorized access to the private network and provides point-to-point protocol transport over the internet independently of internet transport protocols.
144 Citations
50 Claims
-
1. A method for establishing a network session, comprising:
-
establishing a point-to-point session with a remote client; and
projecting the point-to-point session to a local network using a data link layer projection scheme for creating a virtual point-to-point session between the remote client and the local network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
transmitting an authentication request to the remote client;
receiving a keyed random number from the remote client;
transmitting the keyed random number to the local network; and
creating the virtual point-to-point session when the keyed random number is authenticated by the local network.
-
-
3. A method according to claim 2 including using a Challenge Authentication Protocol (CHAP) or Password Authentication Protocol (PAP) for obtaining the keyed random number.
-
4. A method according to claim 1 including using a Point-to-Point Protocol (PPP) or a Serial Line Interface Protocol (SLIP) for the point-to-point session.
-
5. A method according to claim 1 including forwarding a Link Control Protocol (LCP) point-to-point session to the local network using the data link layer projection scheme.
-
6. A method according to claim 1 including connecting to the local network through a public switched telephone network access or an integrated services digital network access.
-
7. A method according to claim 1 including:
-
encapsulating the point-to-point session with a data link layer protocol;
forwarding the encapsulated point-to-point session to the local network so that the encapsulated point-to-point session operates as a direct point-to-point connection between the remote client and the local network.
-
-
8. A method according to claim 7 including identifying virtual dial-up clients among different remote clients and conducting the encapsulation and forwarding only for the identified virtual dial-up clients.
-
9. Computer code stored on a computer readable medium for establishing a network session, comprising:
-
code for establishing a point-to-point session with a remote client; and
code for projecting the point-to-point session to a local network using a data link layer projection scheme for creating a virtual point-to-point session between the remote client and the local network. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
code for transmitting an authentication request to the remote client;
code for receiving a keyed random number from the remote client;
code for transmitting the keyed random number to the local network; and
code for creating the virtual point-to-point session when the keyed random number is authenticated by the local network.
-
-
11. Computer code according to claim 10 including code for using a Challenge Authentication Protocol (CHAP) or Password Authentication Protocol (PAP) for obtaining the keyed random number.
-
12. Computer code according to claim 9 including code for using a Point-to-Point Protocol (PPP) or a Serial Line Interface Protocol (SLIP) for the point-to-point session.
-
13. Compute code according to claim 9 including code for forwarding a Link Control Protocol (LCP) point-to-point session to the local network using the data link layer projection scheme.
-
14. Computer code according to claim 9 including code for connecting to the local network through a public switched telephone network access or an integrated services digital network access.
-
15. Computer code according to claim 9 including:
-
code for encapsulating the point-to-point session with a data link layer protocol; and
code for forwarding the encapsulated point-to-point session to the local network so that the encapsulated point-to-point session operates as a direct point-to-point connection between the remote client and the local network.
-
-
16. Computer code according to claim 15 including code for identifying virtual dial-up clients among different remote clients and conducting the encapsulation and forwarding only for the identified virtual dial-up clients.
-
17. A system for establishing a network session, comprising:
-
means for establishing a point-to-point session with a remote client; and
means for projecting the point-to-point session to a local network using a data link layer projection scheme for creating a virtual point-to-point session between the remote client and the local network. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
means for transmitting an authentication request to the remote client;
means for receiving a keyed random number from the remote client;
means for transmitting the keyed random number to the local network; and
means for creating the virtual point-to-point session when the keyed random number is authenticated by the local network.
-
-
19. A system according to claim 18 including means for using a Challenge Authentication Protocol (CHAP) or Password Authentication Protocol (PAP) for obtaining the keyed random number.
-
20. A system according to claim 17 including means for using a Point-to-Point Protocol (PPP) or a Serial Line Interface Protocol (SLIP) for the point-to-point session.
-
21. A system according to claim 17 including means for forwarding a Link Control Protocol (LCP) point-to-point session to the local network using the data link layer projection scheme.
-
22. A system according to claim 17 including means for connecting to the local network through a public switched telephone network access or an integrated services digital network access.
-
23. A system according to claim 17 including:
-
means for encapsulating the point-to-point session with a data link layer protocol; and
means for forwarding the encapsulated point-to-point session to the local network so that the encapsulated point-to-point session operates as a direct point-to-point connection between the remote client and the local network.
-
-
24. A system according to claim 23 including means for identifying virtual dial-up clients among different remote clients and conducting the encapsulation and forwarding only for the identified virtual dial-up clients.
-
25. A method for remotely accessing a local network, comprising:
-
identifying a remote client having authorized access to a local network using a data link layer protocol;
establishing a connection to the local network for authorized remote client; and
conducting a virtual point-to-point session with the authorized remote client and the local network using the data link layer protocol. - View Dependent Claims (26, 27, 28, 29, 30)
receiving a remote client name, a random number and an encrypted random number for the remote client;
locally encrypting the random number using a stored password corresponding to the remote client name; and
establishing the virtual point-to-point session when the received encrypted random number matches the locally encrypted random number.
-
-
27. A method according to claim 25 including receiving the virtual point-to-point session encapsulated in the data link layer protocol.
-
28. A method according to claim 25 including receiving a multiplex identification field for multiplexing multiple virtual point-to-point sessions using the data link layer forwarding protocol at the same time.
-
29. A method according to claim 28 including receiving a client ID field for demultiplexing multiple virtual point-to-point sessions.
-
30. A method according to claim 25 including receiving a packet key in a data link level protocol header for encrypting authentication responses.
-
31. Computer code stored on a computer readable medium for remotely accessing a local network, comprising:
-
code for identifying a remote client having authorized access to a local network using a data link layer protocol;
code for establishing a connection to the local network for authorized remote client; and
code for conducting a virtual point-to-point session with the authorized remote client and the local network using the data link layer protocol. - View Dependent Claims (32, 33, 34, 35, 36)
code for receiving a remote client name, a random number and an encrypted random number for the remote client;
code for locally encrypting the random number using a stored password corresponding to the remote client name; and
code for establishing the virtual point-to-point session when the received encrypted random number matches the locally encrypted random number.
-
-
33. Computer code according to claim 31 including code for receiving the virtual point-to-point session encapsulated in the data link layer protocol.
-
34. Computer code according to claim 31 including code for receiving a multiplex identification field for multiplexing multiple virtual point-to-point sessions using the data link layer forwarding protocol at the same time.
-
35. Computer code according to claim 34 including code for receiving a client ID field for demultiplexing multiple virtual point-to-point sessions.
-
36. Computer code according to claim 31 including code for receiving a packet key in a data link level protocol header for encrypting authentication responses.
-
37. A system for remotely accessing a local network, comprising:
-
means for identifying a remote client having authorized access to a local network using a data link layer protocol;
means for establishing a connection to the local network for authorized remote client; and
means for conducting a virtual point-to-point session with the authorized remote client and the local network using the data link layer protocol. - View Dependent Claims (38, 39, 40, 41, 42)
means for receiving a remote client name, a random number and an encrypted random number for the remote client;
means for locally encrypting the random number using a stored password corresponding to the remote client name; and
means for establishing the virtual point-to-point session when the received encrypted random number matches the locally encrypted random number.
-
-
39. A system according to claim 37 including means for receiving the virtual point-to-point session encapsulated in the data link layer protocol.
-
40. A system according to claim 37 including means for receiving a multiplex identification field for multiplexing multiple virtual point-to-point sessions using the data link layer forwarding protocol at the same time.
-
41. A system according to claim 40 including means for receiving a client ID field for demultiplexing multiple virtual point-to-point sessions.
-
42. A system according to claim 37 including code for receiving a packet key in a data link level protocol header for encrypting authentication responses.
-
43. A computer, comprising:
-
a first interface configured to receive a point-to-point session transported over a data link layer forwarding protocol;
a second interface configured to communicate with a local network; and
a processor configured to establish the point-to-point session between a remote client and the local network according to the data link layer forwarding protocol. - View Dependent Claims (44, 45, 46, 47)
-
-
48. A computer, comprising:
-
a first interface conducting a point-to-point session with a remote client;
a second interface connected to an internet infrastructure; and
a processor configured for projecting the point-to-point session through the internet infrastructure to a local network using a forwarding protocol operating at a data link layer. - View Dependent Claims (49, 50)
-
Specification