VPN failure recovery
First Claim
Patent Images
1. A method for providing remote access to a server system over a data network comprising:
- maintaining a plurality of communication paths through the data network between each of one or more client systems and the server system,each path being associated with one of a plurality of gateway devices coupled between the data network and the server system, wherein each path is maintained as an active transport layer session;
for each of the client systems, the paths between said client system and the server system being associated with different of the gateway devices;
routing communication between a first of the client systems and the server system over a first of the communication paths passing through a first of the gateway devices;
monitoring communications associated with the first gateway device; and
re-routing the communication between the first client system and the server system to a second of the communication paths through a second of the gateway devices, before a transport layer timeout, in the event of a communication failure associated with the first gateway device.
13 Assignments
0 Petitions
Accused Products
Abstract
An approach to rapid failover of a communication path between computers that are linked by redundant virtual links in a virtual private network (VPN) features detection of communication link and device failures through an active monitoring approach and re-routing of communication through a redundant link of the VPN when a failure is detected.
295 Citations
30 Claims
-
1. A method for providing remote access to a server system over a data network comprising:
-
maintaining a plurality of communication paths through the data network between each of one or more client systems and the server system, each path being associated with one of a plurality of gateway devices coupled between the data network and the server system, wherein each path is maintained as an active transport layer session; for each of the client systems, the paths between said client system and the server system being associated with different of the gateway devices; routing communication between a first of the client systems and the server system over a first of the communication paths passing through a first of the gateway devices; monitoring communications associated with the first gateway device; and re-routing the communication between the first client system and the server system to a second of the communication paths through a second of the gateway devices, before a transport layer timeout, in the event of a communication failure associated with the first gateway device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A communication system comprising:
-
a plurality of gateway devices, each programmed to maintain a communication path between each of one or more client systems and the server system; the gateway devices being programmed to route communication between a first of the client systems and the server system over a first of the communication paths passing through a first of the gateway devices, communication associated with the first gateway device being monitored, and to re-route the communication between the first client system and the server to a second of the communication paths via an active transport layer session through a second of the gateway devices, before a transport layer timeout, in the event of a communication failure associated with the first gateway device.
-
Specification