公开(公告)号：EP2061209A1

公开(公告)日：2009-05-20

申请号：EP08152717.8

申请日：2008-03-13

Applicant: Juniper Networks, Inc.

Inventor： Watsen, Kent A ,  Gerraty, Simon J ,  Fraley, Paul ,  Shafer, Philip A ,  Tom, Darren

IPC: H04L29/06

CPC classification number: H04L69/16 ,  H04L63/029 ,  H04L63/166 ,  H04L69/163

Abstract: In general, the invention is directed to techniques for establishing secure connections with devices residing behind a security device. In accordance with the techniques, a managed device initiates a transmission control protocol (TCP) session to establish a TCP session with a management device such that the management device acts as the TCP server and the managed device acts as a TCP client. Once established, the managed device sends a role reversal message specifying an identity of the managed device via the TCP session. Upon receiving the role reversal message, the management device initiates a secure connection over the TCP session in accordance with a secure protocol such that the management device acts as the secure protocol client and the managed device acts as the secure protocol server. By properly establishing the secure session, each of the devices assumes the proper roles and administrators may more easily configure the devices.

Abstract translation: 通常，本发明涉及用于建立与位于安全设备后面的设备的安全连接的技术。 根据这些技术，受管设备发起传输控制协议（TCP）会话，以与管理设备建立TCP会话，使得管理设备充当TCP服务器，被管理设备充当TCP客户端。 一旦建立，被管理设备通过TCP会话发送指定被管理设备的身份的角色反转消息。 在接收到角色反转消息时，管理设备根据安全协议通过TCP会话发起安全连接，使得管理设备充当安全协议客户端，被管理设备充当安全协议服务器。 通过适当地建立安全会话，每个设备都承担正确的角色，管理员可以更容易地配置设备。

公开(公告)号：EP2061209B1

公开(公告)日：2018-08-15

申请号：EP08152717.8

申请日：2008-03-13

Applicant: Juniper Networks, Inc.

Inventor： Watsen, Kent A ,  Gerraty, Simon J ,  Fraley, Paul ,  Shafer, Philip A ,  Tom, Darren

IPC: H04L29/06

CPC classification number: H04L69/16 ,  H04L63/029 ,  H04L63/166 ,  H04L69/163

Abstract: In general, the invention is directed to techniques for establishing secure connections with devices residing behind a security device. In accordance with the techniques, a managed device initiates a transmission control protocol (TCP) session to establish a TCP session with a management device such that the management device acts as the TCP server and the managed device acts as a TCP client. Once established, the managed device sends a role reversal message specifying an identity of the managed device via the TCP session. Upon receiving the role reversal message, the management device initiates a secure connection over the TCP session in accordance with a secure protocol such that the management device acts as the secure protocol client and the managed device acts as the secure protocol server. By properly establishing the secure session, each of the devices assumes the proper roles and administrators may more easily configure the devices.