公开(公告)号：US08274967B2

公开(公告)日：2012-09-25

申请号：US12836439

申请日：2010-07-14

Applicant: Ming Xue ,  Xiaoping Han

Inventor： Ming Xue ,  Xiaoping Han

IPC: H04L12/66

CPC classification number: H04L45/50 ,  H04L12/4679 ,  H04L45/04

Abstract: A method, system and gateway for remotely accessing an MPLS VPN are provided. In the method, multiple virtual interfaces are established in an SSL VPN gateway, one virtual interface is bound with one VPN, different VPN users are differentiated according to authentication and authorization information of users, and the authentication and authorization information of the users is respectively bound with corresponding VPNs. When the SSL VPN gateway receives a packet sent by a user, an inner label and an outer label are added to the packet according to a VPN instance bound with the user; when receiving a response packet from a resource server, the SSL VPN gateway searches for a VPN instance according to the VPN label, and forwards the response packet to the user through the SSL connection according to the found VPN instance.

Abstract translation: 提供远程访问MPLS VPN的方法，系统和网关。 该方法在SSL VPN网关中建立了多个虚拟接口，一个虚拟接口与一个VPN绑定，不同的VPN用户根据用户的认证授权信息进行区分，用户认证授权信息分别绑定 与相应的VPN。 当SSL VPN网关接收到用户发送的报文时，根据与用户绑定的VPN实例，将内标和外标签添加到报文中; 当从资源服务器接收到响应报文时，SSL VPN网关根据VPN标签搜索VPN实例，并根据发现的VPN实例通过SSL连接将响应报文转发给用户。

公开(公告)号：US20110013637A1

公开(公告)日：2011-01-20

申请号：US12836439

申请日：2010-07-14

Applicant: Ming Xue ,  Xiaoping Han

Inventor： Ming Xue ,  Xiaoping Han

IPC: H04L12/28 ,  H04L12/56 ,  H04L29/06

CPC classification number: H04L45/50 ,  H04L12/4679 ,  H04L45/04

Abstract: A method, system and gateway for remotely accessing an MPLS VPN are provided. In the method, multiple virtual interfaces are established in an SSL VPN gateway, one virtual interface is bound with one VPN, different VPN users are differentiated according to authentication and authorization information of users, and the authentication and authorization information of the users is respectively bound with corresponding VPNs. When the SSL VPN gateway receives a packet sent by a user, an inner label and an outer label are added to the packet according to a VPN instance bound with the user; when receiving a response packet from a resource server, the SSL VPN gateway searches for a VPN instance according to the VPN label, and forwards the response packet to the user through the SSL connection according to the found VPN instance.

Abstract translation: 提供远程访问MPLS VPN的方法，系统和网关。 该方法在SSL VPN网关中建立了多个虚拟接口，一个虚拟接口与一个VPN绑定，不同的VPN用户根据用户的认证授权信息进行区分，用户认证授权信息分别绑定 与相应的VPN。 当SSL VPN网关接收到用户发送的报文时，根据与用户绑定的VPN实例，将内标和外标签添加到报文中; 当从资源服务器接收到响应报文时，SSL VPN网关根据VPN标签搜索VPN实例，并根据发现的VPN实例通过SSL连接将响应报文转发给用户。