公开(公告)号：US20230049690A1

公开(公告)日：2023-02-16

申请号：US17402125

申请日：2021-08-13

Applicant: Citrix Systems, Inc.

Inventor： Vishnu Prateek Ponaka ,  Pradeep Gaikwad ,  Jateen Mittal ,  Mukul Agarwal

IPC: H04L12/46

Abstract: Described embodiments provide systems and methods for tunneling data packets to a server. A computing device can include a processor and a network interface. The processor is configured to execute a network service, a local application, and a virtual private network (VPN) application. The network service can receive a packet from the local application for transmission via a VPN tunnel, the packet comprising a source address of the computing device and a source port associated with the local application. The network service can determine that the packet matches a first tunnel filter. The network service can encapsulate, responsive to the determination that the packet matches the first tunnel filter, the packet with the header comprising a localhost destination address and a destination port associated with the VPN application. The network service can provide the encapsulated packet to the VPN application.

公开(公告)号：US20230421538A1

公开(公告)日：2023-12-28

申请号：US17850259

申请日：2022-06-27

Applicant: Citrix Systems, Inc.

Inventor： Vishnu Prateek Ponaka ,  Pradeep Gaikwad ,  Jateen Mittal ,  Vinay Kumar Kothiyal

IPC: H04L9/40 ,  H04L61/4511

CPC classification number: H04L63/0272 ,  H04L63/029 ,  H04L61/4511

Abstract: The present solution provides systems and methods for establishing and implementing a hostname-based split tunneling of client-side network traffic. A driver on a client can receive a first packet of an application that includes a hostname of a destination. The driver can receive from an agent of the client a real IP address and a spoofed IP address corresponding to the hostname, when the hostname matches one of a plurality of hostnames to exclude packet traffic from a VPN tunnel of the agent. The driver can receive from the agent a domain name service (DNS) response that includes the spoofed IP address and send the DNS response to cause the application to include the spoofed IP address in a second packet for the destination.

公开(公告)号：US11677585B2

公开(公告)日：2023-06-13

申请号：US17402125

申请日：2021-08-13

Applicant: Citrix Systems, Inc.

Inventor： Vishnu Prateek Ponaka ,  Pradeep Gaikwad ,  Jateen Mittal ,  Mukul Agarwal

IPC: H04L12/46

CPC classification number: H04L12/4633 ,  H04L12/4641 ,  H04L2212/00

Abstract: Described embodiments provide systems and methods for tunneling data packets to a server. A computing device can include a processor and a network interface. The processor is configured to execute a network service, a local application, and a virtual private network (VPN) application. The network service can receive a packet from the local application for transmission via a VPN tunnel, the packet comprising a source address of the computing device and a source port associated with the local application. The network service can determine that the packet matches a first tunnel filter. The network service can encapsulate, responsive to the determination that the packet matches the first tunnel filter, the packet with the header comprising a localhost destination address and a destination port associated with the VPN application. The network service can provide the encapsulated packet to the VPN application.