公开(公告)号：US20230049690A1

公开(公告)日：2023-02-16

申请号：US17402125

申请日：2021-08-13

Applicant: Citrix Systems, Inc.

Inventor： Vishnu Prateek Ponaka ,  Pradeep Gaikwad ,  Jateen Mittal ,  Mukul Agarwal

IPC: H04L12/46

Abstract: Described embodiments provide systems and methods for tunneling data packets to a server. A computing device can include a processor and a network interface. The processor is configured to execute a network service, a local application, and a virtual private network (VPN) application. The network service can receive a packet from the local application for transmission via a VPN tunnel, the packet comprising a source address of the computing device and a source port associated with the local application. The network service can determine that the packet matches a first tunnel filter. The network service can encapsulate, responsive to the determination that the packet matches the first tunnel filter, the packet with the header comprising a localhost destination address and a destination port associated with the VPN application. The network service can provide the encapsulated packet to the VPN application.

公开(公告)号：US20230344921A1

公开(公告)日：2023-10-26

申请号：US17723784

申请日：2022-04-19

Applicant: Citrix Systems, Inc.

Inventor： Pary Duraisamy ,  Pradeep Gaikwad ,  Kirankumar Alluvada ,  Jong Kann ,  Kenneth Bell

IPC: H04L12/46 ,  H04L45/74 ,  H04L9/40 ,  H04L69/16

CPC classification number: H04L69/161 ,  H04L12/4641 ,  H04L45/74 ,  H04L63/0272 ,  H04L63/166 ,  H04L2212/00

Abstract: The present solution provides systems and methods for supporting network communication, including UDP network communication, between clients and servers at data centers, over a cloud VPN. An agent can receive a user datagram protocol (UDP) packet. The agent can generate a header for the UDP packet identifying a destination server at a data center of a plurality of data centers. The agent can establish a channel to a virtual private network (VPN) server of a cloud-based VPN as a service. The agent can encapsulate the UDP packet using the header and transmit, via the channel, the encapsulated UDP packet to the VPN server, the encapsulated UDP packet configured to identify the data center according to a table of the VPN server and content of the header.

公开(公告)号：US20230421538A1

公开(公告)日：2023-12-28

申请号：US17850259

申请日：2022-06-27

Applicant: Citrix Systems, Inc.

Inventor： Vishnu Prateek Ponaka ,  Pradeep Gaikwad ,  Jateen Mittal ,  Vinay Kumar Kothiyal

IPC: H04L9/40 ,  H04L61/4511

CPC classification number: H04L63/0272 ,  H04L63/029 ,  H04L61/4511

Abstract: The present solution provides systems and methods for establishing and implementing a hostname-based split tunneling of client-side network traffic. A driver on a client can receive a first packet of an application that includes a hostname of a destination. The driver can receive from an agent of the client a real IP address and a spoofed IP address corresponding to the hostname, when the hostname matches one of a plurality of hostnames to exclude packet traffic from a VPN tunnel of the agent. The driver can receive from the agent a domain name service (DNS) response that includes the spoofed IP address and send the DNS response to cause the application to include the spoofed IP address in a second packet for the destination.

公开(公告)号：US11677585B2

公开(公告)日：2023-06-13

申请号：US17402125

申请日：2021-08-13

Applicant: Citrix Systems, Inc.

Inventor： Vishnu Prateek Ponaka ,  Pradeep Gaikwad ,  Jateen Mittal ,  Mukul Agarwal

IPC: H04L12/46

CPC classification number: H04L12/4633 ,  H04L12/4641 ,  H04L2212/00

Abstract: Described embodiments provide systems and methods for tunneling data packets to a server. A computing device can include a processor and a network interface. The processor is configured to execute a network service, a local application, and a virtual private network (VPN) application. The network service can receive a packet from the local application for transmission via a VPN tunnel, the packet comprising a source address of the computing device and a source port associated with the local application. The network service can determine that the packet matches a first tunnel filter. The network service can encapsulate, responsive to the determination that the packet matches the first tunnel filter, the packet with the header comprising a localhost destination address and a destination port associated with the VPN application. The network service can provide the encapsulated packet to the VPN application.