Secure IPsec tunnels with a background system accessible via...

Information security – Access control or authentication – Network

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C726S003000, C726S015000, C713S150000, C713S160000, C713S161000, C713S168000, C709S220000, C709S225000, C709S229000

Reexamination Certificate

active

10142608

ABSTRACT:
A method and system for enabling secure IPsec tunnels within NAT without compromising security. A local network is configured with a gateway machine connected to the Internet and having an IPsec ID for interfacing with the Internet and a local IP/interface address for interfacing with the local network. Client machines are connected to the gateway machine and communicate with the Internet via the gateway and network address translation (NAT) techniques. Each client machine is configured with a local IP/interface address. The client machines are also provided with an alias of the IPsec ID for the gateway machine. When an IPsec request is received by the gateway machine to establish a tunnel (secure communication) with one of the clients, the gateway machine forwards the packet to the particular client using NAT. The client machine receives the request and since it has an alias of the gateway's IPsec ID, the client machine will confirm that it has one of the IPsec IDs in the packet. The client machine sends the reply packet back to the gateway machine, which then forwards it to the requesting machine over the Internet. The requesting machine receives the packet and a confirmation that it has reached its intended recipient and opens the secure IKE tunnel with the particular client via the gateway machine. In this manner authentication of the IKE tunnel and establishment of a secure IPsec session is completed with a client machine that is accessible only via a gateway implementing NAT.

REFERENCES:
patent: 6631416 (2003-10-01), Bendinelli et al.
patent: 6826684 (2004-11-01), Fink et al.
patent: 6886103 (2005-04-01), Brustoloni et al.
patent: 6944183 (2005-09-01), Iyer et al.
patent: 6996628 (2006-02-01), Keane et al.
patent: 2002/0010866 (2002-01-01), McCullough et al.
patent: 2002/0016926 (2002-02-01), Nguyen et al.
patent: 2002/0023210 (2002-02-01), Tuomenoksa et al.
patent: 2002/0046348 (2002-04-01), Brustoloni
Mukundan, D., et al, ‘Implementation of IPSEC-NAT compatibility with UDP encapsulation of IPSEC packets’, Dept. EE & CS, Univ. of Kansas, 2001, entire document, http://www.ittc.ku.edu/˜kpm/ipsec—udp—encap/.

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Secure IPsec tunnels with a background system accessible via... does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Secure IPsec tunnels with a background system accessible via..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure IPsec tunnels with a background system accessible via... will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-3737299

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.