CN108696546A - A kind of method and device of the user terminal access public network of Enterprise Mobile private network - Google Patents
A kind of method and device of the user terminal access public network of Enterprise Mobile private network Download PDFInfo
- Publication number
- CN108696546A CN108696546A CN201710081308.7A CN201710081308A CN108696546A CN 108696546 A CN108696546 A CN 108696546A CN 201710081308 A CN201710081308 A CN 201710081308A CN 108696546 A CN108696546 A CN 108696546A
- Authority
- CN
- China
- Prior art keywords
- message
- http
- user
- uplink
- mobile terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of method and device of the user terminal access public network of Enterprise Mobile private network, method includes:When Enterprise Mobile private network base station side receives the uplink public net message of mobile terminal transmission of enterprises user, the type of message of the uplink public net message is determined;Enterprise Mobile private network base station side is according to the type of message of identified uplink public net message, establish the agreement connection of its corresponding type of message between the mobile terminal of the enterprises user, and the uplink protocol massages sent via the mobile terminal of the agreement connection acquisition enterprises user;The uplink protocol massages are routed to the http proxy server by Enterprise Mobile private network base station side;Enterprise Mobile private network base station side connects the mobile terminal that the descending protocol message is sent to the enterprises user by the agreement established when receiving the descending protocol message that the http proxy server returns.
Description
Technical field
The present invention relates to mobile communication technology field, more particularly to the user terminal access of a kind of Enterprise Mobile private network is public
The method and device of net.
Background technology
Enterprise network, be generally divided into internal network (abbreviation corporate intranet) and the areas DMZ (Demilitarized Zone, it is non-
Militarization area, also referred to as isolated area).Enterprise-wide computer (hereinafter referred intranet host) is located at corporate intranet, and intranet host is visited
When asking internet (Internet, also referred to as public network, outer net), pass through http proxy server (also referred to as WEB proxy servers)
It accesses, http proxy server is generally deployed in the areas DMZ.
Http proxy server is for acting on behalf of HTTP and HTTPS (Hyper Text Transfer Protocol over
Secure Socket Layer, Hyper text transfer security protocol) extranet access.HTTP and HTTPS agreements are all based on TCP
(Transmission Control Protocol, transmission control protocol) agreement, and distinguished by port numbers.
Intranet host accesses the public network of HTTP and HTTPS, and different public network servers directly establish connection, but with
Http proxy server establishes HTTP connections, and http proxy server is established specific agreement with public network server and connect again, such as Fig. 1
It is shown.
Specifically, HTTP is accessed, is connect as shown in Fig. 2, intranet host establishes HTTP with proxy server, acted on behalf of
Server is established HTTP with target public network WEB server and is connect.
HTTPS is accessed, connect as shown in figure 3, intranet host and proxy server establish HTTP and uses CONNECT
Method request agency server establishes SSL (Secure Socket Layer, Secure Socket Layer) connections with public network server, interior
HTTP connections between host's machine and http proxy server, the SSL reports between transparent forwarding intranet host and public network server
Text, the commonly referred to as tunnels WEB.
The base station (eNB, evolved Node B, evolution node B) of mobile operator is public in addition to being provided for public user
Mobile network service is outer, can also be the virtual mobile private network of enterprise's structure, and enterprises user can be with by this virtual network
Corporate intranet, referred to herein as Enterprise Mobile private network is accessed.Correspondingly, these base stations are alternatively referred to as Enterprise Mobile private network base
It stands, it should be noted that Enterprise Mobile private network base station here is actually also public base station, it and common public base station are not
It is same, it can be used for building Enterprise Mobile private network.
Use Enterprise Mobile private network, the mobile terminal of enterprises user, i.e. user terminal (UE, User
Equipment, user equipment), Intranet can be accessed in base station side, but when accessing public network, due to APN
Agency cannot be arranged in (Access Point Name, access point), cannot also http proxy server be used to access public network, still
To pass through the base station of operator mobile network, return network (Backhaul) and core net EPC (Evolved Packet Core,
The packet-based core networks of evolution) internet is arrived afterwards, then it is routed to public network server, as shown in Figure 4.
There is presently no the mobile network terminals of enterprise network internal user to use enterprise network in mobile network base station side
Http proxy server accesses the published method of public network.
Invention content
The technical issues of scheme provided according to embodiments of the present invention solves is that the mobile terminal of enterprises user is moving
The problem of dynamic net access side can not use enterprise network http proxy server to access public network.
Here Enterprise Mobile private network base station refers to the mobile operator that can provide structure Enterprise Mobile private network function
Public base station, Enterprise Mobile private network only for enterprises user mobile terminal access.
A kind of method of the user terminal access public network of the Enterprise Mobile private network provided according to embodiments of the present invention, packet
It includes:
When Enterprise Mobile private network base station side receives the uplink public net message of mobile terminal transmission of enterprises user, really
The type of message of the fixed uplink public net message;
Enterprise Mobile private network base station side establishes itself and the enterprise according to the type of message of identified uplink public net message
The agreement of corresponding type of message between the mobile terminal of industry internal user connects, and obtains the enterprise via agreement connection
The uplink protocol massages that the mobile terminal of industry internal user is sent;
The uplink protocol massages are routed to the http proxy server by Enterprise Mobile private network base station side, with toilet
The mobile terminal for stating enterprises user accesses public network via the http proxy server;
Enterprise Mobile private network base station side passes through when receiving the descending protocol message that the http proxy server returns
The descending protocol message is sent to the mobile terminal of the enterprises user by the agreement connection established.
Preferably, the uplink public net message includes destination address information for identifying public network address and for identifying report
The TCP port number information of literary type;The type of message includes HTTP message type and HTTPS type of messages.
Preferably, the Enterprise Mobile private network base station side receives the uplink public affairs that the mobile terminal of enterprises user is sent
When network packet, determine that the type of message of the uplink public net message includes:
When Enterprise Mobile private network base station side receives the uplink public net message of mobile terminal transmission of enterprises user, lead to
It crosses and the uplink public net message is parsed, obtain the destination address and TCP port number of the uplink public net message;
Enterprise Mobile private network base station side utilizes preset public network address library, http port list storehouse and the ports HTTPS
List storehouse carries out matching treatment to obtained destination address and TCP port number;
If obtained destination address and TCP port number match with the public network address library and http port list storehouse,
Enterprise Mobile private network base station side determines that the uplink public net message is HTTP message type;
If obtained destination address and TCP port number match with the public network address library and HTTPS port lists library,
Enterprise Mobile private network base station side determines that the uplink public net message is HTTPS type of messages.
Preferably, the Enterprise Mobile private network base station side is built according to the type of message of identified uplink public net message
The agreement connection of its corresponding type of message between the mobile terminal of the enterprises user is stood, and is connected via the agreement
Obtaining the uplink protocol massages for taking the mobile terminal of the enterprises user to send includes:
Enterprise Mobile private network base station side determine the uplink public net message be HTTP message type when, establish its with it is described
Http protocol connection between the mobile terminal of enterprises user, and obtained in the enterprise via http protocol connection
The uplink http protocol message that the mobile terminal of portion user is sent.
Preferably, the Enterprise Mobile private network base station side is built according to the type of message of identified uplink public net message
The agreement connection of its corresponding type of message between the mobile terminal of the enterprises user is stood, and is connected via the agreement
Obtaining the uplink protocol massages for taking the mobile terminal of the enterprises user to send includes:
When Enterprise Mobile private network base station side determines that the uplink public net message is HTTPS type of messages, itself and institute are established
The ssl protocol connection between the mobile terminal of enterprises user is stated, and is obtained in the enterprise via ssl protocol connection
The uplink ssl protocol message that the mobile terminal of portion user is sent.
Preferably, the Enterprise Mobile private network base station side is in the descending protocol for receiving the http proxy server return
When message, the mobile terminal that the descending protocol message is sent to the enterprises user is connected by the agreement established
Including:
Enterprise Mobile private network base station side when receiving the downlink http protocol message that the http proxy server returns,
The downlink http protocol message is packaged into the downlink user report of the mobile terminal for being sent to the enterprises user
Text, and the downlink user message is sent to the mobile end of the enterprises user by the connection of the http protocol by being established
End.
Preferably, the Enterprise Mobile private network base station side is in the descending protocol for receiving the http proxy server return
When message, the mobile terminal that the descending protocol message is sent to the enterprises user is connected by the agreement established
Including:
Enterprise Mobile private network base station side when receiving the downlink ssl protocol message that the http proxy server returns,
The downlink ssl protocol message is packaged into the downlink user report of the mobile terminal for being sent to the enterprises user
Text, and the downlink user message is sent to the mobile end of the enterprises user by the connection of the ssl protocol by being established
End.
A kind of device of the user terminal access public network of the Enterprise Mobile private network provided according to embodiments of the present invention, packet
It includes:
Determining module, for receive enterprises user mobile terminal send uplink public net message when, determine described in
The type of message of uplink public net message;
Establish agreement link block, for according to the type of message of identified uplink public net message, establish its with it is described
The agreement of corresponding type of message between the mobile terminal of enterprises user connects, and via described in agreement connection acquisition
The uplink protocol massages that the mobile terminal of enterprises user is sent;
Sending module, for the uplink protocol massages to be routed to the http proxy server, so as to the enterprise
The mobile terminal of internal user accesses public network via the http proxy server, and is returned receiving the http proxy server
When the descending protocol message returned, the descending protocol message is sent to by the enterprises by the agreement connection established and is used
The mobile terminal at family.
Preferably, the uplink public net message includes destination address information for identifying public network address and for identifying report
The TCP port number information of literary type;The type of message includes HTTP message type and HTTPS type of messages.
Preferably, the determining module includes:
Resolution unit, for receive enterprises user mobile terminal send uplink public net message when, by institute
It states uplink public net message to be parsed, obtains the destination address and TCP port number of the uplink public net message;
Matching unit, for utilizing preset public network address library, http port list storehouse and HTTPS port lists library,
Matching treatment is carried out to obtained destination address and TCP port number;
Determination unit, for being arranged with the public network address library and http port when obtained destination address and TCP port number
Table storehouse matches, it is determined that the uplink public net message is HTTP message type, and when obtained destination address and TCP port
Number match with the public network address library and HTTPS port lists library, it is determined that the uplink public net message is HTTPS message classes
Type.
Preferably, the agreement link block of establishing includes:
The first agreement connection unit is established, for when it is HTTP message type to determine the uplink public net message, establishing
Its http protocol between the mobile terminal of the enterprises user is connect, and is connected via the http protocol and obtained institute
State the uplink http protocol message that the mobile terminal of enterprises user is sent.
Preferably, the agreement link block of establishing includes:
Second protocol connection unit is established, for when it is HTTPS type of messages to determine the uplink public net message, establishing
Its ssl protocol between the mobile terminal of the enterprises user is connect, and via described in ssl protocol connection acquisition
The uplink ssl protocol message that the mobile terminal of enterprises user is sent.
The scheme provided according to embodiments of the present invention, local network internal user mobile terminal make in mobile network base station side
With local network http proxy server access public network service, the wire transmission bandwidth for making full use of enterprise network to rent originally,
Cost has been saved, while having also allowed for the behavior of local network management and control its internal user mobile network terminal access public network.
Description of the drawings
Fig. 1 is the schematic diagram for the intranet host dereference public network that the prior art provides;
Fig. 2 is the schematic diagram that the intranet host HTTP that the prior art provides accesses website;
Fig. 3 is the schematic diagram that the intranet host HTTPS that the prior art provides accesses website;
Fig. 4 is that the mobile network terminal for the enterprises user that the prior art provides accesses the schematic diagram of public network;
Fig. 5 is a kind of method flow of the user terminal access public network of Enterprise Mobile private network provided in an embodiment of the present invention
Figure;
Fig. 6 is a kind of device signal of the user terminal access public network of Enterprise Mobile private network provided in an embodiment of the present invention
Figure;
Fig. 7 is the signal that enterprises user mobile network terminal provided in an embodiment of the present invention uses http proxy server
Figure;
Fig. 8 is the signal that enterprises user mobile network terminal provided in an embodiment of the present invention uses http proxy server
Figure;
Fig. 9 is the schematic diagram of newly-increased module provided in an embodiment of the present invention;
Figure 10 is the schematic diagram of the newly-increased module deployment in Fig. 9 provided in an embodiment of the present invention;
Figure 11 is that enterprises user HTTP public networks provided in an embodiment of the present invention access uplink message process chart;
Figure 12 is that enterprises user HTTP public networks provided in an embodiment of the present invention access downlink message process chart;
Figure 13 is that internal user HTTPS public networks provided in an embodiment of the present invention access uplink message process chart;
Figure 14 is that enterprises user HTTPS public networks provided in an embodiment of the present invention access downlink message process chart.
Specific implementation mode
Below in conjunction with attached drawing to a preferred embodiment of the present invention will be described in detail, it should be understood that described below is excellent
Select embodiment only for the purpose of illustrating and explaining the present invention and is not intended to limit the present invention.
Fig. 5 is a kind of method flow of the user terminal access public network of Enterprise Mobile private network provided in an embodiment of the present invention
Figure, as shown in figure 5, including:
Step S501:Enterprise Mobile private network base station side receives the uplink public network that the mobile terminal of enterprises user is sent
When message, the type of message of the uplink public net message is determined;
Step S502:Enterprise Mobile private network base station side is established according to the type of message of identified uplink public net message
The agreement of its corresponding type of message between the mobile terminal of the enterprises user connects, and is connected via the agreement
Obtain the uplink protocol massages that the mobile terminal of the enterprises user is sent;
Step S503:The uplink protocol massages are routed to the HTTP Proxy service by Enterprise Mobile private network base station side
Device accesses public network so as to the mobile terminal of the enterprises user via the http proxy server;
Step S504:Enterprise Mobile private network base station side is in the descending protocol report for receiving the http proxy server return
Wen Shi connects the mobile terminal that the descending protocol message is sent to the enterprises user by the agreement established.
Wherein, the uplink public net message includes destination address information for identifying public network address and is used for identification message
The TCP port number information of type.The type of message includes HTTP message type and HTTPS type of messages.
Wherein, the Enterprise Mobile private network base station side receives the uplink public network that the mobile terminal of enterprises user is sent
When message, determine that the type of message of the uplink public net message includes:Enterprise Mobile private network base station side receives enterprises use
When the uplink public net message that the mobile terminal at family is sent, by being parsed to the uplink public net message, the uplink is obtained
The destination address and TCP port number of public net message;Enterprise Mobile private network base station side utilizes preset public network address library, the ends HTTP
Mouth list storehouse and HTTPS port lists library carry out matching treatment to obtained destination address and TCP port number;If obtaining
Destination address and TCP port number match with the public network address library and http port list storehouse, then Enterprise Mobile private network
Base station side determines that the uplink public net message is HTTP message type;If obtained destination address and TCP port number and the public affairs
Net address library and HTTPS port lists library match, then Enterprise Mobile private network base station side determines that the uplink public net message is
HTTPS type of messages.
Wherein, the Enterprise Mobile private network base station side is established according to the type of message of identified uplink public net message
The agreement of its corresponding type of message between the mobile terminal of the enterprises user connects, and is connected via the agreement
Obtain the enterprises user mobile terminal send uplink protocol massages include:Enterprise Mobile private network base station side determines
When the uplink public net message is HTTP message type, its HTTP between the mobile terminal of the enterprises user is established
Agreement connects, and the uplink HTTP associations sent via the mobile terminal of the http protocol connection acquisition enterprises user
Discuss message.The Enterprise Mobile private network base station side when receiving the descending protocol message that the http proxy server returns,
It is connected by the agreement established and the descending protocol message is sent to the mobile terminal of the enterprises user includes:Enterprise
Industry moves private network base station side when receiving the downlink http protocol message that the http proxy server returns, by the downlink
Http protocol message is packaged into the downlink user message of the mobile terminal for being sent to the enterprises user, and passes through institute
The downlink user message is sent to the mobile terminal of the enterprises user by the http protocol connection of foundation.
Wherein, the Enterprise Mobile private network base station side is established according to the type of message of identified uplink public net message
The agreement of its corresponding type of message between the mobile terminal of the enterprises user connects, and is connected via the agreement
Obtain the enterprises user mobile terminal send uplink protocol massages include:Enterprise Mobile private network base station side determines
When the uplink public net message is HTTPS type of messages, its SSL between the mobile terminal of the enterprises user is established
Agreement connects, and the uplink ssl protocol sent via the mobile terminal of the ssl protocol connection acquisition enterprises user
Message.The Enterprise Mobile private network base station side is led to when receiving the descending protocol message that the http proxy server returns
Crossing the mobile terminal that the descending protocol message is sent to the enterprises user by established agreement connection includes:Enterprise
Mobile private network base station side is when receiving the downlink ssl protocol message that the http proxy server returns, by the downlink SSL
Protocol massages are packaged into the downlink user message of the mobile terminal for being sent to the enterprises user, and by being established
Ssl protocol connection the downlink user message is sent to the mobile terminal of the enterprises user.
Fig. 6 is a kind of device signal of the user terminal access public network of Enterprise Mobile private network provided in an embodiment of the present invention
Figure, as shown in fig. 6, including:Determining module 601, the uplink public network report that the mobile terminal for receiving enterprises user is sent
Wen Shi determines the type of message of the uplink public net message;Agreement link block 602 is established, for according to identified uplink
The type of message of public net message establishes the agreement of its corresponding type of message between the mobile terminal of the enterprises user
Connection, and the uplink protocol massages sent via the mobile terminal of the agreement connection acquisition enterprises user;It sends
Module 603, for the uplink protocol massages to be routed to the http proxy server, so as to the enterprises user's
Mobile terminal accesses public network via the http proxy server, and is assisted receiving the downlink that the http proxy server returns
When discussing message, the mobile end that the descending protocol message is sent to the enterprises user is connected by the agreement established
End.
Wherein, the uplink public net message includes destination address information for identifying public network address and is used for identification message
The TCP port number information of type;The type of message includes HTTP message type and HTTPS type of messages.
Wherein, the determining module 601 includes:Resolution unit, the mobile terminal for receiving enterprises user are sent
Uplink public net message when, by being parsed to the uplink public net message, obtain the destination of the uplink public net message
Location and TCP port number;Matching unit, for being arranged using preset public network address library, http port list storehouse and the ports HTTPS
Table storehouse carries out matching treatment to obtained destination address and TCP port number;Determination unit, for when obtained destination address
Match with TCP port number and the public network address library and http port list storehouse, it is determined that the uplink public net message is
HTTP message type, and when obtained destination address and TCP port number and the public network address library and HTTPS port lists library
Match, it is determined that the uplink public net message is HTTPS type of messages.
Wherein, the agreement link block 602 of establishing includes:
The first agreement connection unit is established, for when it is HTTP message type to determine the uplink public net message, establishing
Its http protocol between the mobile terminal of the enterprises user is connect, and is connected via the http protocol and obtained institute
State the uplink http protocol message that the mobile terminal of enterprises user is sent.
Wherein, the agreement link block 602 of establishing further includes:
Second protocol connection unit is established, for when it is HTTPS type of messages to determine the uplink public net message, establishing
Its ssl protocol between the mobile terminal of the enterprises user is connect, and via described in ssl protocol connection acquisition
The uplink ssl protocol message that the mobile terminal of enterprises user is sent.
Wherein, the sending module 603 is specifically used in the downlink HTTP associations for receiving the http proxy server return
When discussing message, the downlink http protocol message is packaged into for being sent under the mobile terminal of the enterprises user
Row user's message, and the downlink user message is sent to the enterprises user by the connection of the http protocol by being established
Mobile terminal.
Wherein, the sending module 603 is also particularly useful in the downlink SSL associations for receiving the http proxy server return
When discussing message, the downlink ssl protocol message is packaged into for being sent under the mobile terminal of the enterprises user
Row user's message, and the downlink user message is sent to the enterprises user by the connection of the ssl protocol by being established
Mobile terminal.
Fig. 7 is the signal that enterprises user mobile network terminal provided in an embodiment of the present invention uses http proxy server
Figure, as shown in fig. 7, the internal user of enterprise network, when accessing public network using mobile network terminal, new equipment simulates public network service
Device is established http protocol with user terminal and is connect, collects User Agreement message;New equipment simulates intranet host proxy surfing row again
To access public network by http proxy server.
HTTP is accessed, new equipment simulation public network server is established HTTP with user terminal and connect, and user terminal is collected
HTTP request message;Then new equipment simulates intranet host, establishes HTTP with http proxy server and connect, the use that will be collected
Family terminal HTTP message is sent to after carrying out URL (Uniform resource locator, uniform resource locator) processing
Http proxy server, http proxy server are connect by the HTTP between public network server and issue public network server.With
In the terminal HTTP message of family URL be relative URL, and intranet host be sent to proxy server HTTP message be absolute URL, into
In row URL processing, relative URL in user terminal HTTP message is modified to absolute URL, and collects http proxy server return
Http response message, new equipment simulates public network server again, is connect by the HTTP between user terminal and issues user's end
End.
Fig. 8 is the signal that enterprises user mobile network terminal provided in an embodiment of the present invention uses http proxy server
Figure, as shown in figure 8, the internal user of enterprise network, when accessing public network using mobile network terminal, new equipment simulates public network service
Device is established ssl protocol with user terminal and is connect, collects User Agreement message;New equipment simulates intranet host proxy surfing row again
To access public network by http proxy server.
HTTPS is accessed, new equipment simulation public network server is established SSL with user terminal and connect, and SSL messages are collected;
Then new equipment simulate intranet host, with http proxy server establish HTTP connect and use connect methods request HTTP
Proxy server is established SSL with public network server and is connect, and the user terminal SSL messages collected are sent to http proxy server,
It is connect by the SSL between public network server by http proxy server and issues public network server.Collect HTTP Proxy service
The SSL messages that device returns, new equipment simulate public network server again, are connect by the SSL between user terminal and issue user's end
End.
As shown in Figure 7 and Figure 8, new equipment packet-by-packet analyzes the user uplink message of mobile network base station, identifies internal user
Public network HTTP/HTTPS access message, according to proxy configurations rule, simulation public network server and user terminal establish HTTP or
The HTTP message or SSL messages of user terminal are collected in person's SSL connections;Intranet host is simulated, it is regular according to proxy configurations, with
Http proxy server establishes HTTP connections, and user HTTP or ssl protocol message are sent to http proxy server;It collects
The user's message that proxy server returns simulates public network server, is assisted by the HTTP or SSL that are established before with user terminal
View connection issues user terminal by mobile network base station.
Specifically, include the following steps:
1) identification HTTP/HTTPS public networks access message:Destination address meets public network address configuration rule, and TCP port
Number meet http port list (ACL) regulations or the uplink message of HTTPS port list rules.
2) simulation public network server receives and dispatches HTTP message:Simulation public network server is established HTTP with user terminal and is connect, and receives
Take the http protocol message that user terminal is sent.The user's http protocol message that will be collected from http proxy server, by with
User terminal is issued in the HTTP connections of user terminal.
3) simulation public network server receives and dispatches SSL messages:Simulation public network server is established SSL with user terminal and is connect, and collects
The ssl protocol message that user terminal is sent.The user's ssl protocol message that will be collected from http proxy server, by with user
User terminal is issued in the SSL connections of terminal.
4) HTTP message between the transmitting-receiving of simulated interior host and http proxy server:Simulated interior Host behavior, with
Http proxy server establishes HTTP connections.The user terminal http protocol message that will be collected is sent to after carrying out URL processing
Http proxy server;Collect the http protocol message of http proxy server return.
5) SSL messages between the transmitting-receiving of simulated interior host and http proxy server:Simulated interior Host behavior, with HTTP
Proxy server establishes HTTP connections and establishes SSL with public network server using CONNECT method request agency servers and connect.
The user terminal ssl protocol message that will be collected, is connect by the HTTP with proxy server and is sent to http proxy server;It receives
The ssl protocol message for taking http proxy server to return.
Fig. 9 is the schematic diagram of newly-increased module provided in an embodiment of the present invention, as shown in figure 9, including:Rule configuration module,
User's message proxy module, uplink message processing module and downlink message processing module.
Rule configuration module provides public network address rule, http port list, HTTPS port lists and HTTP Proxy clothes
Business device rule.Public network address rule, configuration address information, these addresses will access public network by http proxy server.Specifically
When implementation, the configuration method of similar intranet host, i.e. configuration exception address list can be used, in addition to this, with being accordingly to be regarded as public network
Location;The method that display can also be used to indicate, that is, it is public network address to clearly indicate which subnet.Http port list configuration which
TCP port is http port.It is the ports HTTPS which TCP port HTTPS port lists, which configure,.Http proxy server rule
Http proxy server address and port numbers are configured, allow to configure a plurality of http proxy server configuration record, for dynamically selecting
It selects or load sharing.
Uplink message processing module packet-by-packet analyzes the S1-U uplink messages of internal user, parses the purpose in user's message
Address and TCP port number are identified according to public network address rule and http port list (ACL) regulations, HTTPS port list rules
Row public network HTTP/HTTPS messages extract user's message (IP packet) and issue user's message proxy module.
User's message proxy module is divided into HTTP message proxy module and HTTPS message proxy modules.Receive uplink message
After the message that processing module is sent, according to type, dynamic creation HTTP message proxy module and HTTPS message proxy modules.
HTTP message proxy module, simulation public network server are established HTTP with user terminal and are connect, and user terminal is collected
HTTP message is simulated intranet host behavior, is configured according to agent rule, establishing HTTP with http proxy server connect, and will receive
The user terminal HTTP message taken is sent to http proxy server after carrying out URL processing.Collect http proxy server return
Http response message, simulate public network server, connect by the HTTP between user terminal and issue user terminal, message is beaten
Downlink message processing module is sent to after packet.
HTTPS message proxy modules, simulation public network server are established SSL with user terminal and are connect, and user terminal is collected
SSL messages are simulated intranet host behavior, are configured according to agent rule, establishing HTTP with http proxy server connect, and uses
CONNECT methods request http proxy server is established SSL with public network server and is connect, the user terminal SSL messages that will be collected,
It is connect by the HTTP with http proxy server and is sent to http proxy server.Collect the SSL of http proxy server return
Message simulates public network server, is connect by the SSL between user terminal and issue user terminal, and message is sent to down after being packaged
Row message processing module (MPM).
HTTP message proxy module and HTTPS message proxy modules, receive user terminal TCP connection release message when release
It puts, and notifies user's message proxy module.
Downlink message processing module, the user's message that user's message proxy module is sent are packaged into S1-U messages and issue
Mobile network base station is sent to user terminal.
Figure 10 is the schematic diagram of the newly-increased module deployment in Fig. 9 provided in an embodiment of the present invention, as shown in Figure 10, including two
Kind deployment way:Mode 1, together with mobile network base station deployment.Advantage is integrated with mobile network base station, convenient for management;Disadvantage
It is to need to upgrade mobile network base station software version, is unfavorable for disposing.Mode 2, specific installation deployment.Advantage is to mobile network base station
It does not influence, convenient for deployment;The disadvantage is that needing to increase an equipment newly.
Figure 11 is that enterprises user HTTP public networks provided in an embodiment of the present invention access uplink message process chart, such as
Shown in Figure 11, S1 is the logical links between mobile network base station eNB and core net EPC, and S1-U messages refer to the user of S1 chains road
Message encapsulates the IP packet of user terminal, also referred to as user's message in S1-U messages.In this example, the technology of the present invention side
Case receives S1-U uplink messages from mobile network base station eNB, identifies that the uplink HTTP public networks of internal user access message, simulation is public
Proxy server is collected altogether, and by URL processing, simulation intranet host is sent to http proxy server and accesses public network.It specifically includes:
Step 1101:UE sends blank-interface text, carries user's message (user's HTTP message);
Step 1102:User's message (user's HTTP message) is extracted in mobile network base station, is packaged into S1-U transmissions;
Step 1103:Uplink message processing module packet-by-packet analyzes the S1-U uplink messages of internal user, parses internal use
Destination address in the message of family and TCP port number identify uplink HTTP public net messages;
Step 1104:User's message (user's HTTP message) is issued user's message and acts on behalf of mould by uplink message processing module
Block;
Step 1105:User's message proxy module checks for the HTTP message proxy module of user connection, does not have
Have, creates the HTTP message proxy module of user connection;
Step 1106:User's message proxy module is given to the processing of HTTP message proxy module;
Step 1107:HTTP message proxy module simulates public network server, and establishment is connect with the HTTP of UE;
Step 1108:HTTP between UE and HTTP message proxy module, which is connected, to be created successfully.UE and HTTP message act on behalf of mould
Message between block will be sent by this HTTP connection;
Step 1109:HTTP message proxy module is initiated to establish and be connect with the HTTP of http proxy server;
Step 1110:HTTP message proxy module collects user's HTTP message;
Step 1111:User's HTTP message that HTTP message proxy module will be collected is sent to after carrying out URL processing
Http proxy server.
Figure 12 is that internal user HTTP public networks provided in an embodiment of the present invention access downlink message process chart, such as Figure 12
It is shown, in the HTTP message for receiving http proxy server return, public network server is simulated, is connect by the HTTP between UE
User terminal is issued, user's message, which is packaged into S1-U downlink messages, is sent to mobile network base station.It specifically includes:
Step 1201:UE connect with the HTTP of HTTP message proxy module and has been established;
Step 1202:The HTTP of HTTP message proxy module and http proxy server connections have been established;
Step 1203:Http proxy server sends http response message and gives HTTP message proxy module;
Step 1204:HTTP message proxy module collects http response message;
Step 1205:The http response message collected is packaged into the user's message for issuing UE by HTTP message proxy module
(user's IP packet);
Step 1206:User's message is issued downlink processing module by HTTP message proxy module;
Step 1207:Downlink processing module is packaged into S1-U downlink messages and is sent to mobile network base station;
Step 1208:User's message is extracted in mobile network base station, and UE is carried to by blank-interface text.
Figure 13 is that internal user HTTPS public networks provided in an embodiment of the present invention access uplink message process chart, is such as schemed
Shown in 13, S1-U uplink messages are received from mobile network base station eNB, identify the uplink HTTPS public net messages of internal user, are simulated
Public proxy server is collected, then is simulated intranet host and be sent to http proxy server access public network.It specifically includes:
Step 1301:UE sends blank-interface text, carries user's message (user SSL messages);
Step 1302:User's message (user SSL messages) is extracted in mobile network base station, is packaged into S1-U transmissions;
Step 1303:Uplink message processing module packet-by-packet analyzes the S1-U uplink messages of internal user, parses internal use
Destination address in the message of family and TCP port number identify uplink HTTPS public net messages;
Step 1304:User's message (user SSL messages) is issued user's message proxy module by uplink message processing module;
Step 1305:User's message proxy module checks for the HTTPS message proxy modules of user connection, does not have
Have, creates the HTTPS message proxy modules of user connection;
Step 1306:User's message proxy module is given to the processing of HTTPS message proxy modules;
Step 1307:HTTPS message proxy modules simulate public network server, and establishment is connect with the SSL of UE;
Step 1308:SSL between UE with HTTPS message proxy modules, which is connected, to be created successfully.UE and HTTPS messages act on behalf of mould
Message between block will be sent by this SSL connection;
Step 1309:HTTPS message proxy modules are initiated to establish and be connect with the HTTP of http proxy server, and are passed through
The request http proxy server foundation of CONNECT methods is connect with the SSL of public network server;
Step 1310:HTTPS message proxy modules collect user's SSL messages;
Step 1311:The user's SSL messages collected are sent to http proxy server by HTTPS messages proxy module.
Figure 14 is that internal user HTTPS public networks provided in an embodiment of the present invention access downlink message process chart, is such as schemed
Shown in 14, in the SSL messages for receiving http proxy server return, public network server is simulated, is connect by the SSL between UE
User terminal is issued, user's message, which is packaged into S1-U downlink messages, is sent to mobile network base station.It specifically includes:
Step 1401:UE connect with the SSL of HTTPS message proxy modules and has been established;
Step 1402:The HTTP of HTTPS messages proxy module and http proxy server connections have been established;
Step 1403:Http proxy server sends SSL messages and gives HTTPS message proxy modules;
Step 1404:HTTPS message proxy modules collect SSL messages;
Step 1405:The SSL messages collected are packaged into the user's message (user for issuing UE by HTTPS messages proxy module
IP packet);
Step 1406:User's message is issued downlink processing module by HTTPS messages proxy module;
Step 1407:Downlink processing module is packaged into S1-U downlink messages and is sent to mobile network base station;
Step 1408:User's message is extracted in mobile network base station, and UE is carried to by blank-interface text.
The scheme provided according to embodiments of the present invention, enterprise network internal user mobile terminal make in mobile network base station side
With enterprise network http proxy server access public network service, the wire transmission bandwidth for making full use of enterprise network to rent originally,
Cost has been saved, while having also allowed for the behavior of enterprise network management and control its internal user mobile network terminal access public network.
Although describing the invention in detail above, but the invention is not restricted to this, those skilled in the art of the present technique
It can be carry out various modifications with principle according to the present invention.Therefore, all to be changed according to made by the principle of the invention, all it should be understood as
Fall into protection scope of the present invention.
Claims (12)
1. a kind of method of the user terminal access public network of Enterprise Mobile private network, including:
When Enterprise Mobile private network base station side receives the uplink public net message of mobile terminal transmission of enterprises user, institute is determined
State the type of message of uplink public net message;
Enterprise Mobile private network base station side according to the type of message of identified uplink public net message, establish its in the enterprise
The agreement of corresponding type of message between the mobile terminal of portion user connects, and is obtained in the enterprise via agreement connection
The uplink protocol massages that the mobile terminal of portion user is sent;
The uplink protocol massages are routed to the http proxy server by Enterprise Mobile private network base station side, so as to the enterprise
The mobile terminal of industry internal user accesses public network via the http proxy server;
Enterprise Mobile private network base station side is when receiving the descending protocol message that the http proxy server returns, by being built
The descending protocol message is sent to the mobile terminal of the enterprises user by vertical agreement connection;
Wherein, the HTTP refers to hypertext transfer protocol.
2. according to the method described in claim 1, the uplink public net message includes the destination address for identifying public network address
Information and TCP port number information for identification message type;The type of message includes HTTP message type and HTTPS messages
Type;
Wherein, the TCP refers to transmission control protocol;The HTTPS refers to Hyper text transfer security protocol.
3. according to the method described in claim 2, the Enterprise Mobile private network base station side receives the movement of enterprises user
When the uplink public net message that terminal is sent, determine that the type of message of the uplink public net message includes:
When Enterprise Mobile private network base station side receives the uplink public net message of mobile terminal transmission of enterprises user, by right
The uplink public net message is parsed, and the destination address and TCP port number of the uplink public net message are obtained;
Enterprise Mobile private network base station side utilizes preset public network address library, http port list storehouse and HTTPS port lists
Library carries out matching treatment to obtained destination address and TCP port number;
If obtained destination address and TCP port number match with the public network address library and http port list storehouse, enterprise
Mobile private network base station side determines that the uplink public net message is HTTP message type;
If obtained destination address and TCP port number match with the public network address library and HTTPS port lists library, enterprise
Mobile private network base station side determines that the uplink public net message is HTTPS type of messages.
4. according to the method described in claim 3, the Enterprise Mobile private network base station side is according to identified uplink public network report
The type of message of text establishes the agreement connection of its corresponding type of message between the mobile terminal of the enterprises user,
And the uplink protocol massages that the mobile terminal that the enterprises user is obtained via agreement connection is sent include:
When Enterprise Mobile private network base station side determines that the uplink public net message is HTTP message type, itself and the enterprise are established
Http protocol connection between the mobile terminal of internal user, and obtain the enterprises via http protocol connection and use
The uplink http protocol message that the mobile terminal at family is sent.
5. according to the method described in claim 3, the Enterprise Mobile private network base station side is according to identified uplink public network report
The type of message of text establishes the agreement connection of its corresponding type of message between the mobile terminal of the enterprises user,
And the uplink protocol massages that the mobile terminal that the enterprises user is obtained via agreement connection is sent include:
When Enterprise Mobile private network base station side determines that the uplink public net message is HTTPS type of messages, itself and the enterprise are established
Ssl protocol connection between the mobile terminal of industry internal user, and obtain the enterprises via ssl protocol connection and use
The uplink ssl protocol message that the mobile terminal at family is sent;
Wherein, the SSL refers to Secure Socket Layer.
6. according to the method described in claim 4, the Enterprise Mobile private network base station side is receiving the HTTP Proxy service
When the descending protocol message that device returns, is connected by the agreement established and the descending protocol message is sent in the enterprise
The mobile terminal of portion user includes:
Enterprise Mobile private network base station side is when receiving the downlink http protocol message that the http proxy server returns, by institute
The downlink user message for the mobile terminal that downlink http protocol message is packaged into for being sent to the enterprises user is stated, and
The mobile terminal that the downlink user message is sent to the enterprises user is connected by the http protocol established.
7. according to the method described in claim 5, the Enterprise Mobile private network base station side is receiving the HTTP Proxy service
When the descending protocol message that device returns, is connected by the agreement established and the descending protocol message is sent in the enterprise
The mobile terminal of portion user includes:
Enterprise Mobile private network base station side is when receiving the downlink ssl protocol message that the http proxy server returns, by institute
The downlink user message for the mobile terminal that downlink ssl protocol message is packaged into for being sent to the enterprises user is stated, and
The mobile terminal that the downlink user message is sent to the enterprises user is connected by the ssl protocol established.
8. a kind of device of the user terminal access public network of Enterprise Mobile private network, including:
Determining module, for receive enterprises user mobile terminal send uplink public net message when, determine the uplink
The type of message of public net message;
Agreement link block is established, for the type of message according to identified uplink public net message, establishes itself and the enterprise
The agreement of corresponding type of message between the mobile terminal of internal user connects, and obtains the enterprise via agreement connection
The uplink protocol massages that the mobile terminal of internal user is sent;
Sending module, for the uplink protocol massages to be routed to the http proxy server, so as to the enterprises
The mobile terminal of user accesses public network via the http proxy server, and is receiving what the http proxy server returned
When descending protocol message, is connected by the agreement established and the descending protocol message is sent to the enterprises user's
Mobile terminal;
Wherein, the HTTP refers to hypertext transfer protocol.
9. device according to claim 8, the uplink public net message includes the destination address for identifying public network address
Information and TCP port number information for identification message type;The type of message includes HTTP message type and HTTPS messages
Type;
Wherein, the TCP refers to transmission control protocol;The HTTPS refers to Hyper text transfer security protocol.
10. device according to claim 8, the determining module include:
Resolution unit, when the uplink public net message that the mobile terminal for receiving enterprises user is sent, by described
Row public net message is parsed, and the destination address and TCP port number of the uplink public net message are obtained;
Matching unit, for utilizing preset public network address library, http port list storehouse and HTTPS port lists library, to institute
Obtained destination address and TCP port number carries out matching treatment;
Determination unit, for when obtained destination address and TCP port number and the public network address library and http port list storehouse
Match, it is determined that the uplink public net message is HTTP message type, and when obtained destination address and TCP port number with
The public network address library and HTTPS port lists library match, it is determined that the uplink public net message is HTTPS type of messages.
11. device according to claim 10, the agreement link block of establishing include:
Establish the first agreement connection unit, for when determine the uplink public net message be HTTP message type when, establish its with
Http protocol connection between the mobile terminal of the enterprises user, and obtain the enterprise via http protocol connection
The uplink http protocol message that the mobile terminal of industry internal user is sent.
12. device according to claim 10, the agreement link block of establishing include:
Establish second protocol connection unit, for when determine the uplink public net message be HTTPS type of messages when, establish its with
Ssl protocol connection between the mobile terminal of the enterprises user, and obtain the enterprise via ssl protocol connection
The uplink ssl protocol message that the mobile terminal of internal user is sent;
Wherein, the SSL refers to Secure Socket Layer.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710081308.7A CN108696546B (en) | 2017-02-15 | 2017-02-15 | Method and device for accessing public network by user terminal of enterprise mobile private network |
PCT/CN2018/075548 WO2018149342A1 (en) | 2017-02-15 | 2018-02-07 | Public network accessing method and device and computer storage medium for user terminal of mobile private network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710081308.7A CN108696546B (en) | 2017-02-15 | 2017-02-15 | Method and device for accessing public network by user terminal of enterprise mobile private network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108696546A true CN108696546A (en) | 2018-10-23 |
CN108696546B CN108696546B (en) | 2021-08-24 |
Family
ID=63169126
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710081308.7A Active CN108696546B (en) | 2017-02-15 | 2017-02-15 | Method and device for accessing public network by user terminal of enterprise mobile private network |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN108696546B (en) |
WO (1) | WO2018149342A1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109587204A (en) * | 2017-09-29 | 2019-04-05 | 中兴通讯股份有限公司 | A kind of method, apparatus and electronic equipment accessing public network |
CN111405615A (en) * | 2020-03-19 | 2020-07-10 | 联想(北京)有限公司 | Communication data transmission method, device and storage medium |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113301106A (en) * | 2021-03-23 | 2021-08-24 | 阿里巴巴新加坡控股有限公司 | Operation and maintenance processing system, method and device |
CN113364842B (en) * | 2021-05-31 | 2022-12-16 | 深圳市光网世纪科技有限公司 | Network data transmission method |
CN113900978B (en) * | 2021-10-27 | 2024-05-10 | 海光信息技术股份有限公司 | Data transmission method, device and chip |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030191935A1 (en) * | 2002-04-05 | 2003-10-09 | Ferguson Derek M. | Pre-authenticated communication within a secure computer network |
CN101052022A (en) * | 2006-04-05 | 2007-10-10 | 华为技术有限公司 | System and method for virtual special net user to access public net |
CN102316153A (en) * | 2010-06-30 | 2012-01-11 | 丛林网络公司 | To the local dynamically VPN networking client of structure demonstration that inserts of webpage mail |
CN102835093A (en) * | 2010-04-15 | 2012-12-19 | 微软公司 | Method and system for reliable protocol tunneling over http |
CN103118147A (en) * | 2013-01-24 | 2013-05-22 | 中国联合网络通信集团有限公司 | Method, equipment and system for accessing intranet server |
US8498626B1 (en) * | 2012-12-10 | 2013-07-30 | Verizon Patent And Licensing Inc. | Service-based access for enterprise private network devices to service provider network services |
CN103475699A (en) * | 2013-08-27 | 2013-12-25 | 北京创毅讯联科技股份有限公司 | Enterprise network agent device and method for enterprise network to communicate with public network |
KR101472964B1 (en) * | 2013-12-11 | 2014-12-16 | 콘텔라 주식회사 | Security system and security method for enterprise communication service using mobile communication network |
CN104798355A (en) * | 2012-09-18 | 2015-07-22 | 思杰***有限公司 | Mobile device management and security |
CN106302839A (en) * | 2015-05-12 | 2017-01-04 | 中兴通讯股份有限公司 | The distribution method of internet protocol address and device |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6397259B1 (en) * | 1998-05-29 | 2002-05-28 | Palm, Inc. | Method, system and apparatus for packet minimized communications |
CN100372323C (en) * | 2003-06-12 | 2008-02-27 | 华为技术有限公司 | A method for accessing server group |
US8819233B2 (en) * | 2011-03-11 | 2014-08-26 | Qualcomm Incorporated | System and method using a web proxy-server to access a device having an assigned network address |
US9935879B2 (en) * | 2012-12-29 | 2018-04-03 | Netronome Systems, Inc. | Efficient intercept of connection-based transport layer connections |
CN106101015B (en) * | 2016-07-19 | 2020-08-14 | 广东药科大学 | Mobile internet traffic class marking method and system |
-
2017
- 2017-02-15 CN CN201710081308.7A patent/CN108696546B/en active Active
-
2018
- 2018-02-07 WO PCT/CN2018/075548 patent/WO2018149342A1/en active Application Filing
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030191935A1 (en) * | 2002-04-05 | 2003-10-09 | Ferguson Derek M. | Pre-authenticated communication within a secure computer network |
CN101052022A (en) * | 2006-04-05 | 2007-10-10 | 华为技术有限公司 | System and method for virtual special net user to access public net |
CN102835093A (en) * | 2010-04-15 | 2012-12-19 | 微软公司 | Method and system for reliable protocol tunneling over http |
CN102316153A (en) * | 2010-06-30 | 2012-01-11 | 丛林网络公司 | To the local dynamically VPN networking client of structure demonstration that inserts of webpage mail |
CN104798355A (en) * | 2012-09-18 | 2015-07-22 | 思杰***有限公司 | Mobile device management and security |
US8498626B1 (en) * | 2012-12-10 | 2013-07-30 | Verizon Patent And Licensing Inc. | Service-based access for enterprise private network devices to service provider network services |
CN103118147A (en) * | 2013-01-24 | 2013-05-22 | 中国联合网络通信集团有限公司 | Method, equipment and system for accessing intranet server |
CN103475699A (en) * | 2013-08-27 | 2013-12-25 | 北京创毅讯联科技股份有限公司 | Enterprise network agent device and method for enterprise network to communicate with public network |
KR101472964B1 (en) * | 2013-12-11 | 2014-12-16 | 콘텔라 주식회사 | Security system and security method for enterprise communication service using mobile communication network |
CN106302839A (en) * | 2015-05-12 | 2017-01-04 | 中兴通讯股份有限公司 | The distribution method of internet protocol address and device |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109587204A (en) * | 2017-09-29 | 2019-04-05 | 中兴通讯股份有限公司 | A kind of method, apparatus and electronic equipment accessing public network |
CN109587204B (en) * | 2017-09-29 | 2021-11-02 | 中兴通讯股份有限公司 | Method and device for accessing public network and electronic equipment |
CN111405615A (en) * | 2020-03-19 | 2020-07-10 | 联想(北京)有限公司 | Communication data transmission method, device and storage medium |
CN111405615B (en) * | 2020-03-19 | 2021-10-22 | 联想(北京)有限公司 | Communication data transmission method, device and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN108696546B (en) | 2021-08-24 |
WO2018149342A1 (en) | 2018-08-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108696546A (en) | A kind of method and device of the user terminal access public network of Enterprise Mobile private network | |
CN101702717B (en) | Method, system and equipment for authenticating Portal | |
CN108270882A (en) | The analysis method and device of domain name, storage medium, electronic device | |
CN101138219B (en) | Communication method and system with client computer by network | |
CN108156210B (en) | Target resource acquisition method and device | |
CN111130931B (en) | Detection method and device for illegal external connection equipment | |
EP3520444B1 (en) | Enhancement of traffic detection and routing in virtualized environment | |
CN104823470A (en) | System and method for correlating network information with subscriber information in mobile network environment | |
CN103931162B (en) | The method and the network equipment of processing business | |
CN106899500B (en) | Message processing method and device for cross-virtual extensible local area network | |
CN102739684A (en) | Portal authentication method based on virtual IP address, and server thereof | |
CN105635073B (en) | Access control method and device and network access equipment | |
CN107463453A (en) | Method, apparatus, equipment and the storage medium to be communicated between same terminal different application | |
CN103442358A (en) | Method for local forwarding concentrated authentication and control device | |
CN101741902B (en) | System and method for Internet terminal to quickly access to Internet server | |
CN102547553B (en) | Method, system and device for accessing service based on wireless application protocol (WAP) | |
CN104811439A (en) | Portal authentication method and device | |
CN104488232A (en) | Device and method for interconnecting two subnetworks | |
CN109587204B (en) | Method and device for accessing public network and electronic equipment | |
CN109660459B (en) | Physical gateway and method for multiplexing IP address | |
CN109495978B (en) | Data transmission method and device | |
CN104580178A (en) | Method and equipment for Portal authentication | |
CN105827470A (en) | Method and device for identifying abnormal network interconnection traffic | |
CN105516121B (en) | The method and system that AC is communicated with AP in WLAN | |
CN114710560A (en) | Data processing method and system, proxy equipment and terminal equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |