| 发明名称 |
NETWORK ADDRESS TRANSLATION |
| 摘要 |
A method including receiving, at a virtual private network (VPN) server, an encapsulated packet on one of the ingress addresses wherein the ingress address is associated with the packet information. After processing the packet at the VPN server, the packet source address is transformed to the address of the ingress port before transmitting the packet over a network. The process may be effectuated in the operating system's kernel. The association step may include tracking the ingress port in a data store, or tagging the packet with the ingress address so it can be later used to modify the source address. Transforming may include swapping TCP source and destination port information, changing an IP or TCP header checksum, changing a TCP sequence and acknowledgment number, or changing an IP addresses contained in the data payload. |
| 申请公布号 |
US2017012937(A1) |
申请公布日期 |
2017.01.12 |
| 申请号 |
US201615204904 |
申请日期 |
2016.07.07 |
| 申请人 |
OpenVPN Technologies, Inc. |
发明人 |
DINHA Francis;Yonan James |
| 分类号 |
H04L29/12;H04L12/46;H04L12/741 |
主分类号 |
H04L29/12 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method including:
receiving, at a virtual private network (VPN) server, an encapsulated packet on one of a plurality of ingress addresses; associating the one of the plurality of ingress addresses with the packet; decrypting the payload information; transforming the packet source address to the one of a plurality of ingress addresses, and routing the packet to a remote destination. |
| 地址 |
Pleasanton CA US |
