发明名称 |
Gateway device for terminating a large volume of VPN connections |
摘要 |
A VPN gateway device is able to assign, manage, and terminate a large volume of connections from apps executing on devices, enabling a large scale per-app VPN mobile environment. When a mobile device user opens an app on a mobile device, a VPN gateway transmits a unique IP address to the app. The gateway also transmits an app federation cookie to the app. The app shares the app federation cookie with a second app. The VPN gateway then assigns the second app the same unique IP address. The gateway then transmits a range of ports to the first app. The app uses a port in the range of ports for data transmission from the device to the VPN gateway. The gateway receives a data transmission from the first app via a VPN and determines that the data transmission originated from the first app based on the source port. |
申请公布号 |
US8997208(B2) |
申请公布日期 |
2015.03.31 |
申请号 |
US201414459976 |
申请日期 |
2014.08.14 |
申请人 |
Mocana Corporation |
发明人 |
Champagne Timothy S.;Fox Kevin P.;Murphy Daniel;Pescatore Brian H.;Wante Kenneth J. |
分类号 |
G06F21/00;H04L29/06;H04W76/02;H04L29/12 |
主分类号 |
G06F21/00 |
代理机构 |
Beyer Law Group LLP |
代理人 |
Beyer Law Group LLP |
主权项 |
1. A method of communicating through a virtual private network (VPN) tunnel between a first application (app) on a device and a VPN gateway, the method comprising:
transmitting an internally unique internet protocol (IP) address from the VPN gateway to the first app; transmitting an app federation cookie from the VPN gateway to the first app after determining that the first app is in a federation of wrapped apps on the device; sharing the app federation cookie with a second app in the federation of wrapped apps; assigning the second app the same internally unique IP address; transmitting a first range of ports to the first app, wherein the first app uses a port in the first port range as a source port for data transmission from the first app to the VPN gateway, wherein the first port range comprises a plurality of ports not included in a second port range transmitted to the second app having the same internally unique IP address as the first app; receiving, at the VPN gateway, a data transmission from the first app; and determining, at the VPN gateway, that the data transmission originated from the first app based on the source port. |
地址 |
San Francisco CA US |